From bugzilla at redhat.com Mon Aug 2 20:48:06 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 2 Aug 2010 16:48:06 -0400 Subject: [RHSA-2010:0580-01] Important: tomcat5 security update Message-ID: <201008022048.o72Km6Ub031928@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: tomcat5 security update Advisory ID: RHSA-2010:0580-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0580.html Issue date: 2010-08-02 CVE Names: CVE-2009-2693 CVE-2009-2696 CVE-2009-2902 CVE-2010-2227 ===================================================================== 1. Summary: Updated tomcat5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. A flaw was found in the way Tomcat handled the Transfer-Encoding header in HTTP requests. A specially-crafted HTTP request could prevent Tomcat from sending replies, or cause Tomcat to return truncated replies, or replies containing data related to the requests of other users, for all subsequent HTTP requests. (CVE-2010-2227) The Tomcat security update RHSA-2009:1164 did not, unlike the erratum text stated, provide a fix for CVE-2009-0781, a cross-site scripting (XSS) flaw in the examples calendar application. With some web browsers, remote attackers could use this flaw to inject arbitrary web script or HTML via the "time" parameter. (CVE-2009-2696) Two directory traversal flaws were found in the Tomcat deployment process. A specially-crafted WAR file could, when deployed, cause a file to be created outside of the web root into any directory writable by the Tomcat user, or could lead to the deletion of files in the Tomcat host's work directory. (CVE-2009-2693, CVE-2009-2902) Users of Tomcat should upgrade to these updated packages, which contain backported patches to resolve these issues. Tomcat must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 559738 - CVE-2009-2693 tomcat: unexpected file deletion and/or alteration 559761 - CVE-2009-2902 tomcat: unexpected file deletion in work directory 612799 - CVE-2010-2227 tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header 616717 - CVE-2009-2696 tomcat: missing fix for CVE-2009-0781 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/tomcat5-5.5.23-0jpp.9.el5_5.src.rpm i386: tomcat5-debuginfo-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp.9.el5_5.i386.rpm x86_64: tomcat5-debuginfo-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp.9.el5_5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/tomcat5-5.5.23-0jpp.9.el5_5.src.rpm i386: tomcat5-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-admin-webapps-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-common-lib-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-debuginfo-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-jasper-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-jasper-javadoc-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-server-lib-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-webapps-5.5.23-0jpp.9.el5_5.i386.rpm x86_64: tomcat5-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-admin-webapps-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-common-lib-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-debuginfo-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-jasper-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-jasper-javadoc-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-server-lib-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-webapps-5.5.23-0jpp.9.el5_5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/tomcat5-5.5.23-0jpp.9.el5_5.src.rpm i386: tomcat5-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-admin-webapps-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-common-lib-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-debuginfo-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-jasper-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-jasper-javadoc-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-server-lib-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.9.el5_5.i386.rpm tomcat5-webapps-5.5.23-0jpp.9.el5_5.i386.rpm ia64: tomcat5-5.5.23-0jpp.9.el5_5.ia64.rpm tomcat5-admin-webapps-5.5.23-0jpp.9.el5_5.ia64.rpm tomcat5-common-lib-5.5.23-0jpp.9.el5_5.ia64.rpm tomcat5-debuginfo-5.5.23-0jpp.9.el5_5.ia64.rpm tomcat5-jasper-5.5.23-0jpp.9.el5_5.ia64.rpm tomcat5-jasper-javadoc-5.5.23-0jpp.9.el5_5.ia64.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp.9.el5_5.ia64.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.9.el5_5.ia64.rpm tomcat5-server-lib-5.5.23-0jpp.9.el5_5.ia64.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp.9.el5_5.ia64.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.9.el5_5.ia64.rpm tomcat5-webapps-5.5.23-0jpp.9.el5_5.ia64.rpm ppc: tomcat5-5.5.23-0jpp.9.el5_5.ppc.rpm tomcat5-5.5.23-0jpp.9.el5_5.ppc64.rpm tomcat5-admin-webapps-5.5.23-0jpp.9.el5_5.ppc.rpm tomcat5-common-lib-5.5.23-0jpp.9.el5_5.ppc.rpm tomcat5-debuginfo-5.5.23-0jpp.9.el5_5.ppc.rpm tomcat5-debuginfo-5.5.23-0jpp.9.el5_5.ppc64.rpm tomcat5-jasper-5.5.23-0jpp.9.el5_5.ppc.rpm tomcat5-jasper-javadoc-5.5.23-0jpp.9.el5_5.ppc.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp.9.el5_5.ppc.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.9.el5_5.ppc.rpm tomcat5-server-lib-5.5.23-0jpp.9.el5_5.ppc.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp.9.el5_5.ppc.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.9.el5_5.ppc.rpm tomcat5-webapps-5.5.23-0jpp.9.el5_5.ppc.rpm s390x: tomcat5-5.5.23-0jpp.9.el5_5.s390x.rpm tomcat5-admin-webapps-5.5.23-0jpp.9.el5_5.s390x.rpm tomcat5-common-lib-5.5.23-0jpp.9.el5_5.s390x.rpm tomcat5-debuginfo-5.5.23-0jpp.9.el5_5.s390x.rpm tomcat5-jasper-5.5.23-0jpp.9.el5_5.s390x.rpm tomcat5-jasper-javadoc-5.5.23-0jpp.9.el5_5.s390x.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp.9.el5_5.s390x.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.9.el5_5.s390x.rpm tomcat5-server-lib-5.5.23-0jpp.9.el5_5.s390x.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp.9.el5_5.s390x.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.9.el5_5.s390x.rpm tomcat5-webapps-5.5.23-0jpp.9.el5_5.s390x.rpm x86_64: tomcat5-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-admin-webapps-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-common-lib-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-debuginfo-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-jasper-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-jasper-javadoc-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-server-lib-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.9.el5_5.x86_64.rpm tomcat5-webapps-5.5.23-0jpp.9.el5_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-2693.html https://www.redhat.com/security/data/cve/CVE-2009-2696.html https://www.redhat.com/security/data/cve/CVE-2009-2902.html https://www.redhat.com/security/data/cve/CVE-2010-2227.html http://www.redhat.com/security/updates/classification/#important http://tomcat.apache.org/security-5.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMVy7WXlSAg2UNWIIRAlMrAJ418t6HFSMJ1L55tGVpfzX8g47uAQCgtUhT WIf6igz3btTTDXJPjphHO+I= =FFns -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Aug 2 20:51:33 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 2 Aug 2010 16:51:33 -0400 Subject: [RHSA-2010:0582-01] Important: tomcat5 security update Message-ID: <201008022051.o72KpXol027877@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: tomcat5 security update Advisory ID: RHSA-2010:0582-01 Product: Red Hat Application Server Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0582.html Issue date: 2010-08-02 CVE Names: CVE-2009-2693 CVE-2009-2902 CVE-2010-2227 ===================================================================== 1. Summary: Updated tomcat5 packages that fix three security issues are now available for Red Hat Application Server v2. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Application Server v2 4AS - noarch Red Hat Application Server v2 4ES - noarch Red Hat Application Server v2 4WS - noarch 3. Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. A flaw was found in the way Tomcat handled the Transfer-Encoding header in HTTP requests. A specially-crafted HTTP request could prevent Tomcat from sending replies, or cause Tomcat to return truncated replies, or replies containing data related to the requests of other users, for all subsequent HTTP requests. (CVE-2010-2227) Two directory traversal flaws were found in the Tomcat deployment process. A specially-crafted WAR file could, when deployed, cause a file to be created outside of the web root into any directory writable by the Tomcat user, or could lead to the deletion of files in the Tomcat host's work directory. (CVE-2009-2693, CVE-2009-2902) Users of Tomcat should upgrade to these updated packages, which contain backported patches to resolve these issues. Tomcat must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 559738 - CVE-2009-2693 tomcat: unexpected file deletion and/or alteration 559761 - CVE-2009-2902 tomcat: unexpected file deletion in work directory 612799 - CVE-2010-2227 tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header 6. Package List: Red Hat Application Server v2 4AS: Source: ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/tomcat5-5.5.23-0jpp_4rh.17.src.rpm noarch: tomcat5-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-admin-webapps-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jasper-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-webapps-5.5.23-0jpp_4rh.17.noarch.rpm Red Hat Application Server v2 4ES: Source: ftp://updates.redhat.com/enterprise/4ES/en/RHAPS/SRPMS/tomcat5-5.5.23-0jpp_4rh.17.src.rpm noarch: tomcat5-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-admin-webapps-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jasper-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-webapps-5.5.23-0jpp_4rh.17.noarch.rpm Red Hat Application Server v2 4WS: Source: ftp://updates.redhat.com/enterprise/4WS/en/RHAPS/SRPMS/tomcat5-5.5.23-0jpp_4rh.17.src.rpm noarch: tomcat5-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-admin-webapps-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jasper-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.17.noarch.rpm tomcat5-webapps-5.5.23-0jpp_4rh.17.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-2693.html https://www.redhat.com/security/data/cve/CVE-2009-2902.html https://www.redhat.com/security/data/cve/CVE-2010-2227.html http://www.redhat.com/security/updates/classification/#important http://tomcat.apache.org/security-5.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMVy+PXlSAg2UNWIIRAh89AJsGD5NRBA4ABiBP2wniKVCiqR1BFQCghnJK kv7fTR/QJ0yJT3oxdW98N2w= =+oYl -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Aug 2 20:53:23 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 2 Aug 2010 16:53:23 -0400 Subject: [RHSA-2010:0583-01] Important: tomcat5 security update Message-ID: <201008022053.o72KrNc8028230@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: tomcat5 security update Advisory ID: RHSA-2010:0583-01 Product: Red Hat Developer Suite v.3 Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0583.html Issue date: 2010-08-02 CVE Names: CVE-2010-2227 ===================================================================== 1. Summary: Updated tomcat5 packages that fix one security issue are now available for Red Hat Developer Suite 3. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Developer Suite v.3 (AS v.4) - noarch Red Hat Developer Suite v.3 (ES v.4) - noarch Red Hat Developer Suite v.3 (WS v.4) - noarch 3. Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. A flaw was found in the way Tomcat handled the Transfer-Encoding header in HTTP requests. A specially-crafted HTTP request could prevent Tomcat from sending replies, or cause Tomcat to return truncated replies, or replies containing data related to the requests of other users, for all subsequent HTTP requests. (CVE-2010-2227) Users of Tomcat should upgrade to these updated packages, which contain a backported patch to resolve this issue. Tomcat must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 612799 - CVE-2010-2227 tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header 6. Package List: Red Hat Developer Suite v.3 (AS v.4): Source: tomcat5-5.5.23-0jpp_21rh.src.rpm noarch: tomcat5-5.5.23-0jpp_21rh.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_21rh.noarch.rpm tomcat5-jasper-5.5.23-0jpp_21rh.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_21rh.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_21rh.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_21rh.noarch.rpm Red Hat Developer Suite v.3 (ES v.4): Source: tomcat5-5.5.23-0jpp_21rh.src.rpm noarch: tomcat5-5.5.23-0jpp_21rh.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_21rh.noarch.rpm tomcat5-jasper-5.5.23-0jpp_21rh.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_21rh.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_21rh.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_21rh.noarch.rpm Red Hat Developer Suite v.3 (WS v.4): Source: tomcat5-5.5.23-0jpp_21rh.src.rpm noarch: tomcat5-5.5.23-0jpp_21rh.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_21rh.noarch.rpm tomcat5-jasper-5.5.23-0jpp_21rh.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_21rh.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_21rh.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_21rh.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-2227.html http://www.redhat.com/security/updates/classification/#important http://tomcat.apache.org/security-5.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMVzACXlSAg2UNWIIRAt7jAJ9bsPbkbfZlU0bHAQoOQ0UjyhVi0ACfYHDi UFTAUpkPTsyfuCrxvbiecd0= =K/JT -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Aug 2 20:56:57 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 2 Aug 2010 16:56:57 -0400 Subject: [RHSA-2010:0585-01] Moderate: lftp security update Message-ID: <201008022056.o72KuvIY029090@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: lftp security update Advisory ID: RHSA-2010:0585-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0585.html Issue date: 2010-08-02 CVE Names: CVE-2010-2251 ===================================================================== 1. Summary: An updated lftp package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: LFTP is a sophisticated file transfer program for the FTP and HTTP protocols. Like Bash, it has job control and uses the Readline library for input. It has bookmarks, built-in mirroring, and can transfer several files in parallel. It is designed with reliability in mind. It was discovered that lftp trusted the file name provided in the Content-Disposition HTTP header. A malicious HTTP server could use this flaw to write or overwrite files in the current working directory of a victim running lftp, by sending a different file from what the victim requested. (CVE-2010-2251) To correct this flaw, the following changes were made to lftp: the "xfer:clobber" option now defaults to "no", causing lftp to not overwrite existing files, and a new option, "xfer:auto-rename", which defaults to "no", has been introduced to control whether lftp should use server-suggested file names. Refer to the "Settings" section of the lftp(1) manual page for additional details on changing lftp settings. All lftp users should upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 591580 - CVE-2010-2251 lftp: multiple HTTP client download filename vulnerability [OCERT 2010-001] 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/lftp-3.7.11-4.el5_5.3.src.rpm i386: lftp-3.7.11-4.el5_5.3.i386.rpm lftp-debuginfo-3.7.11-4.el5_5.3.i386.rpm x86_64: lftp-3.7.11-4.el5_5.3.x86_64.rpm lftp-debuginfo-3.7.11-4.el5_5.3.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/lftp-3.7.11-4.el5_5.3.src.rpm i386: lftp-3.7.11-4.el5_5.3.i386.rpm lftp-debuginfo-3.7.11-4.el5_5.3.i386.rpm ia64: lftp-3.7.11-4.el5_5.3.ia64.rpm lftp-debuginfo-3.7.11-4.el5_5.3.ia64.rpm ppc: lftp-3.7.11-4.el5_5.3.ppc.rpm lftp-debuginfo-3.7.11-4.el5_5.3.ppc.rpm s390x: lftp-3.7.11-4.el5_5.3.s390x.rpm lftp-debuginfo-3.7.11-4.el5_5.3.s390x.rpm x86_64: lftp-3.7.11-4.el5_5.3.x86_64.rpm lftp-debuginfo-3.7.11-4.el5_5.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-2251.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMVzDuXlSAg2UNWIIRAhrrAJwNjDY4mvdYFR1tP7FcuvBJ68bU/gCeMOMi QbmSJ86CpEbV+fV15w//KYU= =iQsF -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Aug 4 22:20:25 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 4 Aug 2010 16:20:25 -0600 Subject: [RHSA-2010:0603-01] Moderate: gnupg2 security update Message-ID: <201008042220.o74MKQYK004476@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: gnupg2 security update Advisory ID: RHSA-2010:0603-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0603.html Issue date: 2010-08-04 CVE Names: CVE-2010-2547 ===================================================================== 1. Summary: An updated gnupg2 package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A use-after-free flaw was found in the way gpgsm, a Cryptographic Message Syntax (CMS) encryption and signing tool, handled X.509 certificates with a large number of Subject Alternate Names. A specially-crafted X.509 certificate could, when imported, cause gpgsm to crash or, possibly, execute arbitrary code. (CVE-2010-2547) All gnupg2 users should upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 618156 - CVE-2010-2547 GnuPG 2: use-after-free when importing certificate with many alternate names 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/gnupg2-2.0.10-3.el5_5.1.src.rpm i386: gnupg2-2.0.10-3.el5_5.1.i386.rpm gnupg2-debuginfo-2.0.10-3.el5_5.1.i386.rpm x86_64: gnupg2-2.0.10-3.el5_5.1.x86_64.rpm gnupg2-debuginfo-2.0.10-3.el5_5.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/gnupg2-2.0.10-3.el5_5.1.src.rpm i386: gnupg2-2.0.10-3.el5_5.1.i386.rpm gnupg2-debuginfo-2.0.10-3.el5_5.1.i386.rpm ia64: gnupg2-2.0.10-3.el5_5.1.ia64.rpm gnupg2-debuginfo-2.0.10-3.el5_5.1.ia64.rpm ppc: gnupg2-2.0.10-3.el5_5.1.ppc.rpm gnupg2-debuginfo-2.0.10-3.el5_5.1.ppc.rpm s390x: gnupg2-2.0.10-3.el5_5.1.s390x.rpm gnupg2-debuginfo-2.0.10-3.el5_5.1.s390x.rpm x86_64: gnupg2-2.0.10-3.el5_5.1.x86_64.rpm gnupg2-debuginfo-2.0.10-3.el5_5.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-2547.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMWeeeXlSAg2UNWIIRArjUAJ9gK8m3Yr8IdymQsathMcBlFmLsDACgspkq Tw2T0sJAGDP/5gFesM2Ne7Y= =kxV+ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Aug 5 18:08:20 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Aug 2010 12:08:20 -0600 Subject: [RHSA-2010:0606-01] Important: kernel security and bug fix update Message-ID: <201008051808.o75I8KhT010185@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2010:0606-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0606.html Issue date: 2010-08-05 CVE Names: CVE-2010-2248 CVE-2010-2521 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * a flaw was found in the CIFSSMBWrite() function in the Linux kernel Common Internet File System (CIFS) implementation. A remote attacker could send a specially-crafted SMB response packet to a target CIFS client, resulting in a kernel panic (denial of service). (CVE-2010-2248, Important) * buffer overflow flaws were found in the Linux kernel's implementation of the server-side External Data Representation (XDR) for the Network File System (NFS) version 4. An attacker on the local network could send a specially-crafted large compound request to the NFSv4 server, which could possibly result in a kernel panic (denial of service) or, potentially, code execution. (CVE-2010-2521, Important) This update also fixes the following bug: * the rpc_call_async() function in the SUN Remote Procedure Call (RPC) subsystem in the Linux kernel had a reference counting bug. In certain situations, some Network Lock Manager (NLM) messages may have triggered this bug on NFSv2 and NFSv3 servers, leading to a kernel panic (with "kernel BUG at fs/lockd/host.c:[xxx]!" logged to "/var/log/messages"). (BZ#612962) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 608583 - CVE-2010-2248 kernel: cifs: Fix a kernel BUG with remote OS/2 server 612028 - CVE-2010-2521 kernel: nfsd4: bug in read_buf 612962 - [4.4] The kernel BUG occurred with the message 'fs/lockd/host.c:252!' [rhel-4.8.z] 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-89.0.28.EL.src.rpm i386: kernel-2.6.9-89.0.28.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.28.EL.i686.rpm kernel-devel-2.6.9-89.0.28.EL.i686.rpm kernel-hugemem-2.6.9-89.0.28.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.28.EL.i686.rpm kernel-smp-2.6.9-89.0.28.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.28.EL.i686.rpm kernel-xenU-2.6.9-89.0.28.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.28.EL.i686.rpm ia64: kernel-2.6.9-89.0.28.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.28.EL.ia64.rpm kernel-devel-2.6.9-89.0.28.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.28.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.28.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.28.EL.noarch.rpm ppc: kernel-2.6.9-89.0.28.EL.ppc64.rpm kernel-2.6.9-89.0.28.EL.ppc64iseries.rpm kernel-debuginfo-2.6.9-89.0.28.EL.ppc64.rpm kernel-debuginfo-2.6.9-89.0.28.EL.ppc64iseries.rpm kernel-devel-2.6.9-89.0.28.EL.ppc64.rpm kernel-devel-2.6.9-89.0.28.EL.ppc64iseries.rpm kernel-largesmp-2.6.9-89.0.28.EL.ppc64.rpm kernel-largesmp-devel-2.6.9-89.0.28.EL.ppc64.rpm s390: kernel-2.6.9-89.0.28.EL.s390.rpm kernel-debuginfo-2.6.9-89.0.28.EL.s390.rpm kernel-devel-2.6.9-89.0.28.EL.s390.rpm s390x: kernel-2.6.9-89.0.28.EL.s390x.rpm kernel-debuginfo-2.6.9-89.0.28.EL.s390x.rpm kernel-devel-2.6.9-89.0.28.EL.s390x.rpm x86_64: kernel-2.6.9-89.0.28.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.28.EL.x86_64.rpm kernel-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.28.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-smp-2.6.9-89.0.28.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.28.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.28.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-89.0.28.EL.src.rpm i386: kernel-2.6.9-89.0.28.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.28.EL.i686.rpm kernel-devel-2.6.9-89.0.28.EL.i686.rpm kernel-hugemem-2.6.9-89.0.28.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.28.EL.i686.rpm kernel-smp-2.6.9-89.0.28.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.28.EL.i686.rpm kernel-xenU-2.6.9-89.0.28.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.28.EL.i686.rpm noarch: kernel-doc-2.6.9-89.0.28.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.28.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.28.EL.x86_64.rpm kernel-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.28.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-smp-2.6.9-89.0.28.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.28.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.28.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-89.0.28.EL.src.rpm i386: kernel-2.6.9-89.0.28.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.28.EL.i686.rpm kernel-devel-2.6.9-89.0.28.EL.i686.rpm kernel-hugemem-2.6.9-89.0.28.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.28.EL.i686.rpm kernel-smp-2.6.9-89.0.28.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.28.EL.i686.rpm kernel-xenU-2.6.9-89.0.28.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.28.EL.i686.rpm ia64: kernel-2.6.9-89.0.28.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.28.EL.ia64.rpm kernel-devel-2.6.9-89.0.28.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.28.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.28.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.28.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.28.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.28.EL.x86_64.rpm kernel-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.28.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-smp-2.6.9-89.0.28.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.28.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.28.EL.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-89.0.28.EL.src.rpm i386: kernel-2.6.9-89.0.28.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.28.EL.i686.rpm kernel-devel-2.6.9-89.0.28.EL.i686.rpm kernel-hugemem-2.6.9-89.0.28.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.28.EL.i686.rpm kernel-smp-2.6.9-89.0.28.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.28.EL.i686.rpm kernel-xenU-2.6.9-89.0.28.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.28.EL.i686.rpm ia64: kernel-2.6.9-89.0.28.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.28.EL.ia64.rpm kernel-devel-2.6.9-89.0.28.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.28.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.28.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.28.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.28.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.28.EL.x86_64.rpm kernel-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.28.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-smp-2.6.9-89.0.28.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.28.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.28.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.28.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-2248.html https://www.redhat.com/security/data/cve/CVE-2010-2521.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMWv4FXlSAg2UNWIIRAhl/AJ0TRP8E3fUOfx9y8bIDyks9Db/OtgCgsq0R 0BQYzEHyy4gIzgTVCMUHPF8= =+Q8K -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Aug 5 18:11:35 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Aug 2010 12:11:35 -0600 Subject: [RHSA-2010:0607-02] Important: freetype security update Message-ID: <201008051811.o75IBZNS010981@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: freetype security update Advisory ID: RHSA-2010:0607-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0607.html Issue date: 2010-08-05 CVE Names: CVE-2010-1797 ===================================================================== 1. Summary: Updated freetype packages that fix two security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 3 and 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 provide only the FreeType 2 font engine. Two stack overflow flaws were found in the way the FreeType font engine processed certain Compact Font Format (CFF) character strings (opcodes). If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1797) Red Hat would like to thank Braden Thomas of the Apple Product Security team for reporting these issues. Note: CVE-2010-1797 only affects the FreeType 2 font engine. Users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The X server must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 621144 - CVE-2010-1797 FreeType: Multiple stack overflows by processing CFF opcodes 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/freetype-2.1.4-16.el3.src.rpm i386: freetype-2.1.4-16.el3.i386.rpm freetype-debuginfo-2.1.4-16.el3.i386.rpm freetype-devel-2.1.4-16.el3.i386.rpm ia64: freetype-2.1.4-16.el3.i386.rpm freetype-2.1.4-16.el3.ia64.rpm freetype-debuginfo-2.1.4-16.el3.i386.rpm freetype-debuginfo-2.1.4-16.el3.ia64.rpm freetype-devel-2.1.4-16.el3.ia64.rpm ppc: freetype-2.1.4-16.el3.ppc.rpm freetype-2.1.4-16.el3.ppc64.rpm freetype-debuginfo-2.1.4-16.el3.ppc.rpm freetype-debuginfo-2.1.4-16.el3.ppc64.rpm freetype-devel-2.1.4-16.el3.ppc.rpm s390: freetype-2.1.4-16.el3.s390.rpm freetype-debuginfo-2.1.4-16.el3.s390.rpm freetype-devel-2.1.4-16.el3.s390.rpm s390x: freetype-2.1.4-16.el3.s390.rpm freetype-2.1.4-16.el3.s390x.rpm freetype-debuginfo-2.1.4-16.el3.s390.rpm freetype-debuginfo-2.1.4-16.el3.s390x.rpm freetype-devel-2.1.4-16.el3.s390x.rpm x86_64: freetype-2.1.4-16.el3.i386.rpm freetype-2.1.4-16.el3.x86_64.rpm freetype-debuginfo-2.1.4-16.el3.i386.rpm freetype-debuginfo-2.1.4-16.el3.x86_64.rpm freetype-devel-2.1.4-16.el3.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/freetype-2.1.4-16.el3.src.rpm i386: freetype-2.1.4-16.el3.i386.rpm freetype-debuginfo-2.1.4-16.el3.i386.rpm freetype-devel-2.1.4-16.el3.i386.rpm x86_64: freetype-2.1.4-16.el3.i386.rpm freetype-2.1.4-16.el3.x86_64.rpm freetype-debuginfo-2.1.4-16.el3.i386.rpm freetype-debuginfo-2.1.4-16.el3.x86_64.rpm freetype-devel-2.1.4-16.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/freetype-2.1.4-16.el3.src.rpm i386: freetype-2.1.4-16.el3.i386.rpm freetype-debuginfo-2.1.4-16.el3.i386.rpm freetype-devel-2.1.4-16.el3.i386.rpm ia64: freetype-2.1.4-16.el3.i386.rpm freetype-2.1.4-16.el3.ia64.rpm freetype-debuginfo-2.1.4-16.el3.i386.rpm freetype-debuginfo-2.1.4-16.el3.ia64.rpm freetype-devel-2.1.4-16.el3.ia64.rpm x86_64: freetype-2.1.4-16.el3.i386.rpm freetype-2.1.4-16.el3.x86_64.rpm freetype-debuginfo-2.1.4-16.el3.i386.rpm freetype-debuginfo-2.1.4-16.el3.x86_64.rpm freetype-devel-2.1.4-16.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/freetype-2.1.4-16.el3.src.rpm i386: freetype-2.1.4-16.el3.i386.rpm freetype-debuginfo-2.1.4-16.el3.i386.rpm freetype-devel-2.1.4-16.el3.i386.rpm ia64: freetype-2.1.4-16.el3.i386.rpm freetype-2.1.4-16.el3.ia64.rpm freetype-debuginfo-2.1.4-16.el3.i386.rpm freetype-debuginfo-2.1.4-16.el3.ia64.rpm freetype-devel-2.1.4-16.el3.ia64.rpm x86_64: freetype-2.1.4-16.el3.i386.rpm freetype-2.1.4-16.el3.x86_64.rpm freetype-debuginfo-2.1.4-16.el3.i386.rpm freetype-debuginfo-2.1.4-16.el3.x86_64.rpm freetype-devel-2.1.4-16.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/freetype-2.1.9-15.el4.8.src.rpm i386: freetype-2.1.9-15.el4.8.i386.rpm freetype-debuginfo-2.1.9-15.el4.8.i386.rpm freetype-demos-2.1.9-15.el4.8.i386.rpm freetype-devel-2.1.9-15.el4.8.i386.rpm freetype-utils-2.1.9-15.el4.8.i386.rpm ia64: freetype-2.1.9-15.el4.8.i386.rpm freetype-2.1.9-15.el4.8.ia64.rpm freetype-debuginfo-2.1.9-15.el4.8.i386.rpm freetype-debuginfo-2.1.9-15.el4.8.ia64.rpm freetype-demos-2.1.9-15.el4.8.ia64.rpm freetype-devel-2.1.9-15.el4.8.ia64.rpm freetype-utils-2.1.9-15.el4.8.ia64.rpm ppc: freetype-2.1.9-15.el4.8.ppc.rpm freetype-2.1.9-15.el4.8.ppc64.rpm freetype-debuginfo-2.1.9-15.el4.8.ppc.rpm freetype-debuginfo-2.1.9-15.el4.8.ppc64.rpm freetype-demos-2.1.9-15.el4.8.ppc.rpm freetype-devel-2.1.9-15.el4.8.ppc.rpm freetype-utils-2.1.9-15.el4.8.ppc.rpm s390: freetype-2.1.9-15.el4.8.s390.rpm freetype-debuginfo-2.1.9-15.el4.8.s390.rpm freetype-demos-2.1.9-15.el4.8.s390.rpm freetype-devel-2.1.9-15.el4.8.s390.rpm freetype-utils-2.1.9-15.el4.8.s390.rpm s390x: freetype-2.1.9-15.el4.8.s390.rpm freetype-2.1.9-15.el4.8.s390x.rpm freetype-debuginfo-2.1.9-15.el4.8.s390.rpm freetype-debuginfo-2.1.9-15.el4.8.s390x.rpm freetype-demos-2.1.9-15.el4.8.s390x.rpm freetype-devel-2.1.9-15.el4.8.s390x.rpm freetype-utils-2.1.9-15.el4.8.s390x.rpm x86_64: freetype-2.1.9-15.el4.8.i386.rpm freetype-2.1.9-15.el4.8.x86_64.rpm freetype-debuginfo-2.1.9-15.el4.8.i386.rpm freetype-debuginfo-2.1.9-15.el4.8.x86_64.rpm freetype-demos-2.1.9-15.el4.8.x86_64.rpm freetype-devel-2.1.9-15.el4.8.x86_64.rpm freetype-utils-2.1.9-15.el4.8.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/freetype-2.1.9-15.el4.8.src.rpm i386: freetype-2.1.9-15.el4.8.i386.rpm freetype-debuginfo-2.1.9-15.el4.8.i386.rpm freetype-demos-2.1.9-15.el4.8.i386.rpm freetype-devel-2.1.9-15.el4.8.i386.rpm freetype-utils-2.1.9-15.el4.8.i386.rpm x86_64: freetype-2.1.9-15.el4.8.i386.rpm freetype-2.1.9-15.el4.8.x86_64.rpm freetype-debuginfo-2.1.9-15.el4.8.i386.rpm freetype-debuginfo-2.1.9-15.el4.8.x86_64.rpm freetype-demos-2.1.9-15.el4.8.x86_64.rpm freetype-devel-2.1.9-15.el4.8.x86_64.rpm freetype-utils-2.1.9-15.el4.8.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/freetype-2.1.9-15.el4.8.src.rpm i386: freetype-2.1.9-15.el4.8.i386.rpm freetype-debuginfo-2.1.9-15.el4.8.i386.rpm freetype-demos-2.1.9-15.el4.8.i386.rpm freetype-devel-2.1.9-15.el4.8.i386.rpm freetype-utils-2.1.9-15.el4.8.i386.rpm ia64: freetype-2.1.9-15.el4.8.i386.rpm freetype-2.1.9-15.el4.8.ia64.rpm freetype-debuginfo-2.1.9-15.el4.8.i386.rpm freetype-debuginfo-2.1.9-15.el4.8.ia64.rpm freetype-demos-2.1.9-15.el4.8.ia64.rpm freetype-devel-2.1.9-15.el4.8.ia64.rpm freetype-utils-2.1.9-15.el4.8.ia64.rpm x86_64: freetype-2.1.9-15.el4.8.i386.rpm freetype-2.1.9-15.el4.8.x86_64.rpm freetype-debuginfo-2.1.9-15.el4.8.i386.rpm freetype-debuginfo-2.1.9-15.el4.8.x86_64.rpm freetype-demos-2.1.9-15.el4.8.x86_64.rpm freetype-devel-2.1.9-15.el4.8.x86_64.rpm freetype-utils-2.1.9-15.el4.8.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/freetype-2.1.9-15.el4.8.src.rpm i386: freetype-2.1.9-15.el4.8.i386.rpm freetype-debuginfo-2.1.9-15.el4.8.i386.rpm freetype-demos-2.1.9-15.el4.8.i386.rpm freetype-devel-2.1.9-15.el4.8.i386.rpm freetype-utils-2.1.9-15.el4.8.i386.rpm ia64: freetype-2.1.9-15.el4.8.i386.rpm freetype-2.1.9-15.el4.8.ia64.rpm freetype-debuginfo-2.1.9-15.el4.8.i386.rpm freetype-debuginfo-2.1.9-15.el4.8.ia64.rpm freetype-demos-2.1.9-15.el4.8.ia64.rpm freetype-devel-2.1.9-15.el4.8.ia64.rpm freetype-utils-2.1.9-15.el4.8.ia64.rpm x86_64: freetype-2.1.9-15.el4.8.i386.rpm freetype-2.1.9-15.el4.8.x86_64.rpm freetype-debuginfo-2.1.9-15.el4.8.i386.rpm freetype-debuginfo-2.1.9-15.el4.8.x86_64.rpm freetype-demos-2.1.9-15.el4.8.x86_64.rpm freetype-devel-2.1.9-15.el4.8.x86_64.rpm freetype-utils-2.1.9-15.el4.8.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/freetype-2.2.1-26.el5_5.src.rpm i386: freetype-2.2.1-26.el5_5.i386.rpm freetype-debuginfo-2.2.1-26.el5_5.i386.rpm x86_64: freetype-2.2.1-26.el5_5.i386.rpm freetype-2.2.1-26.el5_5.x86_64.rpm freetype-debuginfo-2.2.1-26.el5_5.i386.rpm freetype-debuginfo-2.2.1-26.el5_5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/freetype-2.2.1-26.el5_5.src.rpm i386: freetype-debuginfo-2.2.1-26.el5_5.i386.rpm freetype-demos-2.2.1-26.el5_5.i386.rpm freetype-devel-2.2.1-26.el5_5.i386.rpm x86_64: freetype-debuginfo-2.2.1-26.el5_5.i386.rpm freetype-debuginfo-2.2.1-26.el5_5.x86_64.rpm freetype-demos-2.2.1-26.el5_5.x86_64.rpm freetype-devel-2.2.1-26.el5_5.i386.rpm freetype-devel-2.2.1-26.el5_5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/freetype-2.2.1-26.el5_5.src.rpm i386: freetype-2.2.1-26.el5_5.i386.rpm freetype-debuginfo-2.2.1-26.el5_5.i386.rpm freetype-demos-2.2.1-26.el5_5.i386.rpm freetype-devel-2.2.1-26.el5_5.i386.rpm ia64: freetype-2.2.1-26.el5_5.i386.rpm freetype-2.2.1-26.el5_5.ia64.rpm freetype-debuginfo-2.2.1-26.el5_5.i386.rpm freetype-debuginfo-2.2.1-26.el5_5.ia64.rpm freetype-demos-2.2.1-26.el5_5.ia64.rpm freetype-devel-2.2.1-26.el5_5.ia64.rpm ppc: freetype-2.2.1-26.el5_5.ppc.rpm freetype-2.2.1-26.el5_5.ppc64.rpm freetype-debuginfo-2.2.1-26.el5_5.ppc.rpm freetype-debuginfo-2.2.1-26.el5_5.ppc64.rpm freetype-demos-2.2.1-26.el5_5.ppc.rpm freetype-devel-2.2.1-26.el5_5.ppc.rpm freetype-devel-2.2.1-26.el5_5.ppc64.rpm s390x: freetype-2.2.1-26.el5_5.s390.rpm freetype-2.2.1-26.el5_5.s390x.rpm freetype-debuginfo-2.2.1-26.el5_5.s390.rpm freetype-debuginfo-2.2.1-26.el5_5.s390x.rpm freetype-demos-2.2.1-26.el5_5.s390x.rpm freetype-devel-2.2.1-26.el5_5.s390.rpm freetype-devel-2.2.1-26.el5_5.s390x.rpm x86_64: freetype-2.2.1-26.el5_5.i386.rpm freetype-2.2.1-26.el5_5.x86_64.rpm freetype-debuginfo-2.2.1-26.el5_5.i386.rpm freetype-debuginfo-2.2.1-26.el5_5.x86_64.rpm freetype-demos-2.2.1-26.el5_5.x86_64.rpm freetype-devel-2.2.1-26.el5_5.i386.rpm freetype-devel-2.2.1-26.el5_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-1797.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMWv5FXlSAg2UNWIIRAjs9AJ4uX1TT8wEgrLzy+I+46zW2GSzP2QCfVoyl 5ogZ4YzwBn0vc6DiaaSqYJM= =vlra -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Aug 10 19:24:59 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Aug 2010 13:24:59 -0600 Subject: [RHSA-2010:0610-01] Important: kernel security and bug fix update Message-ID: <201008101925.o7AJOxDO003648@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2010:0610-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0610.html Issue date: 2010-08-10 CVE Names: CVE-2010-1084 CVE-2010-2066 CVE-2010-2070 CVE-2010-2226 CVE-2010-2248 CVE-2010-2521 CVE-2010-2524 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * instances of unsafe sprintf() use were found in the Linux kernel Bluetooth implementation. Creating a large number of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary memory pages being overwritten. A local, unprivileged user could use this flaw to cause a kernel panic (denial of service) or escalate their privileges. (CVE-2010-1084, Important) * a flaw was found in the Xen hypervisor implementation when using the Intel Itanium architecture, allowing guests to enter an unsupported state. An unprivileged guest user could trigger this flaw by setting the BE (Big Endian) bit of the Processor Status Register (PSR), leading to the guest crashing (denial of service). (CVE-2010-2070, Important) * a flaw was found in the CIFSSMBWrite() function in the Linux kernel Common Internet File System (CIFS) implementation. A remote attacker could send a specially-crafted SMB response packet to a target CIFS client, resulting in a kernel panic (denial of service). (CVE-2010-2248, Important) * buffer overflow flaws were found in the Linux kernel's implementation of the server-side External Data Representation (XDR) for the Network File System (NFS) version 4. An attacker on the local network could send a specially-crafted large compound request to the NFSv4 server, which could possibly result in a kernel panic (denial of service) or, potentially, code execution. (CVE-2010-2521, Important) * a flaw was found in the handling of the SWAPEXT IOCTL in the Linux kernel XFS file system implementation. A local user could use this flaw to read write-only files, that they do not own, on an XFS file system. This could lead to unintended information disclosure. (CVE-2010-2226, Moderate) * a flaw was found in the dns_resolver upcall used by CIFS. A local, unprivileged user could redirect a Microsoft Distributed File System link to another IP address, tricking the client into mounting the share from a server of the user's choosing. (CVE-2010-2524, Moderate) * a missing check was found in the mext_check_arguments() function in the ext4 file system code. A local user could use this flaw to cause the MOVE_EXT IOCTL to overwrite the contents of an append-only file on an ext4 file system, if they have write permissions for that file. (CVE-2010-2066, Low) Red Hat would like to thank Neil Brown for reporting CVE-2010-1084, and Dan Rosenberg for reporting CVE-2010-2226 and CVE-2010-2066. This update also fixes several bugs. Documentation for these bug fixes will be available shortly from the Technical Notes document linked to in the References. Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 576018 - CVE-2010-1084 kernel: bluetooth: potential bad memory access with sysfs files 586415 - CVE-2010-2070 /kernel/security/CVE-2006-0742 test cause kernel-xen panic on ia64 601006 - CVE-2010-2066 kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files 605158 - CVE-2010-2226 kernel: xfs swapext ioctl minor security issue 607483 - [Stratus 5.6 bug] Circular lock dep warning on cfq_exit_lock [rhel-5.5.z] 607486 - RHEL5u4 2.6.18-160.el5: modprobe of acpiphp on system with no hotpluggable stots causes kernel PANIC [rhel-5.5.z] 608583 - CVE-2010-2248 kernel: cifs: Fix a kernel BUG with remote OS/2 server 612028 - CVE-2010-2521 kernel: nfsd4: bug in read_buf 612166 - CVE-2010-2524 kernel: dns_resolver upcall security issue 612539 - [5.4]The addition of SAS disk fails because of the timeout. [rhel-5.5.z] 613688 - [NetApp 5.6 bug] QLogic FC firmware errors seen on RHEL 5.5 [rhel-5.5.z] 613900 - [RHEL5.5] TCP bandwidth problems with TPA and bnx2x cards [rhel-5.5.z] 615260 - [Broadcom 5.6 bug] cnic: Panic in cnic_iscsi_nl_msg_recv() [rhel-5.5.z] 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-194.11.1.el5.src.rpm i386: kernel-2.6.18-194.11.1.el5.i686.rpm kernel-PAE-2.6.18-194.11.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-194.11.1.el5.i686.rpm kernel-PAE-devel-2.6.18-194.11.1.el5.i686.rpm kernel-debug-2.6.18-194.11.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-194.11.1.el5.i686.rpm kernel-debug-devel-2.6.18-194.11.1.el5.i686.rpm kernel-debuginfo-2.6.18-194.11.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-194.11.1.el5.i686.rpm kernel-devel-2.6.18-194.11.1.el5.i686.rpm kernel-headers-2.6.18-194.11.1.el5.i386.rpm kernel-xen-2.6.18-194.11.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-194.11.1.el5.i686.rpm kernel-xen-devel-2.6.18-194.11.1.el5.i686.rpm noarch: kernel-doc-2.6.18-194.11.1.el5.noarch.rpm x86_64: kernel-2.6.18-194.11.1.el5.x86_64.rpm kernel-debug-2.6.18-194.11.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-194.11.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-194.11.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-194.11.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-194.11.1.el5.x86_64.rpm kernel-devel-2.6.18-194.11.1.el5.x86_64.rpm kernel-headers-2.6.18-194.11.1.el5.x86_64.rpm kernel-xen-2.6.18-194.11.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-194.11.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-194.11.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-194.11.1.el5.src.rpm i386: kernel-2.6.18-194.11.1.el5.i686.rpm kernel-PAE-2.6.18-194.11.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-194.11.1.el5.i686.rpm kernel-PAE-devel-2.6.18-194.11.1.el5.i686.rpm kernel-debug-2.6.18-194.11.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-194.11.1.el5.i686.rpm kernel-debug-devel-2.6.18-194.11.1.el5.i686.rpm kernel-debuginfo-2.6.18-194.11.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-194.11.1.el5.i686.rpm kernel-devel-2.6.18-194.11.1.el5.i686.rpm kernel-headers-2.6.18-194.11.1.el5.i386.rpm kernel-xen-2.6.18-194.11.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-194.11.1.el5.i686.rpm kernel-xen-devel-2.6.18-194.11.1.el5.i686.rpm ia64: kernel-2.6.18-194.11.1.el5.ia64.rpm kernel-debug-2.6.18-194.11.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-194.11.1.el5.ia64.rpm kernel-debug-devel-2.6.18-194.11.1.el5.ia64.rpm kernel-debuginfo-2.6.18-194.11.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-194.11.1.el5.ia64.rpm kernel-devel-2.6.18-194.11.1.el5.ia64.rpm kernel-headers-2.6.18-194.11.1.el5.ia64.rpm kernel-xen-2.6.18-194.11.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-194.11.1.el5.ia64.rpm kernel-xen-devel-2.6.18-194.11.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-194.11.1.el5.noarch.rpm ppc: kernel-2.6.18-194.11.1.el5.ppc64.rpm kernel-debug-2.6.18-194.11.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-194.11.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-194.11.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-194.11.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-194.11.1.el5.ppc64.rpm kernel-devel-2.6.18-194.11.1.el5.ppc64.rpm kernel-headers-2.6.18-194.11.1.el5.ppc.rpm kernel-headers-2.6.18-194.11.1.el5.ppc64.rpm kernel-kdump-2.6.18-194.11.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-194.11.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-194.11.1.el5.ppc64.rpm s390x: kernel-2.6.18-194.11.1.el5.s390x.rpm kernel-debug-2.6.18-194.11.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-194.11.1.el5.s390x.rpm kernel-debug-devel-2.6.18-194.11.1.el5.s390x.rpm kernel-debuginfo-2.6.18-194.11.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-194.11.1.el5.s390x.rpm kernel-devel-2.6.18-194.11.1.el5.s390x.rpm kernel-headers-2.6.18-194.11.1.el5.s390x.rpm kernel-kdump-2.6.18-194.11.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-194.11.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-194.11.1.el5.s390x.rpm x86_64: kernel-2.6.18-194.11.1.el5.x86_64.rpm kernel-debug-2.6.18-194.11.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-194.11.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-194.11.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-194.11.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-194.11.1.el5.x86_64.rpm kernel-devel-2.6.18-194.11.1.el5.x86_64.rpm kernel-headers-2.6.18-194.11.1.el5.x86_64.rpm kernel-xen-2.6.18-194.11.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-194.11.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-194.11.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-1084.html https://www.redhat.com/security/data/cve/CVE-2010-2066.html https://www.redhat.com/security/data/cve/CVE-2010-2070.html https://www.redhat.com/security/data/cve/CVE-2010-2226.html https://www.redhat.com/security/data/cve/CVE-2010-2248.html https://www.redhat.com/security/data/cve/CVE-2010-2521.html https://www.redhat.com/security/data/cve/CVE-2010-2524.html http://www.redhat.com/security/updates/classification/#important http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.5_Technical_Notes/kernel.html#id3512211 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMYad1XlSAg2UNWIIRAnUYAJ9j5orVnSDVRqRkgcXzJ4YPunvD4wCdFIA8 ju6yuwwBnFVrezO8K+v6DJc= =5UMN -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Aug 10 19:25:30 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Aug 2010 13:25:30 -0600 Subject: [RHSA-2010:0615-01] Low: libvirt security and bug fix update Message-ID: <201008101925.o7AJPVtt004994@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: libvirt security and bug fix update Advisory ID: RHSA-2010:0615-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0615.html Issue date: 2010-08-10 CVE Names: CVE-2010-2239 CVE-2010-2242 ===================================================================== 1. Summary: Updated libvirt packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Multi OS (v. 5 client) - i386, x86_64 RHEL Virtualization (v. 5 server) - i386, ia64, x86_64 3. Description: The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remotely managing virtualized systems. It was found that libvirt did not set the user-defined backing store format when creating a new image, possibly resulting in applications having to probe the backing store to discover the format. A privileged guest user could use this flaw to read arbitrary files on the host. (CVE-2010-2239) It was found that libvirt created insecure iptables rules on the host when a guest system was configured for IP masquerading, allowing the guest to use privileged ports on the host when accessing network resources. A privileged guest user could use this flaw to access network resources that would otherwise not be accessible to the guest. (CVE-2010-2242) Red Hat would like to thank Jeremy Nickurak for reporting the CVE-2010-2242 issue. This update also fixes the following bugs: * a Linux software bridge assumes the MAC address of the enslaved interface with the numerically lowest MAC address. When the bridge changes its MAC address, for a period of time it does not relay packets across network segments, resulting in a temporary network "blackout". The bridge should thus avoid changing its MAC address in order not to disrupt network communications. The Linux kernel assigns network TAP devices a random MAC address. Occasionally, this random MAC address is lower than that of the physical interface which is enslaved (for example, eth0 or eth1), which causes the bridge to change its MAC address, thereby disrupting network communications for a period of time. With this update, libvirt now sets an explicit MAC address for all TAP devices created using the configured MAC address from the XML, but with the high bit set to 0xFE. The result is that TAP device MAC addresses are now numerically greater than those for physical interfaces, and bridges should no longer attempt to switch their MAC address to that of the TAP device, thus avoiding potential spurious network disruptions. (BZ#617243) * a memory leak in the libvirt driver for the Xen hypervisor has been fixed with this update. (BZ#619711) * the xm and virsh management user interfaces for virtual guests can be called on the command line to list the number of active guests. However, under certain circumstances, running the "virsh list" command resulted in virsh not listing all of the virtual guests that were active (that is, running) at the time. This update incorporates a fix that matches the logic used for determining active guests with that of "xm list", such that both commands should now list the same number of active virtual guests under all circumstances. (BZ#618200) All users of libvirt are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the system must be rebooted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 602455 - CVE-2010-2242 libvirt: improperly mapped source privileged ports may allow for obtaining privileged resources on the host 607812 - CVE-2010-2239 libvirt: not setting user defined backing store format when creating new image 617243 - libvirt should not use the MAC address assigned to tap devices/vnet interfaces by the TAP/TUN driver. 618200 - Discrepancy between xm and virsh output when listing active Xen domains 619711 - Memory leak in libvirtd 6. Package List: RHEL Desktop Multi OS (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libvirt-0.6.3-33.el5_5.3.src.rpm i386: libvirt-0.6.3-33.el5_5.3.i386.rpm libvirt-debuginfo-0.6.3-33.el5_5.3.i386.rpm libvirt-devel-0.6.3-33.el5_5.3.i386.rpm libvirt-python-0.6.3-33.el5_5.3.i386.rpm x86_64: libvirt-0.6.3-33.el5_5.3.i386.rpm libvirt-0.6.3-33.el5_5.3.x86_64.rpm libvirt-debuginfo-0.6.3-33.el5_5.3.i386.rpm libvirt-debuginfo-0.6.3-33.el5_5.3.x86_64.rpm libvirt-devel-0.6.3-33.el5_5.3.i386.rpm libvirt-devel-0.6.3-33.el5_5.3.x86_64.rpm libvirt-python-0.6.3-33.el5_5.3.x86_64.rpm RHEL Virtualization (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libvirt-0.6.3-33.el5_5.3.src.rpm i386: libvirt-0.6.3-33.el5_5.3.i386.rpm libvirt-debuginfo-0.6.3-33.el5_5.3.i386.rpm libvirt-devel-0.6.3-33.el5_5.3.i386.rpm libvirt-python-0.6.3-33.el5_5.3.i386.rpm ia64: libvirt-0.6.3-33.el5_5.3.ia64.rpm libvirt-debuginfo-0.6.3-33.el5_5.3.ia64.rpm libvirt-devel-0.6.3-33.el5_5.3.ia64.rpm libvirt-python-0.6.3-33.el5_5.3.ia64.rpm x86_64: libvirt-0.6.3-33.el5_5.3.i386.rpm libvirt-0.6.3-33.el5_5.3.x86_64.rpm libvirt-debuginfo-0.6.3-33.el5_5.3.i386.rpm libvirt-debuginfo-0.6.3-33.el5_5.3.x86_64.rpm libvirt-devel-0.6.3-33.el5_5.3.i386.rpm libvirt-devel-0.6.3-33.el5_5.3.x86_64.rpm libvirt-python-0.6.3-33.el5_5.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-2239.html https://www.redhat.com/security/data/cve/CVE-2010-2242.html http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMYaeYXlSAg2UNWIIRAiMhAKC9NOblB6+ntyNm4pMkTFJdpXe5HwCgjy7d aOGOS9n/wH1DFTpZxk4flnk= =RVmp -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Aug 10 21:33:12 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Aug 2010 15:33:12 -0600 Subject: [RHSA-2010:0616-01] Moderate: dbus-glib security update Message-ID: <201008102133.o7ALXD3J006318@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: dbus-glib security update Advisory ID: RHSA-2010:0616-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0616.html Issue date: 2010-08-10 CVE Names: CVE-2010-1172 ===================================================================== 1. Summary: Updated dbus-glib packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: dbus-glib is an add-on library to integrate the standard D-Bus library with the GLib main loop and threading model. NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. It was discovered that dbus-glib did not enforce the "access" flag on exported GObject properties. If such a property were read/write internally but specified as read-only externally, a malicious, local user could use this flaw to modify that property of an application. Such a change could impact the application's behavior (for example, if an IP address were changed the network may not come up properly after reboot) and possibly lead to a denial of service. (CVE-2010-1172) Due to the way dbus-glib translates an application's XML definitions of service interfaces and properties into C code at application build time, applications built against dbus-glib that use read-only properties needed to be rebuilt to fully fix the flaw. As such, this update provides NetworkManager packages that have been rebuilt against the updated dbus-glib packages. No other applications shipped with Red Hat Enterprise Linux 5 were affected. All dbus-glib and NetworkManager users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. Running instances of NetworkManager must be restarted (service NetworkManager restart) for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 585394 - CVE-2010-1172 dbus-glib: property access not validated 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/NetworkManager-0.7.0-10.el5_5.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/dbus-glib-0.73-10.el5_5.src.rpm i386: NetworkManager-0.7.0-10.el5_5.1.i386.rpm NetworkManager-debuginfo-0.7.0-10.el5_5.1.i386.rpm NetworkManager-devel-0.7.0-10.el5_5.1.i386.rpm NetworkManager-glib-0.7.0-10.el5_5.1.i386.rpm NetworkManager-glib-devel-0.7.0-10.el5_5.1.i386.rpm NetworkManager-gnome-0.7.0-10.el5_5.1.i386.rpm dbus-glib-0.73-10.el5_5.i386.rpm dbus-glib-debuginfo-0.73-10.el5_5.i386.rpm dbus-glib-devel-0.73-10.el5_5.i386.rpm x86_64: NetworkManager-0.7.0-10.el5_5.1.i386.rpm NetworkManager-0.7.0-10.el5_5.1.x86_64.rpm NetworkManager-debuginfo-0.7.0-10.el5_5.1.i386.rpm NetworkManager-debuginfo-0.7.0-10.el5_5.1.x86_64.rpm NetworkManager-glib-0.7.0-10.el5_5.1.i386.rpm NetworkManager-glib-0.7.0-10.el5_5.1.x86_64.rpm NetworkManager-gnome-0.7.0-10.el5_5.1.x86_64.rpm dbus-glib-0.73-10.el5_5.i386.rpm dbus-glib-0.73-10.el5_5.x86_64.rpm dbus-glib-debuginfo-0.73-10.el5_5.i386.rpm dbus-glib-debuginfo-0.73-10.el5_5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/NetworkManager-0.7.0-10.el5_5.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/dbus-glib-0.73-10.el5_5.src.rpm i386: NetworkManager-debuginfo-0.7.0-10.el5_5.1.i386.rpm NetworkManager-devel-0.7.0-10.el5_5.1.i386.rpm NetworkManager-glib-devel-0.7.0-10.el5_5.1.i386.rpm dbus-glib-debuginfo-0.73-10.el5_5.i386.rpm dbus-glib-devel-0.73-10.el5_5.i386.rpm x86_64: NetworkManager-debuginfo-0.7.0-10.el5_5.1.i386.rpm NetworkManager-debuginfo-0.7.0-10.el5_5.1.x86_64.rpm NetworkManager-devel-0.7.0-10.el5_5.1.i386.rpm NetworkManager-devel-0.7.0-10.el5_5.1.x86_64.rpm NetworkManager-glib-devel-0.7.0-10.el5_5.1.i386.rpm NetworkManager-glib-devel-0.7.0-10.el5_5.1.x86_64.rpm dbus-glib-debuginfo-0.73-10.el5_5.i386.rpm dbus-glib-debuginfo-0.73-10.el5_5.x86_64.rpm dbus-glib-devel-0.73-10.el5_5.i386.rpm dbus-glib-devel-0.73-10.el5_5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/NetworkManager-0.7.0-10.el5_5.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/dbus-glib-0.73-10.el5_5.src.rpm i386: NetworkManager-0.7.0-10.el5_5.1.i386.rpm NetworkManager-debuginfo-0.7.0-10.el5_5.1.i386.rpm NetworkManager-devel-0.7.0-10.el5_5.1.i386.rpm NetworkManager-glib-0.7.0-10.el5_5.1.i386.rpm NetworkManager-glib-devel-0.7.0-10.el5_5.1.i386.rpm NetworkManager-gnome-0.7.0-10.el5_5.1.i386.rpm dbus-glib-0.73-10.el5_5.i386.rpm dbus-glib-debuginfo-0.73-10.el5_5.i386.rpm dbus-glib-devel-0.73-10.el5_5.i386.rpm ia64: NetworkManager-0.7.0-10.el5_5.1.ia64.rpm NetworkManager-debuginfo-0.7.0-10.el5_5.1.ia64.rpm NetworkManager-devel-0.7.0-10.el5_5.1.ia64.rpm NetworkManager-glib-0.7.0-10.el5_5.1.ia64.rpm NetworkManager-glib-devel-0.7.0-10.el5_5.1.ia64.rpm NetworkManager-gnome-0.7.0-10.el5_5.1.ia64.rpm dbus-glib-0.73-10.el5_5.ia64.rpm dbus-glib-debuginfo-0.73-10.el5_5.ia64.rpm dbus-glib-devel-0.73-10.el5_5.ia64.rpm ppc: NetworkManager-0.7.0-10.el5_5.1.ppc.rpm NetworkManager-0.7.0-10.el5_5.1.ppc64.rpm NetworkManager-debuginfo-0.7.0-10.el5_5.1.ppc.rpm NetworkManager-debuginfo-0.7.0-10.el5_5.1.ppc64.rpm NetworkManager-devel-0.7.0-10.el5_5.1.ppc.rpm NetworkManager-devel-0.7.0-10.el5_5.1.ppc64.rpm NetworkManager-glib-0.7.0-10.el5_5.1.ppc.rpm NetworkManager-glib-0.7.0-10.el5_5.1.ppc64.rpm NetworkManager-glib-devel-0.7.0-10.el5_5.1.ppc.rpm NetworkManager-glib-devel-0.7.0-10.el5_5.1.ppc64.rpm NetworkManager-gnome-0.7.0-10.el5_5.1.ppc.rpm dbus-glib-0.73-10.el5_5.ppc.rpm dbus-glib-0.73-10.el5_5.ppc64.rpm dbus-glib-debuginfo-0.73-10.el5_5.ppc.rpm dbus-glib-debuginfo-0.73-10.el5_5.ppc64.rpm dbus-glib-devel-0.73-10.el5_5.ppc.rpm dbus-glib-devel-0.73-10.el5_5.ppc64.rpm s390x: dbus-glib-0.73-10.el5_5.s390.rpm dbus-glib-0.73-10.el5_5.s390x.rpm dbus-glib-debuginfo-0.73-10.el5_5.s390.rpm dbus-glib-debuginfo-0.73-10.el5_5.s390x.rpm dbus-glib-devel-0.73-10.el5_5.s390.rpm dbus-glib-devel-0.73-10.el5_5.s390x.rpm x86_64: NetworkManager-0.7.0-10.el5_5.1.i386.rpm NetworkManager-0.7.0-10.el5_5.1.x86_64.rpm NetworkManager-debuginfo-0.7.0-10.el5_5.1.i386.rpm NetworkManager-debuginfo-0.7.0-10.el5_5.1.x86_64.rpm NetworkManager-devel-0.7.0-10.el5_5.1.i386.rpm NetworkManager-devel-0.7.0-10.el5_5.1.x86_64.rpm NetworkManager-glib-0.7.0-10.el5_5.1.i386.rpm NetworkManager-glib-0.7.0-10.el5_5.1.x86_64.rpm NetworkManager-glib-devel-0.7.0-10.el5_5.1.i386.rpm NetworkManager-glib-devel-0.7.0-10.el5_5.1.x86_64.rpm NetworkManager-gnome-0.7.0-10.el5_5.1.x86_64.rpm dbus-glib-0.73-10.el5_5.i386.rpm dbus-glib-0.73-10.el5_5.x86_64.rpm dbus-glib-debuginfo-0.73-10.el5_5.i386.rpm dbus-glib-debuginfo-0.73-10.el5_5.x86_64.rpm dbus-glib-devel-0.73-10.el5_5.i386.rpm dbus-glib-devel-0.73-10.el5_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-1172.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMYcWIXlSAg2UNWIIRAoTxAKCkELNasoj+UKWpaSysfdWilSM8gACdFMwB D3kPsEQovc1v5hKpYyDVxeI= =vPbQ -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Aug 11 20:28:29 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 Aug 2010 14:28:29 -0600 Subject: [RHSA-2010:0623-01] Critical: flash-plugin security update Message-ID: <201008112028.o7BKSTJS008499@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2010:0623-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0623.html Issue date: 2010-08-11 CVE Names: CVE-2010-0209 CVE-2010-2213 CVE-2010-2214 CVE-2010-2215 CVE-2010-2216 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB10-16, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content. (CVE-2010-0209, CVE-2010-2213, CVE-2010-2214, CVE-2010-2216) A clickjacking flaw was discovered in flash-plugin. A specially-crafted SWF file could trick a user into unintentionally or mistakenly clicking a link or a dialog. (CVE-2010-2215) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.1.82.76. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 622947 - CVE-2010-0209 CVE-2010-2213 CVE-2010-2214 CVE-2010-2215 CVE-2010-2216 flash-plugin: multiple security flaws (APSB10-16) 6. Package List: RHEL Desktop Supplementary (v. 5 client): i386: flash-plugin-10.1.82.76-1.el5.i386.rpm x86_64: flash-plugin-10.1.82.76-1.el5.i386.rpm RHEL Supplementary (v. 5 server): i386: flash-plugin-10.1.82.76-1.el5.i386.rpm x86_64: flash-plugin-10.1.82.76-1.el5.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0209.html https://www.redhat.com/security/data/cve/CVE-2010-2213.html https://www.redhat.com/security/data/cve/CVE-2010-2214.html https://www.redhat.com/security/data/cve/CVE-2010-2215.html https://www.redhat.com/security/data/cve/CVE-2010-2216.html http://www.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb10-16.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMYwfgXlSAg2UNWIIRAkPMAKC6Tl/IOmXUlxnkWPiHNvXxxYM7CgCgxXdH Lz+uZDoiC4fKFdlQUgn3ito= =0pRs -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Aug 11 20:28:57 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 Aug 2010 14:28:57 -0600 Subject: [RHSA-2010:0624-01] Critical: flash-plugin security update Message-ID: <201008112028.o7BKSvII009162@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2010:0624-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0624.html Issue date: 2010-08-11 CVE Names: CVE-2010-0209 CVE-2010-2213 CVE-2010-2214 CVE-2010-2215 CVE-2010-2216 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3 and 4 Extras. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 3 Extras - i386 Red Hat Desktop version 4 Extras - i386 Red Hat Enterprise Linux AS version 3 Extras - i386 Red Hat Enterprise Linux AS version 4 Extras - i386 Red Hat Enterprise Linux ES version 3 Extras - i386 Red Hat Enterprise Linux ES version 4 Extras - i386 Red Hat Enterprise Linux WS version 3 Extras - i386 Red Hat Enterprise Linux WS version 4 Extras - i386 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB10-16, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content. (CVE-2010-0209, CVE-2010-2213, CVE-2010-2214, CVE-2010-2216) A clickjacking flaw was discovered in flash-plugin. A specially-crafted SWF file could trick a user into unintentionally or mistakenly clicking a link or a dialog. (CVE-2010-2215) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 9.0.280.0. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 622947 - CVE-2010-0209 CVE-2010-2213 CVE-2010-2214 CVE-2010-2215 CVE-2010-2216 flash-plugin: multiple security flaws (APSB10-16) 6. Package List: Red Hat Enterprise Linux AS version 3 Extras: i386: flash-plugin-9.0.280.0-1.el3.with.oss.i386.rpm Red Hat Desktop version 3 Extras: i386: flash-plugin-9.0.280.0-1.el3.with.oss.i386.rpm Red Hat Enterprise Linux ES version 3 Extras: i386: flash-plugin-9.0.280.0-1.el3.with.oss.i386.rpm Red Hat Enterprise Linux WS version 3 Extras: i386: flash-plugin-9.0.280.0-1.el3.with.oss.i386.rpm Red Hat Enterprise Linux AS version 4 Extras: i386: flash-plugin-9.0.280.0-1.el4.i386.rpm Red Hat Desktop version 4 Extras: i386: flash-plugin-9.0.280.0-1.el4.i386.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: flash-plugin-9.0.280.0-1.el4.i386.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: flash-plugin-9.0.280.0-1.el4.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0209.html https://www.redhat.com/security/data/cve/CVE-2010-2213.html https://www.redhat.com/security/data/cve/CVE-2010-2214.html https://www.redhat.com/security/data/cve/CVE-2010-2215.html https://www.redhat.com/security/data/cve/CVE-2010-2216.html http://www.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb10-16.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMYwf5XlSAg2UNWIIRAtARAJ4lsLo3vbzh8PFBe2dI7B/MrfOOkQCgogv+ Q6kRzR/lrB+GDxlURcRr/7w= =lN9E -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Aug 11 21:09:22 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 Aug 2010 15:09:22 -0600 Subject: [RHSA-2010:0625-01] Moderate: wireshark security update Message-ID: <201008112109.o7BL9Mq0017624@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: wireshark security update Advisory ID: RHSA-2010:0625-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0625.html Issue date: 2010-08-11 CVE Names: CVE-2010-1455 CVE-2010-2283 CVE-2010-2284 CVE-2010-2286 CVE-2010-2287 CVE-2010-2995 ===================================================================== 1. Summary: Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-2287, CVE-2010-2995) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2286) Users of Wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.15, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 590613 - CVE-2010-1455 wireshark: DOCSIS dissector crash 604290 - CVE-2010-2283 wireshark: SMB dissector NULL pointer dereference 604292 - CVE-2010-2284 wireshark: ASN.1 BER dissector stack overrun 604302 - CVE-2010-2286 wireshark: SigComp UDVM dissector infinite loop 604308 - CVE-2010-2287 CVE-2010-2995 wireshark: SigComp UDVM dissector buffer overruns 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/wireshark-1.0.15-EL3.1.src.rpm i386: wireshark-1.0.15-EL3.1.i386.rpm wireshark-debuginfo-1.0.15-EL3.1.i386.rpm wireshark-gnome-1.0.15-EL3.1.i386.rpm ia64: wireshark-1.0.15-EL3.1.ia64.rpm wireshark-debuginfo-1.0.15-EL3.1.ia64.rpm wireshark-gnome-1.0.15-EL3.1.ia64.rpm ppc: wireshark-1.0.15-EL3.1.ppc.rpm wireshark-debuginfo-1.0.15-EL3.1.ppc.rpm wireshark-gnome-1.0.15-EL3.1.ppc.rpm s390: wireshark-1.0.15-EL3.1.s390.rpm wireshark-debuginfo-1.0.15-EL3.1.s390.rpm wireshark-gnome-1.0.15-EL3.1.s390.rpm s390x: wireshark-1.0.15-EL3.1.s390x.rpm wireshark-debuginfo-1.0.15-EL3.1.s390x.rpm wireshark-gnome-1.0.15-EL3.1.s390x.rpm x86_64: wireshark-1.0.15-EL3.1.x86_64.rpm wireshark-debuginfo-1.0.15-EL3.1.x86_64.rpm wireshark-gnome-1.0.15-EL3.1.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/wireshark-1.0.15-EL3.1.src.rpm i386: wireshark-1.0.15-EL3.1.i386.rpm wireshark-debuginfo-1.0.15-EL3.1.i386.rpm wireshark-gnome-1.0.15-EL3.1.i386.rpm x86_64: wireshark-1.0.15-EL3.1.x86_64.rpm wireshark-debuginfo-1.0.15-EL3.1.x86_64.rpm wireshark-gnome-1.0.15-EL3.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/wireshark-1.0.15-EL3.1.src.rpm i386: wireshark-1.0.15-EL3.1.i386.rpm wireshark-debuginfo-1.0.15-EL3.1.i386.rpm wireshark-gnome-1.0.15-EL3.1.i386.rpm ia64: wireshark-1.0.15-EL3.1.ia64.rpm wireshark-debuginfo-1.0.15-EL3.1.ia64.rpm wireshark-gnome-1.0.15-EL3.1.ia64.rpm x86_64: wireshark-1.0.15-EL3.1.x86_64.rpm wireshark-debuginfo-1.0.15-EL3.1.x86_64.rpm wireshark-gnome-1.0.15-EL3.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/wireshark-1.0.15-EL3.1.src.rpm i386: wireshark-1.0.15-EL3.1.i386.rpm wireshark-debuginfo-1.0.15-EL3.1.i386.rpm wireshark-gnome-1.0.15-EL3.1.i386.rpm ia64: wireshark-1.0.15-EL3.1.ia64.rpm wireshark-debuginfo-1.0.15-EL3.1.ia64.rpm wireshark-gnome-1.0.15-EL3.1.ia64.rpm x86_64: wireshark-1.0.15-EL3.1.x86_64.rpm wireshark-debuginfo-1.0.15-EL3.1.x86_64.rpm wireshark-gnome-1.0.15-EL3.1.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/wireshark-1.0.15-1.el4_8.1.src.rpm i386: wireshark-1.0.15-1.el4_8.1.i386.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.i386.rpm wireshark-gnome-1.0.15-1.el4_8.1.i386.rpm ia64: wireshark-1.0.15-1.el4_8.1.ia64.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.ia64.rpm wireshark-gnome-1.0.15-1.el4_8.1.ia64.rpm ppc: wireshark-1.0.15-1.el4_8.1.ppc.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.ppc.rpm wireshark-gnome-1.0.15-1.el4_8.1.ppc.rpm s390: wireshark-1.0.15-1.el4_8.1.s390.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.s390.rpm wireshark-gnome-1.0.15-1.el4_8.1.s390.rpm s390x: wireshark-1.0.15-1.el4_8.1.s390x.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.s390x.rpm wireshark-gnome-1.0.15-1.el4_8.1.s390x.rpm x86_64: wireshark-1.0.15-1.el4_8.1.x86_64.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.x86_64.rpm wireshark-gnome-1.0.15-1.el4_8.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/wireshark-1.0.15-1.el4_8.1.src.rpm i386: wireshark-1.0.15-1.el4_8.1.i386.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.i386.rpm wireshark-gnome-1.0.15-1.el4_8.1.i386.rpm x86_64: wireshark-1.0.15-1.el4_8.1.x86_64.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.x86_64.rpm wireshark-gnome-1.0.15-1.el4_8.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/wireshark-1.0.15-1.el4_8.1.src.rpm i386: wireshark-1.0.15-1.el4_8.1.i386.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.i386.rpm wireshark-gnome-1.0.15-1.el4_8.1.i386.rpm ia64: wireshark-1.0.15-1.el4_8.1.ia64.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.ia64.rpm wireshark-gnome-1.0.15-1.el4_8.1.ia64.rpm x86_64: wireshark-1.0.15-1.el4_8.1.x86_64.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.x86_64.rpm wireshark-gnome-1.0.15-1.el4_8.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/wireshark-1.0.15-1.el4_8.1.src.rpm i386: wireshark-1.0.15-1.el4_8.1.i386.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.i386.rpm wireshark-gnome-1.0.15-1.el4_8.1.i386.rpm ia64: wireshark-1.0.15-1.el4_8.1.ia64.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.ia64.rpm wireshark-gnome-1.0.15-1.el4_8.1.ia64.rpm x86_64: wireshark-1.0.15-1.el4_8.1.x86_64.rpm wireshark-debuginfo-1.0.15-1.el4_8.1.x86_64.rpm wireshark-gnome-1.0.15-1.el4_8.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/wireshark-1.0.15-1.el5_5.1.src.rpm i386: wireshark-1.0.15-1.el5_5.1.i386.rpm wireshark-debuginfo-1.0.15-1.el5_5.1.i386.rpm x86_64: wireshark-1.0.15-1.el5_5.1.x86_64.rpm wireshark-debuginfo-1.0.15-1.el5_5.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/wireshark-1.0.15-1.el5_5.1.src.rpm i386: wireshark-debuginfo-1.0.15-1.el5_5.1.i386.rpm wireshark-gnome-1.0.15-1.el5_5.1.i386.rpm x86_64: wireshark-debuginfo-1.0.15-1.el5_5.1.x86_64.rpm wireshark-gnome-1.0.15-1.el5_5.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/wireshark-1.0.15-1.el5_5.1.src.rpm i386: wireshark-1.0.15-1.el5_5.1.i386.rpm wireshark-debuginfo-1.0.15-1.el5_5.1.i386.rpm wireshark-gnome-1.0.15-1.el5_5.1.i386.rpm ia64: wireshark-1.0.15-1.el5_5.1.ia64.rpm wireshark-debuginfo-1.0.15-1.el5_5.1.ia64.rpm wireshark-gnome-1.0.15-1.el5_5.1.ia64.rpm ppc: wireshark-1.0.15-1.el5_5.1.ppc.rpm wireshark-debuginfo-1.0.15-1.el5_5.1.ppc.rpm wireshark-gnome-1.0.15-1.el5_5.1.ppc.rpm s390x: wireshark-1.0.15-1.el5_5.1.s390x.rpm wireshark-debuginfo-1.0.15-1.el5_5.1.s390x.rpm wireshark-gnome-1.0.15-1.el5_5.1.s390x.rpm x86_64: wireshark-1.0.15-1.el5_5.1.x86_64.rpm wireshark-debuginfo-1.0.15-1.el5_5.1.x86_64.rpm wireshark-gnome-1.0.15-1.el5_5.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-1455.html https://www.redhat.com/security/data/cve/CVE-2010-2283.html https://www.redhat.com/security/data/cve/CVE-2010-2284.html https://www.redhat.com/security/data/cve/CVE-2010-2286.html https://www.redhat.com/security/data/cve/CVE-2010-2287.html https://www.redhat.com/security/data/cve/CVE-2010-2995.html http://www.redhat.com/security/updates/classification/#moderate http://www.wireshark.org/security/wnpa-sec-2010-03.html http://www.wireshark.org/security/wnpa-sec-2010-05.html http://www.wireshark.org/security/wnpa-sec-2010-07.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMYxFsXlSAg2UNWIIRAuqqAJ4+jQX4oyttlCatmjlApK0d7WamGwCeKLx8 FqFICbHdI5TMUAnL+wgnIog= =LXDy -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Aug 17 16:05:08 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 17 Aug 2010 10:05:08 -0600 Subject: [RHSA-2010:0631-01] Important: kernel-rt security and bug fix update Message-ID: <201008171605.o7HG58e3023068@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2010:0631-01 Product: Red Hat Enterprise MRG for RHEL-5 Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0631.html Issue date: 2010-08-17 CVE Names: CVE-2008-7256 CVE-2009-4138 CVE-2010-1083 CVE-2010-1084 CVE-2010-1086 CVE-2010-1087 CVE-2010-1088 CVE-2010-1162 CVE-2010-1173 CVE-2010-1437 CVE-2010-1643 CVE-2010-2240 CVE-2010-2248 CVE-2010-2521 ===================================================================== 1. Summary: Updated kernel-rt packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise MRG 1.2. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: MRG Realtime for RHEL 5 Server - i386, noarch, x86_64 3. Description: These packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * unsafe sprintf() use in the Bluetooth implementation. Creating a large number of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary memory pages being overwritten, allowing a local, unprivileged user to cause a denial of service or escalate their privileges. (CVE-2010-1084, Important) * a flaw in the Unidirectional Lightweight Encapsulation implementation, allowing a remote attacker to send a specially-crafted ISO MPEG-2 Transport Stream frame to a target system, resulting in a denial of service. (CVE-2010-1086, Important) * NULL pointer dereference in nfs_wb_page_cancel(), allowing a local user on a system that has an NFS-mounted file system to cause a denial of service or escalate their privileges on that system. (CVE-2010-1087, Important) * flaw in sctp_process_unk_param(), allowing a remote attacker to send a specially-crafted SCTP packet to an SCTP listening port on a target system, causing a denial of service. (CVE-2010-1173, Important) * race condition between finding a keyring by name and destroying a freed keyring in the key management facility, allowing a local, unprivileged user to cause a denial of service or escalate their privileges. (CVE-2010-1437, Important) * systems using the kernel NFS server to export a shared memory file system and that have the sysctl overcommit_memory variable set to never overcommit (a value of 2; by default, it is set to 0), may experience a NULL pointer dereference, allowing a local, unprivileged user to cause a denial of service or escalate their privileges. (CVE-2008-7256, CVE-2010-1643, Important) * when an application has a stack overflow, the stack could silently overwrite another memory mapped area instead of a segmentation fault occurring, which could lead to local privilege escalation on 64-bit systems. This issue is fixed with an implementation of a stack guard feature. (CVE-2010-2240, Important) * flaw in CIFSSMBWrite() could allow a remote attacker to send a specially-crafted SMB response packet to a target CIFS client, resulting in a denial of service. (CVE-2010-2248, Important) * buffer overflow flaws in the kernel's implementation of the server-side XDR for NFSv4 could allow an attacker on the local network to send a specially-crafted large compound request to the NFSv4 server, possibly resulting in a denial of service or code execution. (CVE-2010-2521, Important) * NULL pointer dereference in the firewire-ohci driver used for OHCI compliant IEEE 1394 controllers could allow a local, unprivileged user with access to /dev/fw* files to issue certain IOCTL calls, causing a denial of service or privilege escalation. The FireWire modules are blacklisted by default. If enabled, only root has access to the files noted above by default. (CVE-2009-4138, Moderate) * flaw in the link_path_walk() function. Using the file descriptor returned by open() with the O_NOFOLLOW flag on a subordinate NFS-mounted file system, could result in a NULL pointer dereference, causing a denial of service or privilege escalation. (CVE-2010-1088, Moderate) * memory leak in release_one_tty() could allow a local, unprivileged user to cause a denial of service. (CVE-2010-1162, Moderate) * information leak in the USB implementation. Certain USB errors could result in an uninitialized kernel buffer being sent to user-space. An attacker with physical access to a target system could use this flaw to cause an information leak. (CVE-2010-1083, Low) Red Hat would like to thank Neil Brown for reporting CVE-2010-1084; Ang Way Chuang for reporting CVE-2010-1086; Jukka Taimisto and Olli Jarva of Codenomicon Ltd, Nokia Siemens Networks, and Wind River on behalf of their customer, for responsibly reporting CVE-2010-1173; the X.Org security team for reporting CVE-2010-2240, with upstream acknowledging Rafal Wojtczuk as the original reporter; and Marcus Meissner for reporting CVE-2010-1083. 4. Solution: Users should upgrade to these updated packages, which contain backported patches to correct these issues and fix the bugs noted in the Kernel Security Update document, linked to in the References. The system must be rebooted for this update to take effect. Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 547236 - CVE-2009-4138 kernel: firewire: ohci: handle receive packets with a data length of zero 555671 - MRG -146/-147 kernels have older broadcom drivers compared with RHEL5.4 562075 - kernel: vfs: add MNT_NOFOLLOW flag to umount(2) [mrg-1] 566624 - CVE-2010-1083 kernel: information leak via userspace USB interface 567184 - CVE-2010-1087 kernel: NFS: Fix an Oops when truncating a file 567813 - CVE-2010-1088 kernel: fix LOOKUP_FOLLOW on automount "symlinks" 569237 - CVE-2010-1086 kernel: dvb-core: DoS bug in ULE decapsulation code 576018 - CVE-2010-1084 kernel: bluetooth: potential bad memory access with sysfs files 582076 - CVE-2010-1162 kernel: tty: release_one_tty() forgets to put pids 584645 - CVE-2010-1173 kernel: sctp: crash due to malformed SCTPChunkInit packet 585094 - CVE-2010-1437 kernel: keyrings: find_keyring_by_name() can gain the freed keyring 594630 - kernel: security: testing the wrong variable in create_by_name() [mrg-1] 595970 - CVE-2008-7256 CVE-2010-1643 kernel: nfsd: fix vm overcommit crash 601210 - Fusion MPT misc device (ioctl) driver too verbose in message/fusion/mptctl.c::mptctl_ioctl() 606611 - CVE-2010-2240 kernel: mm: keep a guard page below a grow-down stack segment 608583 - CVE-2010-2248 kernel: cifs: Fix a kernel BUG with remote OS/2 server 612028 - CVE-2010-2521 kernel: nfsd4: bug in read_buf 6. Package List: MRG Realtime for RHEL 5 Server: Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHEMRG/SRPMS/kernel-rt-2.6.24.7-161.el5rt.src.rpm i386: kernel-rt-2.6.24.7-161.el5rt.i686.rpm kernel-rt-debug-2.6.24.7-161.el5rt.i686.rpm kernel-rt-debug-debuginfo-2.6.24.7-161.el5rt.i686.rpm kernel-rt-debug-devel-2.6.24.7-161.el5rt.i686.rpm kernel-rt-debuginfo-2.6.24.7-161.el5rt.i686.rpm kernel-rt-debuginfo-common-2.6.24.7-161.el5rt.i686.rpm kernel-rt-devel-2.6.24.7-161.el5rt.i686.rpm kernel-rt-trace-2.6.24.7-161.el5rt.i686.rpm kernel-rt-trace-debuginfo-2.6.24.7-161.el5rt.i686.rpm kernel-rt-trace-devel-2.6.24.7-161.el5rt.i686.rpm kernel-rt-vanilla-2.6.24.7-161.el5rt.i686.rpm kernel-rt-vanilla-debuginfo-2.6.24.7-161.el5rt.i686.rpm kernel-rt-vanilla-devel-2.6.24.7-161.el5rt.i686.rpm noarch: kernel-rt-doc-2.6.24.7-161.el5rt.noarch.rpm kernel-rt-firmware-2.6.24.7-161.el5rt.noarch.rpm x86_64: kernel-rt-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-debug-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-debug-debuginfo-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-debug-devel-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-debuginfo-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-debuginfo-common-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-devel-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-trace-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-trace-debuginfo-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-trace-devel-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-vanilla-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-vanilla-debuginfo-2.6.24.7-161.el5rt.x86_64.rpm kernel-rt-vanilla-devel-2.6.24.7-161.el5rt.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2008-7256.html https://www.redhat.com/security/data/cve/CVE-2009-4138.html https://www.redhat.com/security/data/cve/CVE-2010-1083.html https://www.redhat.com/security/data/cve/CVE-2010-1084.html https://www.redhat.com/security/data/cve/CVE-2010-1086.html https://www.redhat.com/security/data/cve/CVE-2010-1087.html https://www.redhat.com/security/data/cve/CVE-2010-1088.html https://www.redhat.com/security/data/cve/CVE-2010-1162.html https://www.redhat.com/security/data/cve/CVE-2010-1173.html https://www.redhat.com/security/data/cve/CVE-2010-1437.html https://www.redhat.com/security/data/cve/CVE-2010-1643.html https://www.redhat.com/security/data/cve/CVE-2010-2240.html https://www.redhat.com/security/data/cve/CVE-2010-2248.html https://www.redhat.com/security/data/cve/CVE-2010-2521.html http://www.redhat.com/security/updates/classification/#important http://www.redhat.com/docs/en-US/errata/RHSA-2010-0631/Kernel_Security_Update/index.html https://access.redhat.com/kb/docs/DOC-31052 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMarMbXlSAg2UNWIIRAggfAKC0sYKQtjtDN+1Ejjuu2IUS8EMR/gCdGxFj Jkg8YiOC+2sBVv8FQuZDo+k= =w/rL -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Aug 19 22:10:32 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 19 Aug 2010 16:10:32 -0600 Subject: [RHSA-2010:0633-01] Important: qspice security update Message-ID: <201008192210.o7JMAWf8012590@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qspice security update Advisory ID: RHSA-2010:0633-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0633.html Issue date: 2010-08-19 CVE Names: CVE-2010-0428 CVE-2010-0429 ===================================================================== 1. Summary: Updated qspice packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Multi OS (v. 5 client) - x86_64 RHEL Virtualization (v. 5 server) - x86_64 3. Description: The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor, or on Red Hat Enterprise Virtualization Hypervisor. It was found that the libspice component of QEMU-KVM on the host did not validate all pointers provided from a guest system's QXL graphics card driver. A privileged guest user could use this flaw to cause the host to dereference an invalid pointer, causing the guest to crash (denial of service) or, possibly, resulting in the privileged guest user escalating their privileges on the host. (CVE-2010-0428) It was found that the libspice component of QEMU-KVM on the host could be forced to perform certain memory management operations on memory addresses controlled by a guest. A privileged guest user could use this flaw to crash the guest (denial of service) or, possibly, escalate their privileges on the host. (CVE-2010-0429) All qspice users should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 568699 - CVE-2010-0428 libspice: Insufficient guest provided pointers validation 568701 - CVE-2010-0429 libspice: Relying on guest provided data structures to indicate memory allocation 6. Package List: RHEL Desktop Multi OS (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/qspice-0.3.0-54.el5_5.2.src.rpm x86_64: qspice-0.3.0-54.el5_5.2.x86_64.rpm qspice-debuginfo-0.3.0-54.el5_5.2.x86_64.rpm qspice-libs-0.3.0-54.el5_5.2.x86_64.rpm qspice-libs-devel-0.3.0-54.el5_5.2.x86_64.rpm RHEL Virtualization (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/qspice-0.3.0-54.el5_5.2.src.rpm x86_64: qspice-0.3.0-54.el5_5.2.x86_64.rpm qspice-debuginfo-0.3.0-54.el5_5.2.x86_64.rpm qspice-libs-0.3.0-54.el5_5.2.x86_64.rpm qspice-libs-devel-0.3.0-54.el5_5.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0428.html https://www.redhat.com/security/data/cve/CVE-2010-0429.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMbavKXlSAg2UNWIIRAn41AKCGLir3Qo2+bn0Q2QmxCP90Cosn8ACgvnUk ZMHG9QH1BCCev0Xy3clQC5E= =3YaG -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Aug 19 22:11:25 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 19 Aug 2010 16:11:25 -0600 Subject: [RHSA-2010:0627-01] Important: kvm security and bug fix update Message-ID: <201008192211.o7JMBP5k019927@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kvm security and bug fix update Advisory ID: RHSA-2010:0627-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0627.html Issue date: 2010-08-19 CVE Names: CVE-2010-0431 CVE-2010-0435 CVE-2010-2784 ===================================================================== 1. Summary: Updated kvm packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Multi OS (v. 5 client) - x86_64 RHEL Virtualization (v. 5 server) - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. It was found that QEMU-KVM on the host did not validate all pointers provided from a guest system's QXL graphics card driver. A privileged guest user could use this flaw to cause the host to dereference an invalid pointer, causing the guest to crash (denial of service) or, possibly, resulting in the privileged guest user escalating their privileges on the host. (CVE-2010-0431) A flaw was found in QEMU-KVM, allowing the guest some control over the index used to access the callback array during sub-page MMIO initialization. A privileged guest user could use this flaw to crash the guest (denial of service) or, possibly, escalate their privileges on the host. (CVE-2010-2784) A NULL pointer dereference flaw was found when the host system had a processor with the Intel VT-x extension enabled. A privileged guest user could use this flaw to trick the host into emulating a certain instruction, which could crash the host (denial of service). (CVE-2010-0435) This update also fixes the following bugs: * running a "qemu-img" check on a faulty virtual machine image ended with a segmentation fault. With this update, the segmentation fault no longer occurs when running the "qemu-img" check. (BZ#610342) * when attempting to transfer a file between two guests that were joined in the same virtual LAN (VLAN), the receiving guest unexpectedly quit. With this update, the transfer completes successfully. (BZ#610343) * installation of a system was occasionally failing in KVM. This was caused by KVM using wrong permissions for large guest pages. With this update, the installation completes successfully. (BZ#616796) * previously, the migration process would fail for a virtual machine because the virtual machine could not map all the memory. This was caused by a conflict that was initiated when a virtual machine was initially run and then migrated right away. With this update, the conflict no longer occurs and the migration process no longer fails. (BZ#618205) * using a thinly provisioned VirtIO disk on iSCSI storage and performing a "qemu-img" check during an "e_no_space" event returned cluster errors. With this update, the errors no longer appear. (BZ#618206) All KVM users should upgrade to these updated packages, which contain backported patches to resolve these issues. Note: The procedure in the Solution section must be performed before this update will take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 The following procedure must be performed before this update will take effect: 1) Stop all KVM guest virtual machines. 2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd. 3) Restart the KVM guest virtual machines. 5. Bugs fixed (http://bugzilla.redhat.com/): 568809 - CVE-2010-0431 qemu: Insufficient guest provided pointers validation 570528 - CVE-2010-0435 kvm: vmx null pointer dereference 610342 - [kvm] segmentation fault when running qemu-img check on faulty image 610343 - Virtio: Transfer file caused guest in same vlan abnormally quit 616796 - KVM uses wrong permissions for large guest pages 618205 - SPICE - race in KVM/Spice would cause migration to fail (slots are not registered properly?) 618206 - [kvm] qemu image check returns cluster errors when using virtIO block (thinly provisioned) during e_no_space events (along with EIO errors) 619411 - CVE-2010-2784 qemu: insufficient constraints checking in exec.c:subpage_register() 6. Package List: RHEL Desktop Multi OS (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kvm-83-164.el5_5.21.src.rpm x86_64: kmod-kvm-83-164.el5_5.21.x86_64.rpm kvm-83-164.el5_5.21.x86_64.rpm kvm-debuginfo-83-164.el5_5.21.x86_64.rpm kvm-qemu-img-83-164.el5_5.21.x86_64.rpm kvm-tools-83-164.el5_5.21.x86_64.rpm RHEL Virtualization (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kvm-83-164.el5_5.21.src.rpm x86_64: kmod-kvm-83-164.el5_5.21.x86_64.rpm kvm-83-164.el5_5.21.x86_64.rpm kvm-debuginfo-83-164.el5_5.21.x86_64.rpm kvm-qemu-img-83-164.el5_5.21.x86_64.rpm kvm-tools-83-164.el5_5.21.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0431.html https://www.redhat.com/security/data/cve/CVE-2010-0435.html https://www.redhat.com/security/data/cve/CVE-2010-2784.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMbav8XlSAg2UNWIIRAhycAKC9A5TMRmlLN5RdnsKUNQgr5R28sgCghviN JRGic7F5Jx0wmM1NkDkGIqo= =8Gbv -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Aug 20 12:23:12 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 20 Aug 2010 14:23:12 +0200 Subject: [RHSA-2010:0636-02] Critical: acroread security update Message-ID: <201008201223.o7KCNCTe002971@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: acroread security update Advisory ID: RHSA-2010:0636-02 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0636.html Issue date: 2010-08-20 CVE Names: CVE-2010-0209 CVE-2010-2213 CVE-2010-2214 CVE-2010-2215 CVE-2010-2216 CVE-2010-2862 ===================================================================== 1. Summary: Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 3. Description: Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes a vulnerability in Adobe Reader. This vulnerability is detailed on the Adobe security page APSB10-17, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2010-2862) Multiple security flaws were found in Adobe Flash Player embedded in Adobe Reader. These vulnerabilities are detailed on the Adobe security page APSB10-16, listed in the References section. A PDF file with embedded specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2010-0209, CVE-2010-2213, CVE-2010-2214, CVE-2010-2215, CVE-2010-2216) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.3.4, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 621687 - CVE-2010-2862 acroread: integer overflow flaw allows remote arbitrary code execution 622947 - CVE-2010-0209 CVE-2010-2213 CVE-2010-2214 CVE-2010-2215 CVE-2010-2216 flash-plugin: multiple security flaws (APSB10-16) 624838 - acroread: multiple critical security flaws (APSB10-17) 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: acroread-9.3.4-1.el4.i386.rpm acroread-plugin-9.3.4-1.el4.i386.rpm x86_64: acroread-9.3.4-1.el4.i386.rpm Red Hat Desktop version 4 Extras: i386: acroread-9.3.4-1.el4.i386.rpm acroread-plugin-9.3.4-1.el4.i386.rpm x86_64: acroread-9.3.4-1.el4.i386.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: acroread-9.3.4-1.el4.i386.rpm acroread-plugin-9.3.4-1.el4.i386.rpm x86_64: acroread-9.3.4-1.el4.i386.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: acroread-9.3.4-1.el4.i386.rpm acroread-plugin-9.3.4-1.el4.i386.rpm x86_64: acroread-9.3.4-1.el4.i386.rpm RHEL Desktop Supplementary (v. 5 client): i386: acroread-9.3.4-1.el5.i386.rpm acroread-plugin-9.3.4-1.el5.i386.rpm x86_64: acroread-9.3.4-1.el5.i386.rpm acroread-plugin-9.3.4-1.el5.i386.rpm RHEL Supplementary (v. 5 server): i386: acroread-9.3.4-1.el5.i386.rpm acroread-plugin-9.3.4-1.el5.i386.rpm x86_64: acroread-9.3.4-1.el5.i386.rpm acroread-plugin-9.3.4-1.el5.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0209.html https://www.redhat.com/security/data/cve/CVE-2010-2213.html https://www.redhat.com/security/data/cve/CVE-2010-2214.html https://www.redhat.com/security/data/cve/CVE-2010-2215.html https://www.redhat.com/security/data/cve/CVE-2010-2216.html https://www.redhat.com/security/data/cve/CVE-2010-2862.html http://www.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb10-16.html http://www.adobe.com/support/security/bulletins/apsb10-17.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMbnMuXlSAg2UNWIIRAi1pAKCOiQTkJsMor89iSpkJ2MJRx8IpiQCeOGy+ wM2F8SBPPChwMCJ9XMJDzP0= =7WgR -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Aug 23 14:44:13 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 23 Aug 2010 10:44:13 -0400 Subject: [RHSA-2010:0643-01] Important: openoffice.org security update Message-ID: <201008231444.o7NEiDfK024896@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: openoffice.org security update Advisory ID: RHSA-2010:0643-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0643.html Issue date: 2010-08-23 CVE Names: CVE-2010-2935 CVE-2010-2936 ===================================================================== 1. Summary: Updated openoffice.org packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ppc, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, x86_64 Red Hat Enterprise Linux WS version 3 - i386, x86_64 Red Hat Enterprise Linux WS version 4 - i386, x86_64 3. Description: OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially-crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2935) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org Impress processed polygons in input documents. An attacker could use this flaw to create a specially-crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2936) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For Red Hat Enterprise Linux 3, this erratum provides updated openoffice.org packages. For Red Hat Enterprise Linux 4, this erratum provides updated openoffice.org and openoffice.org2 packages. All running instances of OpenOffice.org applications must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 622529 - CVE-2010-2935 OpenOffice.Org: Integer truncation error by parsing specially-crafted Microsoft PowerPoint document 622555 - CVE-2010-2936 OpenOffice.org: Heap-based buffer overflow by parsing specially-crafted Microsoft PowerPoint document 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openoffice.org-1.1.2-48.2.0.EL3.src.rpm i386: openoffice.org-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-48.2.0.EL3.i386.rpm x86_64: openoffice.org-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-48.2.0.EL3.i386.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openoffice.org-1.1.2-48.2.0.EL3.src.rpm i386: openoffice.org-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-48.2.0.EL3.i386.rpm x86_64: openoffice.org-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-48.2.0.EL3.i386.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openoffice.org-1.1.2-48.2.0.EL3.src.rpm i386: openoffice.org-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-48.2.0.EL3.i386.rpm x86_64: openoffice.org-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-48.2.0.EL3.i386.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openoffice.org-1.1.2-48.2.0.EL3.src.rpm i386: openoffice.org-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-48.2.0.EL3.i386.rpm x86_64: openoffice.org-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-48.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-48.2.0.EL3.i386.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openoffice.org-1.1.5-10.6.0.7.EL4.5.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.6.src.rpm i386: openoffice.org-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-kde-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm ppc: openoffice.org-1.1.5-10.6.0.7.EL4.5.ppc.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.5.ppc.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.5.ppc.rpm openoffice.org-kde-1.1.5-10.6.0.7.EL4.5.ppc.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.5.ppc.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.6.ppc.rpm x86_64: openoffice.org-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openoffice.org-1.1.5-10.6.0.7.EL4.5.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.6.src.rpm i386: openoffice.org-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-kde-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm x86_64: openoffice.org-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openoffice.org-1.1.5-10.6.0.7.EL4.5.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.6.src.rpm i386: openoffice.org-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-kde-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm x86_64: openoffice.org-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openoffice.org-1.1.5-10.6.0.7.EL4.5.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.6.src.rpm i386: openoffice.org-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-kde-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm x86_64: openoffice.org-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.5.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.6.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-2935.html https://www.redhat.com/security/data/cve/CVE-2010-2936.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMcoj4XlSAg2UNWIIRArJaAKCbqAxS5yZNWkcEOe+8typZZ+ZQ2wCeJ58B ud3q6xKl7KY27fHUhH8CNrc= =iynm -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Aug 25 13:07:10 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 25 Aug 2010 14:07:10 +0100 Subject: [RHSA-2010:0632-03] Moderate: qspice-client security update Message-ID: <201008251307.o7PD7Ae7008687@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: qspice-client security update Advisory ID: RHSA-2010:0632-03 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0632.html Issue date: 2010-08-25 CVE Names: CVE-2010-2792 ===================================================================== 1. Summary: An updated qspice-client package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor, or on Red Hat Enterprise Virtualization Hypervisor. The qspice-client package provides the client side of the SPICE protocol. A race condition was found in the way the SPICE Mozilla Firefox plug-in and the SPICE client communicated. A local attacker could use this flaw to trick the plug-in and the SPICE client into communicating over an attacker-controlled socket, possibly gaining access to authentication details, or resulting in a man-in-the-middle attack on the SPICE connection. (CVE-2010-2792) Users of qspice-client should upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 620350 - CVE-2010-2792 spice-xpi/qspice-client unix socket race 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/qspice-client-0.3.0-4.el5_5.src.rpm i386: qspice-client-0.3.0-4.el5_5.i386.rpm qspice-client-debuginfo-0.3.0-4.el5_5.i386.rpm x86_64: qspice-client-0.3.0-4.el5_5.x86_64.rpm qspice-client-debuginfo-0.3.0-4.el5_5.x86_64.rpm RHEL Optional Productivity Applications (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/qspice-client-0.3.0-4.el5_5.src.rpm i386: qspice-client-0.3.0-4.el5_5.i386.rpm qspice-client-debuginfo-0.3.0-4.el5_5.i386.rpm x86_64: qspice-client-0.3.0-4.el5_5.x86_64.rpm qspice-client-debuginfo-0.3.0-4.el5_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-2792.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMdRVZXlSAg2UNWIIRAvMcAJ9winqbXGnOzNw8zdZKgwAtis3qWACghEps S8ftIzdNQAizgN840HMg14Y= =iIYN -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Aug 25 13:07:27 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 25 Aug 2010 14:07:27 +0100 Subject: [RHSA-2010:0651-01] Moderate: spice-xpi security and bug fix update Message-ID: <201008251307.o7PD7R0k015878@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: spice-xpi security and bug fix update Advisory ID: RHSA-2010:0651-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0651.html Issue date: 2010-08-25 CVE Names: CVE-2010-2792 CVE-2010-2794 ===================================================================== 1. Summary: An updated spice-xpi package that fixes two security issues and three bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor, or on Red Hat Enterprise Virtualization Hypervisor. The spice-xpi package provides a plug-in that allows the SPICE client to run from within Mozilla Firefox. A race condition was found in the way the SPICE Firefox plug-in and the SPICE client communicated. A local attacker could use this flaw to trick the plug-in and the SPICE client into communicating over an attacker-controlled socket, possibly gaining access to authentication details, or resulting in a man-in-the-middle attack on the SPICE connection. (CVE-2010-2792) It was found that the SPICE Firefox plug-in used a predictable name for its log file. A local attacker could use this flaw to conduct a symbolic link attack, allowing them to overwrite arbitrary files accessible to the user running Firefox. (CVE-2010-2794) This update also fixes the following bugs: * a bug prevented users of Red Hat Enterprise Linux 5.5, with all updates applied, from running the SPICE Firefox plug-in when using Firefox 3.6.4. With this update, the plug-in works correctly with Firefox 3.6.4 and the latest version in Red Hat Enterprise Linux 5.5, Firefox 3.6.7. (BZ#618244) * unused code has been removed during source code refactoring. This also resolves a bug in the SPICE Firefox plug-in that caused it to close random file descriptors. (BZ#594006, BZ#619067) Note: This update should be installed together with the RHSA-2010:0632 qspice-client update: https://rhn.redhat.com/errata/RHSA-2010-0632.html Users of spice-xpi should upgrade to this updated package, which contains backported patches to correct these issues. After installing the update, Firefox must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 618244 - SPICE-XPI : Spice cannot be opened from RHEL5.5 client user-portal using FireFox 3.6.4. 620350 - CVE-2010-2792 spice-xpi/qspice-client unix socket race 620356 - CVE-2010-2794 spice-xpi symlink attack 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/spice-xpi-2.2-2.3.el5_5.src.rpm i386: spice-xpi-2.2-2.3.el5_5.i386.rpm spice-xpi-debuginfo-2.2-2.3.el5_5.i386.rpm x86_64: spice-xpi-2.2-2.3.el5_5.x86_64.rpm spice-xpi-debuginfo-2.2-2.3.el5_5.x86_64.rpm RHEL Optional Productivity Applications (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/spice-xpi-2.2-2.3.el5_5.src.rpm i386: spice-xpi-2.2-2.3.el5_5.i386.rpm spice-xpi-debuginfo-2.2-2.3.el5_5.i386.rpm x86_64: spice-xpi-2.2-2.3.el5_5.x86_64.rpm spice-xpi-debuginfo-2.2-2.3.el5_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-2792.html https://www.redhat.com/security/data/cve/CVE-2010-2794.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMdRWLXlSAg2UNWIIRAtxIAKCTtxhkKORTLa3JTaUCJNRqlWTiEQCeL7bM 0KkSLb7ZRxD47bNdABs/E+c= =lQrY -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Aug 25 13:07:46 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 25 Aug 2010 14:07:46 +0100 Subject: [RHSA-2010:0652-01] Moderate: ImageMagick security and bug fix update Message-ID: <201008251307.o7PD7kqh028787@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: ImageMagick security and bug fix update Advisory ID: RHSA-2010:0652-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0652.html Issue date: 2010-08-25 CVE Names: CVE-2009-1882 ===================================================================== 1. Summary: Updated ImageMagick packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) This update also fixes the following bug: * previously, portions of certain RGB images on the right side were not rendered and left black when converting or displaying them. With this update, RGB images display correctly. (BZ#625058) Users of ImageMagick are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of ImageMagick must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 503017 - CVE-2009-1882 ImageMagick, GraphicsMagick: Integer overflow in the routine creating X11 images 625058 - CRM.1902920 - Issue displaying SGI image with ImageMagick 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/ImageMagick-6.2.8.0-4.el5_5.2.src.rpm i386: ImageMagick-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-c++-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-perl-6.2.8.0-4.el5_5.2.i386.rpm x86_64: ImageMagick-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-6.2.8.0-4.el5_5.2.x86_64.rpm ImageMagick-c++-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-c++-6.2.8.0-4.el5_5.2.x86_64.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.x86_64.rpm ImageMagick-perl-6.2.8.0-4.el5_5.2.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/ImageMagick-6.2.8.0-4.el5_5.2.src.rpm i386: ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-devel-6.2.8.0-4.el5_5.2.i386.rpm x86_64: ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.x86_64.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.x86_64.rpm ImageMagick-devel-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-devel-6.2.8.0-4.el5_5.2.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/ImageMagick-6.2.8.0-4.el5_5.2.src.rpm i386: ImageMagick-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-c++-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-devel-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-perl-6.2.8.0-4.el5_5.2.i386.rpm ia64: ImageMagick-6.2.8.0-4.el5_5.2.ia64.rpm ImageMagick-c++-6.2.8.0-4.el5_5.2.ia64.rpm ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.ia64.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.ia64.rpm ImageMagick-devel-6.2.8.0-4.el5_5.2.ia64.rpm ImageMagick-perl-6.2.8.0-4.el5_5.2.ia64.rpm ppc: ImageMagick-6.2.8.0-4.el5_5.2.ppc.rpm ImageMagick-6.2.8.0-4.el5_5.2.ppc64.rpm ImageMagick-c++-6.2.8.0-4.el5_5.2.ppc.rpm ImageMagick-c++-6.2.8.0-4.el5_5.2.ppc64.rpm ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.ppc.rpm ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.ppc64.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.ppc.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.ppc64.rpm ImageMagick-devel-6.2.8.0-4.el5_5.2.ppc.rpm ImageMagick-devel-6.2.8.0-4.el5_5.2.ppc64.rpm ImageMagick-perl-6.2.8.0-4.el5_5.2.ppc.rpm s390x: ImageMagick-6.2.8.0-4.el5_5.2.s390.rpm ImageMagick-6.2.8.0-4.el5_5.2.s390x.rpm ImageMagick-c++-6.2.8.0-4.el5_5.2.s390.rpm ImageMagick-c++-6.2.8.0-4.el5_5.2.s390x.rpm ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.s390.rpm ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.s390x.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.s390.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.s390x.rpm ImageMagick-devel-6.2.8.0-4.el5_5.2.s390.rpm ImageMagick-devel-6.2.8.0-4.el5_5.2.s390x.rpm ImageMagick-perl-6.2.8.0-4.el5_5.2.s390x.rpm x86_64: ImageMagick-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-6.2.8.0-4.el5_5.2.x86_64.rpm ImageMagick-c++-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-c++-6.2.8.0-4.el5_5.2.x86_64.rpm ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.x86_64.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.x86_64.rpm ImageMagick-devel-6.2.8.0-4.el5_5.2.i386.rpm ImageMagick-devel-6.2.8.0-4.el5_5.2.x86_64.rpm ImageMagick-perl-6.2.8.0-4.el5_5.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-1882.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMdRWcXlSAg2UNWIIRAu6pAKCeBhHxBOdZqQQMrjdvEKSu+1e2HwCeMbHr Suvtw2PQaTymC4bGniy2Ibg= =2E2F -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Aug 25 13:08:10 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 25 Aug 2010 14:08:10 +0100 Subject: [RHSA-2010:0653-01] Moderate: ImageMagick security update Message-ID: <201008251308.o7PD8AUP016023@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: ImageMagick security update Advisory ID: RHSA-2010:0653-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0653.html Issue date: 2010-08-25 CVE Names: CVE-2009-1882 ===================================================================== 1. Summary: Updated ImageMagick packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) Users of ImageMagick are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of ImageMagick must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 503017 - CVE-2009-1882 ImageMagick, GraphicsMagick: Integer overflow in the routine creating X11 images 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ImageMagick-6.0.7.1-20.el4_8.1.src.rpm i386: ImageMagick-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.i386.rpm ia64: ImageMagick-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.ia64.rpm ppc: ImageMagick-6.0.7.1-20.el4_8.1.ppc.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.ppc.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.ppc.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.ppc.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.ppc.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.ppc.rpm s390: ImageMagick-6.0.7.1-20.el4_8.1.s390.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.s390.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.s390.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.s390.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.s390.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.s390.rpm s390x: ImageMagick-6.0.7.1-20.el4_8.1.s390x.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.s390x.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.s390x.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.s390x.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.s390x.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.s390x.rpm x86_64: ImageMagick-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ImageMagick-6.0.7.1-20.el4_8.1.src.rpm i386: ImageMagick-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.i386.rpm x86_64: ImageMagick-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ImageMagick-6.0.7.1-20.el4_8.1.src.rpm i386: ImageMagick-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.i386.rpm ia64: ImageMagick-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.ia64.rpm x86_64: ImageMagick-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ImageMagick-6.0.7.1-20.el4_8.1.src.rpm i386: ImageMagick-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.i386.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.i386.rpm ia64: ImageMagick-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.ia64.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.ia64.rpm x86_64: ImageMagick-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-c++-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-devel-6.0.7.1-20.el4_8.1.x86_64.rpm ImageMagick-perl-6.0.7.1-20.el4_8.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-1882.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMdRWxXlSAg2UNWIIRAoj9AKCnQ8wWlt6AzLB1LGm4WAAwx8EhRACgpcFC vpbpz5JuT3TPTTHBvGwrB8A= =GkFg -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Aug 26 18:28:58 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 26 Aug 2010 14:28:58 -0400 Subject: [RHSA-2010:0657-02] Low: gdm security and bug fix update Message-ID: <201008261829.o7QIT1E5014890@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: gdm security and bug fix update Advisory ID: RHSA-2010:0657-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0657.html Issue date: 2010-08-26 CVE Names: CVE-2007-5079 ===================================================================== 1. Summary: An updated gdm package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: The GNOME Display Manager (GDM) is a configurable re-implementation of XDM, the X Display Manager. GDM allows you to log in to your system with the X Window System running, and supports running several different X sessions on your local machine at the same time. A flaw was found in the way the gdm package was built. The gdm package was missing TCP wrappers support on 64-bit platforms, which could result in an administrator believing they had access restrictions enabled when they did not. (CVE-2007-5079) This update also fixes the following bug: * sometimes the system would hang instead of properly shutting down when a user chose "Shut down" from the login screen. (BZ#625818) All users should upgrade to this updated package, which contains backported patches to correct these issues. GDM must be restarted for this update to take effect. Rebooting achieves this, but changing the runlevel from 5 to 3 and back to 5 also restarts GDM. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 181302 - CVE-2007-5079 gdm with xdmcp ignoring tcp_wrappers on x86_64 625818 - gdm/ cannot shutdown system 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gdm-2.6.0.5-7.rhel4.19.el4_8.2.src.rpm i386: gdm-2.6.0.5-7.rhel4.19.el4_8.2.i386.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.i386.rpm ia64: gdm-2.6.0.5-7.rhel4.19.el4_8.2.ia64.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.ia64.rpm ppc: gdm-2.6.0.5-7.rhel4.19.el4_8.2.ppc.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.ppc.rpm s390: gdm-2.6.0.5-7.rhel4.19.el4_8.2.s390.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.s390.rpm s390x: gdm-2.6.0.5-7.rhel4.19.el4_8.2.s390x.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.s390x.rpm x86_64: gdm-2.6.0.5-7.rhel4.19.el4_8.2.x86_64.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gdm-2.6.0.5-7.rhel4.19.el4_8.2.src.rpm i386: gdm-2.6.0.5-7.rhel4.19.el4_8.2.i386.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.i386.rpm x86_64: gdm-2.6.0.5-7.rhel4.19.el4_8.2.x86_64.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gdm-2.6.0.5-7.rhel4.19.el4_8.2.src.rpm i386: gdm-2.6.0.5-7.rhel4.19.el4_8.2.i386.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.i386.rpm ia64: gdm-2.6.0.5-7.rhel4.19.el4_8.2.ia64.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.ia64.rpm x86_64: gdm-2.6.0.5-7.rhel4.19.el4_8.2.x86_64.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gdm-2.6.0.5-7.rhel4.19.el4_8.2.src.rpm i386: gdm-2.6.0.5-7.rhel4.19.el4_8.2.i386.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.i386.rpm ia64: gdm-2.6.0.5-7.rhel4.19.el4_8.2.ia64.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.ia64.rpm x86_64: gdm-2.6.0.5-7.rhel4.19.el4_8.2.x86_64.rpm gdm-debuginfo-2.6.0.5-7.rhel4.19.el4_8.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2007-5079.html http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is <secalert at redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMdrJUXlSAg2UNWIIRAifkAJ9tw2p14WyheWXTj7j147c9pamq9wCgvNbi p/Npl+xb7LFowfRtn3Elys0= =HMxc -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Aug 30 13:49:00 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 30 Aug 2010 09:49:00 -0400 Subject: [RHSA-2010:0659-01] Moderate: httpd security and bug fix update Message-ID: <201008301349.o7UDn1fU014081@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd security and bug fix update Advisory ID: RHSA-2010:0659-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0659.html Issue date: 2010-08-30 CVE Names: CVE-2010-1452 CVE-2010-2791 ===================================================================== 1. Summary: Updated httpd packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The Apache HTTP Server is a popular web server. A flaw was discovered in the way the mod_proxy module of the Apache HTTP Server handled the timeouts of requests forwarded by a reverse proxy to the back-end server. If the proxy was configured to reuse existing back-end connections, it could return a response intended for another user under certain timeout conditions, possibly leading to information disclosure. (CVE-2010-2791) A flaw was found in the way the mod_dav module of the Apache HTTP Server handled certain requests. If a remote attacker were to send a carefully crafted request to the server, it could cause the httpd child process to crash. (CVE-2010-1452) This update also fixes the following bugs: * numerous issues in the INFLATE filter provided by mod_deflate. "Inflate error -5 on flush" errors may have been logged. This update upgrades mod_deflate to the newer upstream version from Apache HTTP Server 2.2.15. (BZ#625435) * the response would be corrupted if mod_filter applied the DEFLATE filter to a resource requiring a subrequest with an internal redirect. (BZ#625451) * the OID() function used in the mod_ssl "SSLRequire" directive did not correctly evaluate extensions of an unknown type. (BZ#625452) All httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 617523 - CVE-2010-2791 httpd: Reverse proxy sends wrong responses after time-outs 618189 - CVE-2010-1452 httpd mod_cache, mod_dav: DoS (httpd child process crash) by parsing URI structure with missing path segments 625435 - mod_deflate/mod_proxy generating 'Inflate error -5 on flush' errors 625451 - [APACHE BUG] filter handling issues with subrequests and internal redirects 625452 - mod_ssl: Further fix for SSLRequire OID() function 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/httpd-2.2.3-43.el5_5.3.src.rpm i386: httpd-2.2.3-43.el5_5.3.i386.rpm httpd-debuginfo-2.2.3-43.el5_5.3.i386.rpm mod_ssl-2.2.3-43.el5_5.3.i386.rpm x86_64: httpd-2.2.3-43.el5_5.3.x86_64.rpm httpd-debuginfo-2.2.3-43.el5_5.3.x86_64.rpm mod_ssl-2.2.3-43.el5_5.3.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/httpd-2.2.3-43.el5_5.3.src.rpm i386: httpd-debuginfo-2.2.3-43.el5_5.3.i386.rpm httpd-devel-2.2.3-43.el5_5.3.i386.rpm httpd-manual-2.2.3-43.el5_5.3.i386.rpm x86_64: httpd-debuginfo-2.2.3-43.el5_5.3.i386.rpm httpd-debuginfo-2.2.3-43.el5_5.3.x86_64.rpm httpd-devel-2.2.3-43.el5_5.3.i386.rpm httpd-devel-2.2.3-43.el5_5.3.x86_64.rpm httpd-manual-2.2.3-43.el5_5.3.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/httpd-2.2.3-43.el5_5.3.src.rpm i386: httpd-2.2.3-43.el5_5.3.i386.rpm httpd-debuginfo-2.2.3-43.el5_5.3.i386.rpm httpd-devel-2.2.3-43.el5_5.3.i386.rpm httpd-manual-2.2.3-43.el5_5.3.i386.rpm mod_ssl-2.2.3-43.el5_5.3.i386.rpm ia64: httpd-2.2.3-43.el5_5.3.ia64.rpm httpd-debuginfo-2.2.3-43.el5_5.3.ia64.rpm httpd-devel-2.2.3-43.el5_5.3.ia64.rpm httpd-manual-2.2.3-43.el5_5.3.ia64.rpm mod_ssl-2.2.3-43.el5_5.3.ia64.rpm ppc: httpd-2.2.3-43.el5_5.3.ppc.rpm httpd-debuginfo-2.2.3-43.el5_5.3.ppc.rpm httpd-debuginfo-2.2.3-43.el5_5.3.ppc64.rpm httpd-devel-2.2.3-43.el5_5.3.ppc.rpm httpd-devel-2.2.3-43.el5_5.3.ppc64.rpm httpd-manual-2.2.3-43.el5_5.3.ppc.rpm mod_ssl-2.2.3-43.el5_5.3.ppc.rpm s390x: httpd-2.2.3-43.el5_5.3.s390x.rpm httpd-debuginfo-2.2.3-43.el5_5.3.s390.rpm httpd-debuginfo-2.2.3-43.el5_5.3.s390x.rpm httpd-devel-2.2.3-43.el5_5.3.s390.rpm httpd-devel-2.2.3-43.el5_5.3.s390x.rpm httpd-manual-2.2.3-43.el5_5.3.s390x.rpm mod_ssl-2.2.3-43.el5_5.3.s390x.rpm x86_64: httpd-2.2.3-43.el5_5.3.x86_64.rpm httpd-debuginfo-2.2.3-43.el5_5.3.i386.rpm httpd-debuginfo-2.2.3-43.el5_5.3.x86_64.rpm httpd-devel-2.2.3-43.el5_5.3.i386.rpm httpd-devel-2.2.3-43.el5_5.3.x86_64.rpm httpd-manual-2.2.3-43.el5_5.3.x86_64.rpm mod_ssl-2.2.3-43.el5_5.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-1452.html https://www.redhat.com/security/data/cve/CVE-2010-2791.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMe7aBXlSAg2UNWIIRAn8qAJ9tqDOUdrJZcI4me5U5G6Sg/gRbaACePRCH iwtHm6Y4gNR7kmbGIH63lLs= =dd24 -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Aug 30 13:51:08 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 30 Aug 2010 09:51:08 -0400 Subject: [RHSA-2010:0660-01] Important: kernel security and bug fix update Message-ID: <201008301351.o7UDp8GI020022@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2010:0660-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0660.html Issue date: 2010-08-30 CVE Names: CVE-2010-2240 CVE-2010-2798 ===================================================================== 1. Summary: Updated kernel packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 5.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5.3.z server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * when an application has a stack overflow, the stack could silently overwrite another memory mapped area instead of a segmentation fault occurring, which could cause an application to execute arbitrary code, possibly leading to privilege escalation. It is known that the X Window System server can be used to trigger this flaw. (CVE-2010-2240, Important) * a miscalculation of the size of the free space of the initial directory entry in a directory leaf block was found in the Linux kernel Global File System 2 (GFS2) implementation. A local, unprivileged user with write access to a GFS2-mounted file system could perform a rename operation on that file system to trigger a NULL pointer dereference, possibly resulting in a denial of service or privilege escalation. (CVE-2010-2798, Important) Red Hat would like to thank the X.Org security team for reporting CVE-2010-2240, with upstream acknowledging Rafal Wojtczuk as the original reporter; and Grant Diffey of CenITex for reporting CVE-2010-2798. This update also fixes the following bugs: * the Red Hat Enterprise Linux 5.3 General Availability (GA) release introduced a regression in iSCSI failover time. While there was heavy I/O on the iSCSI layer, attempting to log out of an iSCSI connection at the same time a network problem was occurring, such as a switch dying or a cable being pulled out, resulted in iSCSI failover taking several minutes. With this update, failover occurs as expected. (BZ#583898) * a bug was found in the way the megaraid_sas driver (for SAS based RAID controllers) handled physical disks and management IOCTLs. All physical disks were exported to the disk layer, allowing an oops in megasas_complete_cmd_dpc() when completing the IOCTL command if a timeout occurred. One possible trigger for this bug was running "mkfs". This update resolves this issue by updating the megaraid_sas driver to version 4.31. (BZ#619362) * this update upgrades the bnx2x driver to version 1.52.1-6, and the bnx2x firmware to version 1.52.1-6, incorporating multiple bug fixes and enhancements. These fixes include: A race condition on systems using the bnx2x driver due to multiqueue being used to transmit data, but only a single queue transmit ON/OFF scheme being used (only a single queue is used with this update); a bug that could have led to a kernel panic when using iSCSI offload; and a bug that caused a firmware crash, causing network devices using the bnx2x driver to lose network connectivity. When this firmware crash occurred, errors such as "timeout polling for state" and "Stop leading failed!" were logged. A system reboot was required to restore network connectivity. (BZ#620663, BZ#620668, BZ#620669, BZ#620665) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 583898 - REGRESSION: Fix iscsi failover time [rhel-5.3.z] 606611 - CVE-2010-2240 kernel: mm: keep a guard page below a grow-down stack segment 620300 - CVE-2010-2798 kernel: gfs2: rename causes kernel panic 620663 - [Broadcom 5.4 FEAT] Update bnx2x to 1.48.105 [rhel-5.3.z] 620665 - [Broadcom 5.5 FEAT] Update bnx2x to 1.52.1-5 [rhel-5.3.z] 620668 - [Broadcom 5.5 feat] Update bnx2x firmware [rhel-5.3.z] 620669 - [Broadcom 5.5 bug] bnx2x: net device is in XON state while the Tx ring is full [rhel-5.3.z] 6. Package List: Red Hat Enterprise Linux (v. 5.3.z server): Source: kernel-2.6.18-128.23.1.el5.src.rpm i386: kernel-2.6.18-128.23.1.el5.i686.rpm kernel-PAE-2.6.18-128.23.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-128.23.1.el5.i686.rpm kernel-PAE-devel-2.6.18-128.23.1.el5.i686.rpm kernel-debug-2.6.18-128.23.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-128.23.1.el5.i686.rpm kernel-debug-devel-2.6.18-128.23.1.el5.i686.rpm kernel-debuginfo-2.6.18-128.23.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-128.23.1.el5.i686.rpm kernel-devel-2.6.18-128.23.1.el5.i686.rpm kernel-headers-2.6.18-128.23.1.el5.i386.rpm kernel-xen-2.6.18-128.23.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-128.23.1.el5.i686.rpm kernel-xen-devel-2.6.18-128.23.1.el5.i686.rpm ia64: kernel-2.6.18-128.23.1.el5.ia64.rpm kernel-debug-2.6.18-128.23.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-128.23.1.el5.ia64.rpm kernel-debug-devel-2.6.18-128.23.1.el5.ia64.rpm kernel-debuginfo-2.6.18-128.23.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-128.23.1.el5.ia64.rpm kernel-devel-2.6.18-128.23.1.el5.ia64.rpm kernel-headers-2.6.18-128.23.1.el5.ia64.rpm kernel-xen-2.6.18-128.23.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-128.23.1.el5.ia64.rpm kernel-xen-devel-2.6.18-128.23.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-128.23.1.el5.noarch.rpm ppc: kernel-2.6.18-128.23.1.el5.ppc64.rpm kernel-debug-2.6.18-128.23.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-128.23.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-128.23.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-128.23.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-128.23.1.el5.ppc64.rpm kernel-devel-2.6.18-128.23.1.el5.ppc64.rpm kernel-headers-2.6.18-128.23.1.el5.ppc.rpm kernel-headers-2.6.18-128.23.1.el5.ppc64.rpm kernel-kdump-2.6.18-128.23.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-128.23.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-128.23.1.el5.ppc64.rpm s390x: kernel-2.6.18-128.23.1.el5.s390x.rpm kernel-debug-2.6.18-128.23.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-128.23.1.el5.s390x.rpm kernel-debug-devel-2.6.18-128.23.1.el5.s390x.rpm kernel-debuginfo-2.6.18-128.23.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-128.23.1.el5.s390x.rpm kernel-devel-2.6.18-128.23.1.el5.s390x.rpm kernel-headers-2.6.18-128.23.1.el5.s390x.rpm kernel-kdump-2.6.18-128.23.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-128.23.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-128.23.1.el5.s390x.rpm x86_64: kernel-2.6.18-128.23.1.el5.x86_64.rpm kernel-debug-2.6.18-128.23.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-128.23.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-128.23.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-128.23.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-128.23.1.el5.x86_64.rpm kernel-devel-2.6.18-128.23.1.el5.x86_64.rpm kernel-headers-2.6.18-128.23.1.el5.x86_64.rpm kernel-xen-2.6.18-128.23.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-128.23.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-128.23.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-2240.html https://www.redhat.com/security/data/cve/CVE-2010-2798.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMe7cDXlSAg2UNWIIRAh1iAJ4iTOn8N3Zs/LVv/C8O23zDJoOwuACgsFTt x1gmBN3M/Nd4AO3nLXALuGQ= =QKGr -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Aug 30 13:53:42 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 30 Aug 2010 09:53:42 -0400 Subject: [RHSA-2010:0661-01] Important: kernel security update Message-ID: <201008301353.o7UDrge7023882@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2010:0661-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0661.html Issue date: 2010-08-30 CVE Names: CVE-2010-2240 ===================================================================== 1. Summary: Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * when an application has a stack overflow, the stack could silently overwrite another memory mapped area instead of a segmentation fault occurring, which could cause an application to execute arbitrary code, possibly leading to privilege escalation. It is known that the X Window System server can be used to trigger this flaw. (CVE-2010-2240, Important) Red Hat would like to thank the X.Org security team for reporting this issue. Upstream acknowledges Rafal Wojtczuk as the original reporter. Users should upgrade to these updated packages, which contain backported patches to correct this issue. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 606611 - CVE-2010-2240 kernel: mm: keep a guard page below a grow-down stack segment 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-194.11.3.el5.src.rpm i386: kernel-2.6.18-194.11.3.el5.i686.rpm kernel-PAE-2.6.18-194.11.3.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-194.11.3.el5.i686.rpm kernel-PAE-devel-2.6.18-194.11.3.el5.i686.rpm kernel-debug-2.6.18-194.11.3.el5.i686.rpm kernel-debug-debuginfo-2.6.18-194.11.3.el5.i686.rpm kernel-debug-devel-2.6.18-194.11.3.el5.i686.rpm kernel-debuginfo-2.6.18-194.11.3.el5.i686.rpm kernel-debuginfo-common-2.6.18-194.11.3.el5.i686.rpm kernel-devel-2.6.18-194.11.3.el5.i686.rpm kernel-headers-2.6.18-194.11.3.el5.i386.rpm kernel-xen-2.6.18-194.11.3.el5.i686.rpm kernel-xen-debuginfo-2.6.18-194.11.3.el5.i686.rpm kernel-xen-devel-2.6.18-194.11.3.el5.i686.rpm noarch: kernel-doc-2.6.18-194.11.3.el5.noarch.rpm x86_64: kernel-2.6.18-194.11.3.el5.x86_64.rpm kernel-debug-2.6.18-194.11.3.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-194.11.3.el5.x86_64.rpm kernel-debug-devel-2.6.18-194.11.3.el5.x86_64.rpm kernel-debuginfo-2.6.18-194.11.3.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-194.11.3.el5.x86_64.rpm kernel-devel-2.6.18-194.11.3.el5.x86_64.rpm kernel-headers-2.6.18-194.11.3.el5.x86_64.rpm kernel-xen-2.6.18-194.11.3.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-194.11.3.el5.x86_64.rpm kernel-xen-devel-2.6.18-194.11.3.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-194.11.3.el5.src.rpm i386: kernel-2.6.18-194.11.3.el5.i686.rpm kernel-PAE-2.6.18-194.11.3.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-194.11.3.el5.i686.rpm kernel-PAE-devel-2.6.18-194.11.3.el5.i686.rpm kernel-debug-2.6.18-194.11.3.el5.i686.rpm kernel-debug-debuginfo-2.6.18-194.11.3.el5.i686.rpm kernel-debug-devel-2.6.18-194.11.3.el5.i686.rpm kernel-debuginfo-2.6.18-194.11.3.el5.i686.rpm kernel-debuginfo-common-2.6.18-194.11.3.el5.i686.rpm kernel-devel-2.6.18-194.11.3.el5.i686.rpm kernel-headers-2.6.18-194.11.3.el5.i386.rpm kernel-xen-2.6.18-194.11.3.el5.i686.rpm kernel-xen-debuginfo-2.6.18-194.11.3.el5.i686.rpm kernel-xen-devel-2.6.18-194.11.3.el5.i686.rpm ia64: kernel-2.6.18-194.11.3.el5.ia64.rpm kernel-debug-2.6.18-194.11.3.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-194.11.3.el5.ia64.rpm kernel-debug-devel-2.6.18-194.11.3.el5.ia64.rpm kernel-debuginfo-2.6.18-194.11.3.el5.ia64.rpm kernel-debuginfo-common-2.6.18-194.11.3.el5.ia64.rpm kernel-devel-2.6.18-194.11.3.el5.ia64.rpm kernel-headers-2.6.18-194.11.3.el5.ia64.rpm kernel-xen-2.6.18-194.11.3.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-194.11.3.el5.ia64.rpm kernel-xen-devel-2.6.18-194.11.3.el5.ia64.rpm noarch: kernel-doc-2.6.18-194.11.3.el5.noarch.rpm ppc: kernel-2.6.18-194.11.3.el5.ppc64.rpm kernel-debug-2.6.18-194.11.3.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-194.11.3.el5.ppc64.rpm kernel-debug-devel-2.6.18-194.11.3.el5.ppc64.rpm kernel-debuginfo-2.6.18-194.11.3.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-194.11.3.el5.ppc64.rpm kernel-devel-2.6.18-194.11.3.el5.ppc64.rpm kernel-headers-2.6.18-194.11.3.el5.ppc.rpm kernel-headers-2.6.18-194.11.3.el5.ppc64.rpm kernel-kdump-2.6.18-194.11.3.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-194.11.3.el5.ppc64.rpm kernel-kdump-devel-2.6.18-194.11.3.el5.ppc64.rpm s390x: kernel-2.6.18-194.11.3.el5.s390x.rpm kernel-debug-2.6.18-194.11.3.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-194.11.3.el5.s390x.rpm kernel-debug-devel-2.6.18-194.11.3.el5.s390x.rpm kernel-debuginfo-2.6.18-194.11.3.el5.s390x.rpm kernel-debuginfo-common-2.6.18-194.11.3.el5.s390x.rpm kernel-devel-2.6.18-194.11.3.el5.s390x.rpm kernel-headers-2.6.18-194.11.3.el5.s390x.rpm kernel-kdump-2.6.18-194.11.3.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-194.11.3.el5.s390x.rpm kernel-kdump-devel-2.6.18-194.11.3.el5.s390x.rpm x86_64: kernel-2.6.18-194.11.3.el5.x86_64.rpm kernel-debug-2.6.18-194.11.3.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-194.11.3.el5.x86_64.rpm kernel-debug-devel-2.6.18-194.11.3.el5.x86_64.rpm kernel-debuginfo-2.6.18-194.11.3.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-194.11.3.el5.x86_64.rpm kernel-devel-2.6.18-194.11.3.el5.x86_64.rpm kernel-headers-2.6.18-194.11.3.el5.x86_64.rpm kernel-xen-2.6.18-194.11.3.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-194.11.3.el5.x86_64.rpm kernel-xen-devel-2.6.18-194.11.3.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-2240.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMe7esXlSAg2UNWIIRAoxQAJsGn/Oj6y3NyxNXcP85vioDZc/NdACglFFK p3qF3hHzmWaBnlhWD/tgnk8= =gwaQ -----END PGP SIGNATURE-----