From bugzilla at redhat.com Tue Feb 2 20:44:55 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 2 Feb 2010 15:44:55 -0500 Subject: [RHSA-2010:0076-01] Important: kernel security and bug fix update Message-ID: <201002022044.o12Kit10015785@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2010:0076-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0076.html Issue date: 2010-02-02 CVE Names: CVE-2009-3080 CVE-2009-3889 CVE-2009-3939 CVE-2009-4005 CVE-2009-4020 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * an array index error was found in the gdth driver in the Linux kernel. A local user could send a specially-crafted IOCTL request that would cause a denial of service or, possibly, privilege escalation. (CVE-2009-3080, Important) * a flaw was found in the collect_rx_frame() function in the HiSax ISDN driver (hfc_usb) in the Linux kernel. An attacker could use this flaw to send a specially-crafted HDLC packet that could trigger a buffer out of bounds, possibly resulting in a denial of service. (CVE-2009-4005, Important) * permission issues were found in the megaraid_sas driver (for SAS based RAID controllers) in the Linux kernel. The "dbg_lvl" and "poll_mode_io" files on the sysfs file system ("/sys/") had world-writable permissions. This could allow local, unprivileged users to change the behavior of the driver. (CVE-2009-3889, CVE-2009-3939, Moderate) * a buffer overflow flaw was found in the hfs_bnode_read() function in the HFS file system implementation in the Linux kernel. This could lead to a denial of service if a user browsed a specially-crafted HFS file system, for example, by running "ls". (CVE-2009-4020, Low) This update also fixes the following bugs: * if a process was using ptrace() to trace a multi-threaded process, and that multi-threaded process dumped its core, the process performing the trace could hang in wait4(). This issue could be triggered by running "strace -f" on a multi-threaded process that was dumping its core, resulting in the strace command hanging. (BZ#555869) * a bug in the ptrace() implementation could have, in some cases, caused ptrace_detach() to create a zombie process if the process being traced was terminated with a SIGKILL signal. (BZ#555869) * the RHSA-2010:0020 update resolved an issue (CVE-2009-4537) in the Realtek r8169 Ethernet driver. This update implements a better solution for that issue. Note: This is not a security regression. The original fix was complete. This update is adding the official upstream fix. (BZ#556406) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 526068 - CVE-2009-3889 CVE-2009-3939 kernel: megaraid_sas permissions in sysfs 539414 - CVE-2009-3080 kernel: gdth: Prevent negative offsets in ioctl 539435 - CVE-2009-4005 kernel: isdn: hfc_usb: fix read buffer overflow 540736 - CVE-2009-4020 kernel: hfs buffer overflow 555869 - [4.7] wait4 blocks on non-existing pid [rhel-4.8.z] 556406 - kernel: r8169: straighten out overlength frame detection (improved) [rhel-4.9] [rhel-4.8.z] 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-89.0.20.EL.src.rpm i386: kernel-2.6.9-89.0.20.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.20.EL.i686.rpm kernel-devel-2.6.9-89.0.20.EL.i686.rpm kernel-hugemem-2.6.9-89.0.20.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.20.EL.i686.rpm kernel-smp-2.6.9-89.0.20.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.20.EL.i686.rpm kernel-xenU-2.6.9-89.0.20.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.20.EL.i686.rpm ia64: kernel-2.6.9-89.0.20.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.20.EL.ia64.rpm kernel-devel-2.6.9-89.0.20.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.20.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.20.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.20.EL.noarch.rpm ppc: kernel-2.6.9-89.0.20.EL.ppc64.rpm kernel-2.6.9-89.0.20.EL.ppc64iseries.rpm kernel-debuginfo-2.6.9-89.0.20.EL.ppc64.rpm kernel-debuginfo-2.6.9-89.0.20.EL.ppc64iseries.rpm kernel-devel-2.6.9-89.0.20.EL.ppc64.rpm kernel-devel-2.6.9-89.0.20.EL.ppc64iseries.rpm kernel-largesmp-2.6.9-89.0.20.EL.ppc64.rpm kernel-largesmp-devel-2.6.9-89.0.20.EL.ppc64.rpm s390: kernel-2.6.9-89.0.20.EL.s390.rpm kernel-debuginfo-2.6.9-89.0.20.EL.s390.rpm kernel-devel-2.6.9-89.0.20.EL.s390.rpm s390x: kernel-2.6.9-89.0.20.EL.s390x.rpm kernel-debuginfo-2.6.9-89.0.20.EL.s390x.rpm kernel-devel-2.6.9-89.0.20.EL.s390x.rpm x86_64: kernel-2.6.9-89.0.20.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.20.EL.x86_64.rpm kernel-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.20.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-smp-2.6.9-89.0.20.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.20.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.20.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-89.0.20.EL.src.rpm i386: kernel-2.6.9-89.0.20.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.20.EL.i686.rpm kernel-devel-2.6.9-89.0.20.EL.i686.rpm kernel-hugemem-2.6.9-89.0.20.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.20.EL.i686.rpm kernel-smp-2.6.9-89.0.20.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.20.EL.i686.rpm kernel-xenU-2.6.9-89.0.20.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.20.EL.i686.rpm noarch: kernel-doc-2.6.9-89.0.20.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.20.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.20.EL.x86_64.rpm kernel-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.20.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-smp-2.6.9-89.0.20.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.20.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.20.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-89.0.20.EL.src.rpm i386: kernel-2.6.9-89.0.20.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.20.EL.i686.rpm kernel-devel-2.6.9-89.0.20.EL.i686.rpm kernel-hugemem-2.6.9-89.0.20.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.20.EL.i686.rpm kernel-smp-2.6.9-89.0.20.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.20.EL.i686.rpm kernel-xenU-2.6.9-89.0.20.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.20.EL.i686.rpm ia64: kernel-2.6.9-89.0.20.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.20.EL.ia64.rpm kernel-devel-2.6.9-89.0.20.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.20.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.20.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.20.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.20.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.20.EL.x86_64.rpm kernel-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.20.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-smp-2.6.9-89.0.20.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.20.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.20.EL.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-89.0.20.EL.src.rpm i386: kernel-2.6.9-89.0.20.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.20.EL.i686.rpm kernel-devel-2.6.9-89.0.20.EL.i686.rpm kernel-hugemem-2.6.9-89.0.20.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.20.EL.i686.rpm kernel-smp-2.6.9-89.0.20.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.20.EL.i686.rpm kernel-xenU-2.6.9-89.0.20.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.20.EL.i686.rpm ia64: kernel-2.6.9-89.0.20.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.20.EL.ia64.rpm kernel-devel-2.6.9-89.0.20.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.20.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.20.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.20.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.20.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.20.EL.x86_64.rpm kernel-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.20.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-smp-2.6.9-89.0.20.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.20.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.20.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.20.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-3080.html https://www.redhat.com/security/data/cve/CVE-2009-3889.html https://www.redhat.com/security/data/cve/CVE-2009-3939.html https://www.redhat.com/security/data/cve/CVE-2009-4005.html https://www.redhat.com/security/data/cve/CVE-2009-4020.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLaI5xXlSAg2UNWIIRApx1AJ9JkeyBnigrm4x+Iqab/AudXflzKACdFgYF qwKc3jZBKrpF4g50ZePMaXc= =zBXZ -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 2 21:04:18 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 2 Feb 2010 16:04:18 -0500 Subject: [RHSA-2010:0079-01] Important: kernel security and bug fix update Message-ID: <201002022104.o12L4JqF020601@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2010:0079-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0079.html Issue date: 2010-02-02 CVE Names: CVE-2007-4567 CVE-2007-5966 CVE-2009-0778 CVE-2009-0834 CVE-2009-1385 CVE-2009-1895 CVE-2009-4536 CVE-2009-4537 CVE-2009-4538 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5.2.z server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * a flaw was found in the IPv6 Extension Header (EH) handling implementation in the Linux kernel. The skb->dst data structure was not properly validated in the ipv6_hop_jumbo() function. This could possibly lead to a remote denial of service. (CVE-2007-4567, Important) * the possibility of a timeout value overflow was found in the Linux kernel high-resolution timers functionality, hrtimers. This could allow a local, unprivileged user to execute arbitrary code, or cause a denial of service (kernel panic). (CVE-2007-5966, Important) * memory leaks were found on some error paths in the icmp_send() function in the Linux kernel. This could, potentially, cause the network connectivity to cease. (CVE-2009-0778, Important) * a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the "syscall" number or arguments. (CVE-2009-0834, Important) * a flaw was found in the Intel PRO/1000 Linux driver (e1000) in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially-crafted packet that would cause a denial of service or code execution. (CVE-2009-1385, Important) * the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw to bypass the mmap_min_addr protection mechanism and perform a NULL pointer dereference attack, or bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2009-1895, Important) * a flaw was found in each of the following Intel PRO/1000 Linux drivers in the Linux kernel: e1000 and e1000e. A remote attacker using packets larger than the MTU could bypass the existing fragment check, resulting in partial, invalid frames being passed to the network stack. These flaws could also possibly be used to trigger a remote denial of service. (CVE-2009-4536, CVE-2009-4538, Important) * a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. Receiving overly-long frames with a certain revision of the network cards supported by this driver could possibly result in a remote denial of service. (CVE-2009-4537, Important) Note: This update also fixes several bugs. Documentation for these bug fixes will be available shortly from www.redhat.com/docs/en-US/errata/RHSA-2010-0079/Kernel_Security_Update/ index.html Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 453135 - CVE-2007-5966 kernel: non-root can trigger cpu_idle soft lockup 485163 - CVE-2009-0778 kernel: rt_cache leak leads to lack of network connectivity 487990 - CVE-2009-0834 kernel: x86-64: syscall-audit: 32/64 syscall hole 502981 - CVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service 511171 - CVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID 524179 - Frequent path failures during I/O on DM multipath devices [rhel-5.2.z] 546226 - RHEL5.2/3 - setpgid() returns ESRCH in some situations [rhel-5.2.z] 546227 - [5.3] clock_gettime() syscall returns a smaller timespec value than previous. [rhel-5.2.z] 546228 - [5.3] The nanosleep() syscall sleeps one second longer. [rhel-5.2.z] 546229 - [RHEL 5] gen_estimator deadlock fix [rhel-5.2.z] 546230 - softlockups due to infinite loops in posix_locks_deadlock [rhel-5.2.z] 546231 - crm #1896100 port epoll_wait fix from RHSA-2008-0665 to RHEL 5 [rhel-5.2.z] 546232 - NFS problem#3 of IT 106473 - 32-bit jiffy wrap around - NFS inode [rhel-5.2.z] 546233 - [RHEL5.2] nfs_getattr() hangs during heavy write workloads [rhel-5.2.z] 546234 - Deadlock in flush_workqueue() results in hung nfs clients [rhel-5.2.z] 546236 - Kernel panic in auth_rpcgss:__gss_find_upcall [rhel-5.2.z] 547299 - RHEL5.3.z LTP nanosleep02 Test Case Failure on Fujitsu Machine [rhel-5.2.z] 548074 - [5.3]Write operation with O_NONBLOCK flag to TTY terminal is blocked [rhel-5.2.z] 548641 - CVE-2007-4567 kernel: ipv6_hop_jumbo remote system crash 550907 - CVE-2009-4537 kernel: r8169 issue reported at 26c3 551214 - CVE-2009-4538 kernel: e1000e frame fragment issue 552126 - CVE-2009-4536 kernel: e1000 issue reported at 26c3 553133 - RHSA-2008:0508 linux-2.6.9-x86_64-copy_user-zero-tail.patch broken [rhel-5.2.z] 555052 - setitimer(ITIMER_REAL, ...) failing in 64bit enviroment [rhel-5.2.z] 6. Package List: Red Hat Enterprise Linux (v. 5.2.z server): Source: kernel-2.6.18-92.1.35.el5.src.rpm i386: kernel-2.6.18-92.1.35.el5.i686.rpm kernel-PAE-2.6.18-92.1.35.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-92.1.35.el5.i686.rpm kernel-PAE-devel-2.6.18-92.1.35.el5.i686.rpm kernel-debug-2.6.18-92.1.35.el5.i686.rpm kernel-debug-debuginfo-2.6.18-92.1.35.el5.i686.rpm kernel-debug-devel-2.6.18-92.1.35.el5.i686.rpm kernel-debuginfo-2.6.18-92.1.35.el5.i686.rpm kernel-debuginfo-common-2.6.18-92.1.35.el5.i686.rpm kernel-devel-2.6.18-92.1.35.el5.i686.rpm kernel-headers-2.6.18-92.1.35.el5.i386.rpm kernel-xen-2.6.18-92.1.35.el5.i686.rpm kernel-xen-debuginfo-2.6.18-92.1.35.el5.i686.rpm kernel-xen-devel-2.6.18-92.1.35.el5.i686.rpm ia64: kernel-2.6.18-92.1.35.el5.ia64.rpm kernel-debug-2.6.18-92.1.35.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-92.1.35.el5.ia64.rpm kernel-debug-devel-2.6.18-92.1.35.el5.ia64.rpm kernel-debuginfo-2.6.18-92.1.35.el5.ia64.rpm kernel-debuginfo-common-2.6.18-92.1.35.el5.ia64.rpm kernel-devel-2.6.18-92.1.35.el5.ia64.rpm kernel-headers-2.6.18-92.1.35.el5.ia64.rpm kernel-xen-2.6.18-92.1.35.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-92.1.35.el5.ia64.rpm kernel-xen-devel-2.6.18-92.1.35.el5.ia64.rpm noarch: kernel-doc-2.6.18-92.1.35.el5.noarch.rpm ppc: kernel-2.6.18-92.1.35.el5.ppc64.rpm kernel-debug-2.6.18-92.1.35.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-92.1.35.el5.ppc64.rpm kernel-debug-devel-2.6.18-92.1.35.el5.ppc64.rpm kernel-debuginfo-2.6.18-92.1.35.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-92.1.35.el5.ppc64.rpm kernel-devel-2.6.18-92.1.35.el5.ppc64.rpm kernel-headers-2.6.18-92.1.35.el5.ppc.rpm kernel-headers-2.6.18-92.1.35.el5.ppc64.rpm kernel-kdump-2.6.18-92.1.35.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-92.1.35.el5.ppc64.rpm kernel-kdump-devel-2.6.18-92.1.35.el5.ppc64.rpm s390x: kernel-2.6.18-92.1.35.el5.s390x.rpm kernel-debug-2.6.18-92.1.35.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-92.1.35.el5.s390x.rpm kernel-debug-devel-2.6.18-92.1.35.el5.s390x.rpm kernel-debuginfo-2.6.18-92.1.35.el5.s390x.rpm kernel-debuginfo-common-2.6.18-92.1.35.el5.s390x.rpm kernel-devel-2.6.18-92.1.35.el5.s390x.rpm kernel-headers-2.6.18-92.1.35.el5.s390x.rpm kernel-kdump-2.6.18-92.1.35.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-92.1.35.el5.s390x.rpm kernel-kdump-devel-2.6.18-92.1.35.el5.s390x.rpm x86_64: kernel-2.6.18-92.1.35.el5.x86_64.rpm kernel-debug-2.6.18-92.1.35.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-92.1.35.el5.x86_64.rpm kernel-debug-devel-2.6.18-92.1.35.el5.x86_64.rpm kernel-debuginfo-2.6.18-92.1.35.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-92.1.35.el5.x86_64.rpm kernel-devel-2.6.18-92.1.35.el5.x86_64.rpm kernel-headers-2.6.18-92.1.35.el5.x86_64.rpm kernel-xen-2.6.18-92.1.35.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-92.1.35.el5.x86_64.rpm kernel-xen-devel-2.6.18-92.1.35.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2007-4567.html https://www.redhat.com/security/data/cve/CVE-2007-5966.html https://www.redhat.com/security/data/cve/CVE-2009-0778.html https://www.redhat.com/security/data/cve/CVE-2009-0834.html https://www.redhat.com/security/data/cve/CVE-2009-1385.html https://www.redhat.com/security/data/cve/CVE-2009-1895.html https://www.redhat.com/security/data/cve/CVE-2009-4536.html https://www.redhat.com/security/data/cve/CVE-2009-4537.html https://www.redhat.com/security/data/cve/CVE-2009-4538.html http://www.redhat.com/security/updates/classification/#important www.redhat.com/docs/en-US/errata/RHSA-2010-0079/Kernel_Security_Update/index.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLaJNIXlSAg2UNWIIRAsQrAKC7nYXA7y9ze6eL7xMo2MCZqDnzYgCfX1Wn V6eoXfbGsp1woczITyf7nQ4= =BfMH -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 9 12:14:12 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 9 Feb 2010 07:14:12 -0500 Subject: [RHSA-2010:0088-02] Important: kvm security and bug fix update Message-ID: <201002091214.o19CECtG031269@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kvm security and bug fix update Advisory ID: RHSA-2010:0088-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0088.html Issue date: 2010-02-09 CVE Names: CVE-2010-0297 CVE-2010-0298 CVE-2010-0306 CVE-2010-0309 ===================================================================== 1. Summary: Updated kvm packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Multi OS (v. 5 client) - x86_64 RHEL Virtualization (v. 5 server) - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. The x86 emulator implementation was missing a check for the Current Privilege Level (CPL) and I/O Privilege Level (IOPL). A user in a guest could leverage these flaws to cause a denial of service (guest crash) or possibly escalate their privileges within that guest. (CVE-2010-0298, CVE-2010-0306) A flaw was found in the Programmable Interval Timer (PIT) emulation. Access to the internal data structure pit_state, which represents the data state of the emulated PIT, was not properly validated in the pit_ioport_read() function. A privileged guest user could use this flaw to crash the host. (CVE-2010-0309) A flaw was found in the USB passthrough handling code. A specially-crafted USB packet sent from inside a guest could be used to trigger a buffer overflow in the usb_host_handle_control() function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to cause a denial of service (guest hang or crash) or possibly escalate their privileges within the host. (CVE-2010-0297) This update also fixes the following bugs: * pvclock MSR values were not preserved during remote migration, causing time drift for guests. (BZ#537028) * SMBIOS table 4 data is now generated for Windows guests. (BZ#545874) * if the qemu-kvm "-net user" option was used, unattended Windows XP installations did not receive an IP address after reboot. (BZ#546562) * when being restored from migration, a race condition caused Windows Server 2008 R2 guests to hang during shutdown. (BZ#546563) * the kernel symbol checking on the kvm-kmod build process has a safety check for ABI changes. (BZ#547293) * on hosts without high-res timers, Windows Server 2003 guests experienced significant time drift. (BZ#547625) * in some situations, installing Windows Server 2008 R2 from an ISO image resulted in a blue screen "BAD_POOL_HEADER" stop error. (BZ#548368) * a bug in the grow_refcount_table() error handling caused infinite recursion in some cases. This caused the qemu-kvm process to hang and eventually crash. (BZ#552159) * for Windows Server 2003 R2, Service Pack 2, 32-bit guests, an "unhandled vm exit" error could occur during reboot on some systems. (BZ#552518) * for Windows guests, QEMU could attempt to stop a stopped audio device, resulting in a "snd_playback_stop: ASSERT playback_channel->base.active failed" error. (BZ#552519) * the Hypercall driver did not reset the device on power-down. (BZ#552528) * mechanisms have been added to make older savevm versions to be emitted in some cases. (BZ#552529) * an error in the Makefile prevented users from using the source RPM to install KVM. (BZ#552530) * guests became unresponsive and could use up to 100% CPU when running certain benchmark tests with more than 7 guests running simultaneously. (BZ#553249) * QEMU could terminate randomly with virtio-net and SMP enabled. (BZ#561022) All KVM users should upgrade to these updated packages, which contain backported patches to resolve these issues. Note: The procedure in the Solution section must be performed before this update will take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 The following procedure must be performed before this update will take effect: 1) Stop all KVM guest virtual machines. 2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd. 3) Restart the KVM guest virtual machines. 5. Bugs fixed (http://bugzilla.redhat.com/): 537028 - pvclock msr values are not preserved across remote migration 545874 - Need to generate SMBIOS table 4 data for windows guests 546562 - Windows XP unattended install doesn't get an IP address after rebooting, if using -net user 546563 - Windows Server 2008 R2 shutdown hangs after restore from migration 547293 - kvm kmod package should filter only some specific ksym dependencies 547625 - time drift in win2k364 KVM guest 548368 - BSOD BAD_POOL_HEADER STOP 0x19 during boot of Windows Server 2008 R2 installer 552159 - qcow2: infinite recursion on grow_refcount_table() error handling 552518 - Rhev-Block driver causes 'unhandled vm exit' with 32bit win2k3r2sp2 Guest VM on restart 552519 - KVM : QEMU-Audio attempting to stop unactivated audio device (snd_playback_stop: ASSERT playback_channel->base.active failed). 552528 - Hypercall driver doesn't reset device on power-down 552529 - kvm: migration: mechanism to make older savevm versions to be emitted on some cases 552530 - Build tree for RHEL 5.X and RHEL 5.4.z contains build bugs 553249 - hypercall device - Vm becomes non responsive on Sysmark benchmark (when more than 7 vm's running simultaneously) 557025 - CVE-2010-0297 kvm-userspace-rhel5: usb-linux.c: fix buffer overflow 559091 - CVE-2010-0298 kvm: emulator privilege escalation 560654 - CVE-2010-0306 kvm: emulator privilege escalation IOPL/CPL level check 560887 - CVE-2010-0309 kvm: cat /dev/port in guest cause the host hang 561022 - QEMU terminates without warning with virtio-net and SMP enabled 6. Package List: RHEL Desktop Multi OS (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kvm-83-105.el5_4.22.src.rpm x86_64: kmod-kvm-83-105.el5_4.22.x86_64.rpm kvm-83-105.el5_4.22.x86_64.rpm kvm-debuginfo-83-105.el5_4.22.x86_64.rpm kvm-qemu-img-83-105.el5_4.22.x86_64.rpm kvm-tools-83-105.el5_4.22.x86_64.rpm RHEL Virtualization (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kvm-83-105.el5_4.22.src.rpm x86_64: kmod-kvm-83-105.el5_4.22.x86_64.rpm kvm-83-105.el5_4.22.x86_64.rpm kvm-debuginfo-83-105.el5_4.22.x86_64.rpm kvm-qemu-img-83-105.el5_4.22.x86_64.rpm kvm-tools-83-105.el5_4.22.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0297.html https://www.redhat.com/security/data/cve/CVE-2010-0298.html https://www.redhat.com/security/data/cve/CVE-2010-0306.html https://www.redhat.com/security/data/cve/CVE-2010-0309.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLcVE6XlSAg2UNWIIRAsHiAKCpFKlrXkv7nFrGY+XEEzvaZOGxKgCfQ4CI LsIFiaziOI+yk3BCqvgg0hU= =YAWH -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 9 12:19:03 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 9 Feb 2010 07:19:03 -0500 Subject: [RHSA-2010:0094-02] Critical: HelixPlayer security update Message-ID: <201002091219.o19CJ30G008452@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: HelixPlayer security update Advisory ID: RHSA-2010:0094-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0094.html Issue date: 2010-02-09 CVE Names: CVE-2009-4242 CVE-2009-4245 CVE-2009-4247 CVE-2009-4248 CVE-2009-4257 CVE-2010-0416 CVE-2010-0417 ===================================================================== 1. Summary: An updated HelixPlayer package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ppc, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, x86_64 Red Hat Enterprise Linux WS version 4 - i386, x86_64 3. Description: HelixPlayer is a media player. Multiple buffer and integer overflow flaws were found in the way HelixPlayer processed Graphics Interchange Format (GIF) files. An attacker could create a specially-crafted GIF file which would cause HelixPlayer to crash or, potentially, execute arbitrary code when opened. (CVE-2009-4242, CVE-2009-4245) A buffer overflow flaw was found in the way HelixPlayer processed Synchronized Multimedia Integration Language (SMIL) files. An attacker could create a specially-crafted SMIL file which would cause HelixPlayer to crash or, potentially, execute arbitrary code when opened. (CVE-2009-4257) A buffer overflow flaw was found in the way HelixPlayer handled the Real Time Streaming Protocol (RTSP) SET_PARAMETER directive. A malicious RTSP server could use this flaw to crash HelixPlayer or, potentially, execute arbitrary code. (CVE-2009-4248) Multiple buffer overflow flaws were discovered in the way HelixPlayer handled RuleBook structures in media files and RTSP streams. Specially-crafted input could cause HelixPlayer to crash or, potentially, execute arbitrary code. (CVE-2009-4247, CVE-2010-0417) A buffer overflow flaw was found in the way HelixPlayer performed URL un-escaping. A specially-crafted URL string could cause HelixPlayer to crash or, potentially, execute arbitrary code. (CVE-2010-0416) All HelixPlayer users are advised to upgrade to this updated package, which contains backported patches to resolve these issues. All running instances of HelixPlayer must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 561309 - CVE-2009-4257 HelixPlayer / RealPlayer: SMIL getAtom heap buffer overflow 561338 - CVE-2009-4247 HelixPlayer / RealPlayer: RTSP client ASM RuleBook stack buffer overflow 561361 - CVE-2009-4248 HelixPlayer / RealPlayer: RTSP SET_PARAMETER buffer overflow 561436 - CVE-2009-4242 HelixPlayer / RealPlayer: GIF file heap overflow 561441 - CVE-2009-4245 HelixPlayer / RealPlayer: compressed GIF heap overflow 561856 - CVE-2010-0416 HelixPlayer / RealPlayer: URL unescape buffer overflow 561860 - CVE-2010-0417 HelixPlayer / RealPlayer: rule book handling heap corruption 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/HelixPlayer-1.0.6-1.el4_8.1.src.rpm i386: HelixPlayer-1.0.6-1.el4_8.1.i386.rpm HelixPlayer-debuginfo-1.0.6-1.el4_8.1.i386.rpm ppc: HelixPlayer-1.0.6-1.el4_8.1.ppc.rpm HelixPlayer-debuginfo-1.0.6-1.el4_8.1.ppc.rpm x86_64: HelixPlayer-1.0.6-1.el4_8.1.i386.rpm HelixPlayer-debuginfo-1.0.6-1.el4_8.1.i386.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/HelixPlayer-1.0.6-1.el4_8.1.src.rpm i386: HelixPlayer-1.0.6-1.el4_8.1.i386.rpm HelixPlayer-debuginfo-1.0.6-1.el4_8.1.i386.rpm x86_64: HelixPlayer-1.0.6-1.el4_8.1.i386.rpm HelixPlayer-debuginfo-1.0.6-1.el4_8.1.i386.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/HelixPlayer-1.0.6-1.el4_8.1.src.rpm i386: HelixPlayer-1.0.6-1.el4_8.1.i386.rpm HelixPlayer-debuginfo-1.0.6-1.el4_8.1.i386.rpm x86_64: HelixPlayer-1.0.6-1.el4_8.1.i386.rpm HelixPlayer-debuginfo-1.0.6-1.el4_8.1.i386.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/HelixPlayer-1.0.6-1.el4_8.1.src.rpm i386: HelixPlayer-1.0.6-1.el4_8.1.i386.rpm HelixPlayer-debuginfo-1.0.6-1.el4_8.1.i386.rpm x86_64: HelixPlayer-1.0.6-1.el4_8.1.i386.rpm HelixPlayer-debuginfo-1.0.6-1.el4_8.1.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-4242.html https://www.redhat.com/security/data/cve/CVE-2009-4245.html https://www.redhat.com/security/data/cve/CVE-2009-4247.html https://www.redhat.com/security/data/cve/CVE-2009-4248.html https://www.redhat.com/security/data/cve/CVE-2009-4257.html https://www.redhat.com/security/data/cve/CVE-2010-0416.html https://www.redhat.com/security/data/cve/CVE-2010-0417.html http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLcVKPXlSAg2UNWIIRApF/AJ4mxI3h10RmeTfe9RzhdKLqnafovgCgrXHL fxM/iR0MhnxUeplkePoBuKU= =jjci -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Feb 12 16:26:29 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 12 Feb 2010 11:26:29 -0500 Subject: [RHSA-2010:0101-02] Important: openoffice.org security update Message-ID: <201002121626.o1CGQTiw031953@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: openoffice.org security update Advisory ID: RHSA-2010:0101-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0101.html Issue date: 2010-02-12 CVE Names: CVE-2009-2949 CVE-2009-2950 CVE-2009-3301 CVE-2009-3302 ===================================================================== 1. Summary: Updated openoffice.org packages that correct multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ppc, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, x86_64 Red Hat Enterprise Linux WS version 3 - i386, x86_64 Red Hat Enterprise Linux WS version 4 - i386, x86_64 3. Description: OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org parsed XPM files. An attacker could create a specially-crafted document, which once opened by a local, unsuspecting user, could lead to arbitrary code execution with the permissions of the user running OpenOffice.org. Note: This flaw affects embedded XPM files in OpenOffice.org documents as well as stand-alone XPM files. (CVE-2009-2949) An integer underflow flaw and a boundary error flaw, both possibly leading to a heap-based buffer overflow, were found in the way OpenOffice.org parsed certain records in Microsoft Word documents. An attacker could create a specially-crafted Microsoft Word document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash or, potentially, execute arbitrary code with the permissions of the user running OpenOffice.org. (CVE-2009-3301, CVE-2009-3302) A heap-based buffer overflow flaw, leading to memory corruption, was found in the way OpenOffice.org parsed GIF files. An attacker could create a specially-crafted document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash. Note: This flaw affects embedded GIF files in OpenOffice.org documents as well as stand-alone GIF files. (CVE-2009-2950) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of OpenOffice.org applications must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 527512 - CVE-2009-2950 openoffice.org: GIF file parsing heap overflow 527540 - CVE-2009-2949 openoffice.org: integer overflow in XPM processing 533038 - CVE-2009-3301 OpenOffice.org Word sprmTDefTable Memory Corruption 533043 - CVE-2009-3302 OpenOffice.org Word sprmTSetBrc Memory Corruption 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openoffice.org-1.1.2-46.2.0.EL3.src.rpm i386: openoffice.org-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-46.2.0.EL3.i386.rpm x86_64: openoffice.org-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-46.2.0.EL3.i386.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openoffice.org-1.1.2-46.2.0.EL3.src.rpm i386: openoffice.org-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-46.2.0.EL3.i386.rpm x86_64: openoffice.org-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-46.2.0.EL3.i386.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openoffice.org-1.1.2-46.2.0.EL3.src.rpm i386: openoffice.org-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-46.2.0.EL3.i386.rpm x86_64: openoffice.org-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-46.2.0.EL3.i386.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openoffice.org-1.1.2-46.2.0.EL3.src.rpm i386: openoffice.org-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-46.2.0.EL3.i386.rpm x86_64: openoffice.org-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-debuginfo-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-46.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-46.2.0.EL3.i386.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openoffice.org-1.1.5-10.6.0.7.EL4.3.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.3.src.rpm i386: openoffice.org-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-kde-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm ppc: openoffice.org-1.1.5-10.6.0.7.EL4.3.ppc.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.3.ppc.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.3.ppc.rpm openoffice.org-kde-1.1.5-10.6.0.7.EL4.3.ppc.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.3.ppc.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.3.ppc.rpm x86_64: openoffice.org-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openoffice.org-1.1.5-10.6.0.7.EL4.3.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.3.src.rpm i386: openoffice.org-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-kde-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm x86_64: openoffice.org-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openoffice.org-1.1.5-10.6.0.7.EL4.3.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.3.src.rpm i386: openoffice.org-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-kde-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm x86_64: openoffice.org-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openoffice.org-1.1.5-10.6.0.7.EL4.3.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.3.src.rpm i386: openoffice.org-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-kde-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm x86_64: openoffice.org-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-debuginfo-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org-libs-1.1.5-10.6.0.7.EL4.3.i386.rpm openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.3.i386.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/openoffice.org-2.3.0-6.11.el5_4.4.src.rpm i386: openoffice.org-base-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-calc-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-core-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-debuginfo-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-draw-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-emailmerge-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-graphicfilter-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-headless-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-impress-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-javafilter-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-af_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ar-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-as_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-bg_BG-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-bn-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ca_ES-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-cs_CZ-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-cy_GB-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-da_DK-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-de-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-el_GR-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-es-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-et_EE-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-eu_ES-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-fi_FI-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-fr-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ga_IE-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-gl_ES-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-gu_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-he_IL-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-hi_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-hr_HR-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-hu_HU-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-it-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ja_JP-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-kn_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ko_KR-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-lt_LT-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ml_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-mr_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ms_MY-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-nb_NO-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-nl-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-nn_NO-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-nr_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-nso_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-or_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-pa_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-pl_PL-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-pt_BR-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-pt_PT-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ru-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-sk_SK-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-sl_SI-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-sr_CS-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ss_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-st_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-sv-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ta_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-te_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-th_TH-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-tn_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-tr_TR-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ts_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ur-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ve_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-xh_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-zh_CN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-zh_TW-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-zu_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-math-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-pyuno-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-testtools-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-writer-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-xsltfilter-2.3.0-6.11.el5_4.4.i386.rpm x86_64: openoffice.org-base-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-calc-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-core-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-debuginfo-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-draw-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-emailmerge-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-graphicfilter-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-headless-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-impress-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-javafilter-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-af_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ar-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-as_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-bg_BG-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-bn-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ca_ES-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-cs_CZ-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-cy_GB-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-da_DK-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-de-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-el_GR-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-es-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-et_EE-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-eu_ES-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-fi_FI-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-fr-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ga_IE-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-gl_ES-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-gu_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-he_IL-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-hi_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-hr_HR-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-hu_HU-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-it-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ja_JP-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-kn_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ko_KR-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-lt_LT-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ml_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-mr_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ms_MY-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-nb_NO-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-nl-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-nn_NO-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-nr_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-nso_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-or_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-pa_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-pl_PL-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-pt_BR-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-pt_PT-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ru-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-sk_SK-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-sl_SI-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-sr_CS-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ss_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-st_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-sv-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ta_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-te_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-th_TH-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-tn_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-tr_TR-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ts_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ur-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ve_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-xh_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-zh_CN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-zh_TW-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-zu_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-math-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-pyuno-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-testtools-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-writer-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-xsltfilter-2.3.0-6.11.el5_4.4.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/openoffice.org-2.3.0-6.11.el5_4.4.src.rpm i386: openoffice.org-debuginfo-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-sdk-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-sdk-doc-2.3.0-6.11.el5_4.4.i386.rpm x86_64: openoffice.org-debuginfo-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-sdk-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-sdk-doc-2.3.0-6.11.el5_4.4.x86_64.rpm RHEL Optional Productivity Applications (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/openoffice.org-2.3.0-6.11.el5_4.4.src.rpm i386: openoffice.org-base-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-calc-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-core-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-debuginfo-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-draw-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-emailmerge-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-graphicfilter-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-headless-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-impress-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-javafilter-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-af_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ar-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-as_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-bg_BG-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-bn-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ca_ES-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-cs_CZ-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-cy_GB-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-da_DK-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-de-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-el_GR-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-es-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-et_EE-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-eu_ES-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-fi_FI-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-fr-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ga_IE-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-gl_ES-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-gu_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-he_IL-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-hi_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-hr_HR-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-hu_HU-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-it-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ja_JP-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-kn_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ko_KR-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-lt_LT-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ml_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-mr_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ms_MY-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-nb_NO-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-nl-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-nn_NO-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-nr_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-nso_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-or_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-pa_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-pl_PL-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-pt_BR-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-pt_PT-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ru-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-sk_SK-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-sl_SI-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-sr_CS-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ss_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-st_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-sv-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ta_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-te_IN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-th_TH-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-tn_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-tr_TR-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ts_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ur-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-ve_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-xh_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-zh_CN-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-zh_TW-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-langpack-zu_ZA-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-math-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-pyuno-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-sdk-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-sdk-doc-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-testtools-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-writer-2.3.0-6.11.el5_4.4.i386.rpm openoffice.org-xsltfilter-2.3.0-6.11.el5_4.4.i386.rpm x86_64: openoffice.org-base-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-calc-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-core-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-debuginfo-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-draw-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-emailmerge-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-graphicfilter-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-headless-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-impress-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-javafilter-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-af_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ar-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-as_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-bg_BG-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-bn-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ca_ES-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-cs_CZ-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-cy_GB-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-da_DK-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-de-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-el_GR-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-es-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-et_EE-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-eu_ES-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-fi_FI-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-fr-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ga_IE-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-gl_ES-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-gu_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-he_IL-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-hi_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-hr_HR-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-hu_HU-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-it-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ja_JP-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-kn_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ko_KR-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-lt_LT-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ml_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-mr_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ms_MY-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-nb_NO-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-nl-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-nn_NO-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-nr_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-nso_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-or_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-pa_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-pl_PL-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-pt_BR-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-pt_PT-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ru-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-sk_SK-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-sl_SI-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-sr_CS-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ss_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-st_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-sv-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ta_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-te_IN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-th_TH-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-tn_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-tr_TR-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ts_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ur-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-ve_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-xh_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-zh_CN-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-zh_TW-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-langpack-zu_ZA-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-math-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-pyuno-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-sdk-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-sdk-doc-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-testtools-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-writer-2.3.0-6.11.el5_4.4.x86_64.rpm openoffice.org-xsltfilter-2.3.0-6.11.el5_4.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-2949.html https://www.redhat.com/security/data/cve/CVE-2009-2950.html https://www.redhat.com/security/data/cve/CVE-2009-3301.html https://www.redhat.com/security/data/cve/CVE-2009-3302.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLdYDpXlSAg2UNWIIRAuFAAJ0ZDAECbkLPrEowK3JKjiZd3mcOOQCdFKe4 PMZKoZHv6rCacRK2tvGvO6U= =oHmB -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Feb 12 16:27:18 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 12 Feb 2010 11:27:18 -0500 Subject: [RHSA-2010:0102-01] Important: flash-plugin security update Message-ID: <201002121627.o1CGRIji011521@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: flash-plugin security update Advisory ID: RHSA-2010:0102-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0102.html Issue date: 2010-02-12 CVE Names: CVE-2010-0186 CVE-2010-0187 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes two vulnerabilities in Adobe Flash Player. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-06 page listed in the References section. If a victim loaded a web page containing specially-crafted SWF content, it could cause Flash Player to perform unauthorized cross-domain requests, leading to the disclosure of sensitive data. (CVE-2010-0186, CVE-2010-0187) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.0.45.2. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 563819 - CVE-2010-0186 flash-plugin: unauthorized cross-domain requests (APSB10-06) 564287 - CVE-2010-0187 flash-plugin: possible player crash (APSB10-06) 6. Package List: RHEL Desktop Supplementary (v. 5 client): i386: flash-plugin-10.0.45.2-1.el5.i386.rpm x86_64: flash-plugin-10.0.45.2-1.el5.i386.rpm RHEL Supplementary (v. 5 server): i386: flash-plugin-10.0.45.2-1.el5.i386.rpm x86_64: flash-plugin-10.0.45.2-1.el5.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0186.html https://www.redhat.com/security/data/cve/CVE-2010-0187.html http://www.redhat.com/security/updates/classification/#important http://www.adobe.com/support/security/bulletins/apsb10-06.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLdYE+XlSAg2UNWIIRAsL4AJkB2m7gjB+gxxFQ9WRKz7RTSE4NHgCgkn/q HMgQlRzQ/G20AGJj8nxzX4Q= =31YX -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Feb 12 16:27:54 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 12 Feb 2010 11:27:54 -0500 Subject: [RHSA-2010:0103-01] Important: flash-plugin security update Message-ID: <201002121627.o1CGRtsK028860@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: flash-plugin security update Advisory ID: RHSA-2010:0103-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0103.html Issue date: 2010-02-12 CVE Names: CVE-2010-0186 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes a security issue is now available for Red Hat Enterprise Linux 3 and 4 Extras. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Desktop version 3 Extras - i386 Red Hat Desktop version 4 Extras - i386 Red Hat Enterprise Linux AS version 3 Extras - i386 Red Hat Enterprise Linux AS version 4 Extras - i386 Red Hat Enterprise Linux ES version 3 Extras - i386 Red Hat Enterprise Linux ES version 4 Extras - i386 Red Hat Enterprise Linux WS version 3 Extras - i386 Red Hat Enterprise Linux WS version 4 Extras - i386 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes a vulnerability in Adobe Flash Player. This vulnerability is summarized on the Adobe Security Advisory APSB10-06 page listed in the References section. If a victim loaded a web page containing specially-crafted SWF content, it could cause Flash Player to perform unauthorized cross-domain requests, leading to the disclosure of sensitive data. (CVE-2010-0186) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 9.0.262.0. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 563819 - CVE-2010-0186 flash-plugin: unauthorized cross-domain requests (APSB10-06) 6. Package List: Red Hat Enterprise Linux AS version 3 Extras: i386: flash-plugin-9.0.262.0-1.el3.with.oss.i386.rpm Red Hat Desktop version 3 Extras: i386: flash-plugin-9.0.262.0-1.el3.with.oss.i386.rpm Red Hat Enterprise Linux ES version 3 Extras: i386: flash-plugin-9.0.262.0-1.el3.with.oss.i386.rpm Red Hat Enterprise Linux WS version 3 Extras: i386: flash-plugin-9.0.262.0-1.el3.with.oss.i386.rpm Red Hat Enterprise Linux AS version 4 Extras: i386: flash-plugin-9.0.262.0-1.el4.i386.rpm Red Hat Desktop version 4 Extras: i386: flash-plugin-9.0.262.0-1.el4.i386.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: flash-plugin-9.0.262.0-1.el4.i386.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: flash-plugin-9.0.262.0-1.el4.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0186.html http://www.redhat.com/security/updates/classification/#important http://www.adobe.com/support/security/bulletins/apsb10-06.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLdYFrXlSAg2UNWIIRAsOgAJ4zlNMduZJ7eWABXriSrhXP9erRQgCeMICN OKux50bQ7TTqg218JYLtiGo= =t9bL -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 16 17:06:46 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 16 Feb 2010 12:06:46 -0500 Subject: [RHSA-2010:0108-01] Moderate: NetworkManager security update Message-ID: <201002161706.o1GH6l3k017002@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: NetworkManager security update Advisory ID: RHSA-2010:0108-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0108.html Issue date: 2010-02-16 CVE Names: CVE-2009-4144 CVE-2009-4145 ===================================================================== 1. Summary: Updated NetworkManager packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. A missing network certificate verification flaw was found in NetworkManager. If a user created a WPA Enterprise or 802.1x wireless network connection that was verified using a Certificate Authority (CA) certificate, and then later removed that CA certificate file, NetworkManager failed to verify the identity of the network on the following connection attempts. In these situations, a malicious wireless network spoofing the original network could trick a user into disclosing authentication credentials or communicating over an untrusted network. (CVE-2009-4144) An information disclosure flaw was found in NetworkManager's nm-connection-editor D-Bus interface. If a user edited network connection options using nm-connection-editor, a summary of those changes was broadcasted over the D-Bus message bus, possibly disclosing sensitive information (such as wireless network authentication credentials) to other local users. (CVE-2009-4145) Users of NetworkManager should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 546117 - CVE-2009-4145 NetworkManager: information disclosure by nm-connection-editor 546795 - CVE-2009-4144 NetworkManager: WPA enterprise network not verified when certificate is removed 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/NetworkManager-0.7.0-9.el5_4.src.rpm i386: NetworkManager-0.7.0-9.el5_4.i386.rpm NetworkManager-debuginfo-0.7.0-9.el5_4.i386.rpm NetworkManager-glib-0.7.0-9.el5_4.i386.rpm NetworkManager-gnome-0.7.0-9.el5_4.i386.rpm x86_64: NetworkManager-0.7.0-9.el5_4.i386.rpm NetworkManager-0.7.0-9.el5_4.x86_64.rpm NetworkManager-debuginfo-0.7.0-9.el5_4.i386.rpm NetworkManager-debuginfo-0.7.0-9.el5_4.x86_64.rpm NetworkManager-glib-0.7.0-9.el5_4.i386.rpm NetworkManager-glib-0.7.0-9.el5_4.x86_64.rpm NetworkManager-gnome-0.7.0-9.el5_4.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/NetworkManager-0.7.0-9.el5_4.src.rpm i386: NetworkManager-debuginfo-0.7.0-9.el5_4.i386.rpm NetworkManager-devel-0.7.0-9.el5_4.i386.rpm NetworkManager-glib-devel-0.7.0-9.el5_4.i386.rpm x86_64: NetworkManager-debuginfo-0.7.0-9.el5_4.i386.rpm NetworkManager-debuginfo-0.7.0-9.el5_4.x86_64.rpm NetworkManager-devel-0.7.0-9.el5_4.i386.rpm NetworkManager-devel-0.7.0-9.el5_4.x86_64.rpm NetworkManager-glib-devel-0.7.0-9.el5_4.i386.rpm NetworkManager-glib-devel-0.7.0-9.el5_4.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/NetworkManager-0.7.0-9.el5_4.src.rpm i386: NetworkManager-0.7.0-9.el5_4.i386.rpm NetworkManager-debuginfo-0.7.0-9.el5_4.i386.rpm NetworkManager-devel-0.7.0-9.el5_4.i386.rpm NetworkManager-glib-0.7.0-9.el5_4.i386.rpm NetworkManager-glib-devel-0.7.0-9.el5_4.i386.rpm NetworkManager-gnome-0.7.0-9.el5_4.i386.rpm ia64: NetworkManager-0.7.0-9.el5_4.ia64.rpm NetworkManager-debuginfo-0.7.0-9.el5_4.ia64.rpm NetworkManager-devel-0.7.0-9.el5_4.ia64.rpm NetworkManager-glib-0.7.0-9.el5_4.ia64.rpm NetworkManager-glib-devel-0.7.0-9.el5_4.ia64.rpm NetworkManager-gnome-0.7.0-9.el5_4.ia64.rpm ppc: NetworkManager-0.7.0-9.el5_4.ppc.rpm NetworkManager-0.7.0-9.el5_4.ppc64.rpm NetworkManager-debuginfo-0.7.0-9.el5_4.ppc.rpm NetworkManager-debuginfo-0.7.0-9.el5_4.ppc64.rpm NetworkManager-devel-0.7.0-9.el5_4.ppc.rpm NetworkManager-devel-0.7.0-9.el5_4.ppc64.rpm NetworkManager-glib-0.7.0-9.el5_4.ppc.rpm NetworkManager-glib-0.7.0-9.el5_4.ppc64.rpm NetworkManager-glib-devel-0.7.0-9.el5_4.ppc.rpm NetworkManager-glib-devel-0.7.0-9.el5_4.ppc64.rpm NetworkManager-gnome-0.7.0-9.el5_4.ppc.rpm x86_64: NetworkManager-0.7.0-9.el5_4.i386.rpm NetworkManager-0.7.0-9.el5_4.x86_64.rpm NetworkManager-debuginfo-0.7.0-9.el5_4.i386.rpm NetworkManager-debuginfo-0.7.0-9.el5_4.x86_64.rpm NetworkManager-devel-0.7.0-9.el5_4.i386.rpm NetworkManager-devel-0.7.0-9.el5_4.x86_64.rpm NetworkManager-glib-0.7.0-9.el5_4.i386.rpm NetworkManager-glib-0.7.0-9.el5_4.x86_64.rpm NetworkManager-glib-devel-0.7.0-9.el5_4.i386.rpm NetworkManager-glib-devel-0.7.0-9.el5_4.x86_64.rpm NetworkManager-gnome-0.7.0-9.el5_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-4144.html https://www.redhat.com/security/data/cve/CVE-2009-4145.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLetCWXlSAg2UNWIIRAsHYAKCtj7p2Jh9Tk1JLEDuTD+3QVG3RbACcCJJx eNPjYyJbPYU2n+ZXAVAStqA= =Nozc -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 16 17:07:10 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 16 Feb 2010 12:07:10 -0500 Subject: [RHSA-2010:0109-01] Moderate: mysql security update Message-ID: <201002161707.o1GH7AfH012318@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: mysql security update Advisory ID: RHSA-2010:0109-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0109.html Issue date: 2010-02-16 CVE Names: CVE-2009-4019 CVE-2009-4028 CVE-2009-4030 ===================================================================== 1. Summary: Updated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. It was discovered that the MySQL client ignored certain SSL certificate verification errors when connecting to servers. A man-in-the-middle attacker could use this flaw to trick MySQL clients into connecting to a spoofed MySQL server. (CVE-2009-4028) Note: This fix may uncover previously hidden SSL configuration issues, such as incorrect CA certificates being used by clients or expired server certificates. This update should be carefully tested in deployments where SSL connections are used. A flaw was found in the way MySQL handled SELECT statements with subqueries in the WHERE clause, that assigned results to a user variable. A remote, authenticated attacker could use this flaw to crash the MySQL server daemon (mysqld). This issue only caused a temporary denial of service, as the MySQL daemon was automatically restarted after the crash. (CVE-2009-4019) When the "datadir" option was configured with a relative path, MySQL did not properly check paths used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. An authenticated attacker could use this flaw to bypass the restriction preventing the use of subdirectories of the MySQL data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths. (CVE-2009-4030) Note: Due to the security risks and previous security issues related to the use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not depending on this feature should consider disabling it by adding "symbolic-links=0" to the "[mysqld]" section of the "my.cnf" configuration file. In this update, an example of such a configuration was added to the default "my.cnf" file. All MySQL users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 540906 - CVE-2009-4019 mysql: DoS (crash) when comparing GIS items from subquery and when handling subqueires in WHERE and assigning a SELECT result to a @variable 541233 - CVE-2009-4028 mysql: client SSL certificate verification flaw 543653 - CVE-2009-4030 mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/mysql-5.0.77-4.el5_4.2.src.rpm i386: mysql-5.0.77-4.el5_4.2.i386.rpm mysql-debuginfo-5.0.77-4.el5_4.2.i386.rpm x86_64: mysql-5.0.77-4.el5_4.2.i386.rpm mysql-5.0.77-4.el5_4.2.x86_64.rpm mysql-debuginfo-5.0.77-4.el5_4.2.i386.rpm mysql-debuginfo-5.0.77-4.el5_4.2.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/mysql-5.0.77-4.el5_4.2.src.rpm i386: mysql-bench-5.0.77-4.el5_4.2.i386.rpm mysql-debuginfo-5.0.77-4.el5_4.2.i386.rpm mysql-devel-5.0.77-4.el5_4.2.i386.rpm mysql-server-5.0.77-4.el5_4.2.i386.rpm mysql-test-5.0.77-4.el5_4.2.i386.rpm x86_64: mysql-bench-5.0.77-4.el5_4.2.x86_64.rpm mysql-debuginfo-5.0.77-4.el5_4.2.i386.rpm mysql-debuginfo-5.0.77-4.el5_4.2.x86_64.rpm mysql-devel-5.0.77-4.el5_4.2.i386.rpm mysql-devel-5.0.77-4.el5_4.2.x86_64.rpm mysql-server-5.0.77-4.el5_4.2.x86_64.rpm mysql-test-5.0.77-4.el5_4.2.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/mysql-5.0.77-4.el5_4.2.src.rpm i386: mysql-5.0.77-4.el5_4.2.i386.rpm mysql-bench-5.0.77-4.el5_4.2.i386.rpm mysql-debuginfo-5.0.77-4.el5_4.2.i386.rpm mysql-devel-5.0.77-4.el5_4.2.i386.rpm mysql-server-5.0.77-4.el5_4.2.i386.rpm mysql-test-5.0.77-4.el5_4.2.i386.rpm ia64: mysql-5.0.77-4.el5_4.2.i386.rpm mysql-5.0.77-4.el5_4.2.ia64.rpm mysql-bench-5.0.77-4.el5_4.2.ia64.rpm mysql-debuginfo-5.0.77-4.el5_4.2.i386.rpm mysql-debuginfo-5.0.77-4.el5_4.2.ia64.rpm mysql-devel-5.0.77-4.el5_4.2.ia64.rpm mysql-server-5.0.77-4.el5_4.2.ia64.rpm mysql-test-5.0.77-4.el5_4.2.ia64.rpm ppc: mysql-5.0.77-4.el5_4.2.ppc.rpm mysql-5.0.77-4.el5_4.2.ppc64.rpm mysql-bench-5.0.77-4.el5_4.2.ppc.rpm mysql-debuginfo-5.0.77-4.el5_4.2.ppc.rpm mysql-debuginfo-5.0.77-4.el5_4.2.ppc64.rpm mysql-devel-5.0.77-4.el5_4.2.ppc.rpm mysql-devel-5.0.77-4.el5_4.2.ppc64.rpm mysql-server-5.0.77-4.el5_4.2.ppc.rpm mysql-server-5.0.77-4.el5_4.2.ppc64.rpm mysql-test-5.0.77-4.el5_4.2.ppc.rpm s390x: mysql-5.0.77-4.el5_4.2.s390.rpm mysql-5.0.77-4.el5_4.2.s390x.rpm mysql-bench-5.0.77-4.el5_4.2.s390x.rpm mysql-debuginfo-5.0.77-4.el5_4.2.s390.rpm mysql-debuginfo-5.0.77-4.el5_4.2.s390x.rpm mysql-devel-5.0.77-4.el5_4.2.s390.rpm mysql-devel-5.0.77-4.el5_4.2.s390x.rpm mysql-server-5.0.77-4.el5_4.2.s390x.rpm mysql-test-5.0.77-4.el5_4.2.s390x.rpm x86_64: mysql-5.0.77-4.el5_4.2.i386.rpm mysql-5.0.77-4.el5_4.2.x86_64.rpm mysql-bench-5.0.77-4.el5_4.2.x86_64.rpm mysql-debuginfo-5.0.77-4.el5_4.2.i386.rpm mysql-debuginfo-5.0.77-4.el5_4.2.x86_64.rpm mysql-devel-5.0.77-4.el5_4.2.i386.rpm mysql-devel-5.0.77-4.el5_4.2.x86_64.rpm mysql-server-5.0.77-4.el5_4.2.x86_64.rpm mysql-test-5.0.77-4.el5_4.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-4019.html https://www.redhat.com/security/data/cve/CVE-2009-4028.html https://www.redhat.com/security/data/cve/CVE-2009-4030.html http://www.redhat.com/security/updates/classification/#moderate http://dev.mysql.com/doc/refman/5.0/en/symbolic-links-to-tables.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLetCtXlSAg2UNWIIRApwjAKCtjHstUwwHC/dK5JEWxkP70TTuogCeLleI LrQNccvqeEumUFk64LNBJRE= =ZoKl -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 16 17:07:27 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 16 Feb 2010 12:07:27 -0500 Subject: [RHSA-2010:0110-01] Moderate: mysql security update Message-ID: <201002161707.o1GH7Rt9012371@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: mysql security update Advisory ID: RHSA-2010:0110-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0110.html Issue date: 2010-02-16 CVE Names: CVE-2008-4098 CVE-2008-4456 CVE-2009-2446 CVE-2009-4030 ===================================================================== 1. Summary: Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Multiple flaws were discovered in the way MySQL handled symbolic links to tables created using the DATA DIRECTORY and INDEX DIRECTORY directives in CREATE TABLE statements. An attacker with CREATE and DROP table privileges and shell access to the database server could use these flaws to escalate their database privileges, or gain access to tables created by other database users. (CVE-2008-4098, CVE-2009-4030) Note: Due to the security risks and previous security issues related to the use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not depending on this feature should consider disabling it by adding "symbolic-links=0" to the "[mysqld]" section of the "my.cnf" configuration file. In this update, an example of such a configuration was added to the default "my.cnf" file. An insufficient HTML entities quoting flaw was found in the mysql command line client's HTML output mode. If an attacker was able to inject arbitrary HTML tags into data stored in a MySQL database, which was later retrieved using the mysql command line client and its HTML output mode, they could perform a cross-site scripting (XSS) attack against victims viewing the HTML output in a web browser. (CVE-2008-4456) Multiple format string flaws were found in the way the MySQL server logged user commands when creating and deleting databases. A remote, authenticated attacker with permissions to CREATE and DROP databases could use these flaws to formulate a specially-crafted SQL command that would cause a temporary denial of service (open connections to mysqld are terminated). (CVE-2009-2446) Note: To exploit the CVE-2009-2446 flaws, the general query log (the mysqld "--log" command line option or the "log" option in "my.cnf") must be enabled. This logging is not enabled by default. All MySQL users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 454077 - CVE-2008-4098 mysql: incomplete upstream fix for CVE-2008-2079 466518 - CVE-2008-4456 mysql: mysql command line client XSS flaw 511020 - CVE-2009-2446 MySQL: Format string vulnerability by manipulation with database instances (crash) 543653 - CVE-2009-4030 mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mysql-4.1.22-2.el4_8.3.src.rpm i386: mysql-4.1.22-2.el4_8.3.i386.rpm mysql-bench-4.1.22-2.el4_8.3.i386.rpm mysql-debuginfo-4.1.22-2.el4_8.3.i386.rpm mysql-devel-4.1.22-2.el4_8.3.i386.rpm mysql-server-4.1.22-2.el4_8.3.i386.rpm ia64: mysql-4.1.22-2.el4_8.3.i386.rpm mysql-4.1.22-2.el4_8.3.ia64.rpm mysql-bench-4.1.22-2.el4_8.3.ia64.rpm mysql-debuginfo-4.1.22-2.el4_8.3.i386.rpm mysql-debuginfo-4.1.22-2.el4_8.3.ia64.rpm mysql-devel-4.1.22-2.el4_8.3.ia64.rpm mysql-server-4.1.22-2.el4_8.3.ia64.rpm ppc: mysql-4.1.22-2.el4_8.3.ppc.rpm mysql-4.1.22-2.el4_8.3.ppc64.rpm mysql-bench-4.1.22-2.el4_8.3.ppc.rpm mysql-debuginfo-4.1.22-2.el4_8.3.ppc.rpm mysql-debuginfo-4.1.22-2.el4_8.3.ppc64.rpm mysql-devel-4.1.22-2.el4_8.3.ppc.rpm mysql-server-4.1.22-2.el4_8.3.ppc.rpm s390: mysql-4.1.22-2.el4_8.3.s390.rpm mysql-bench-4.1.22-2.el4_8.3.s390.rpm mysql-debuginfo-4.1.22-2.el4_8.3.s390.rpm mysql-devel-4.1.22-2.el4_8.3.s390.rpm mysql-server-4.1.22-2.el4_8.3.s390.rpm s390x: mysql-4.1.22-2.el4_8.3.s390.rpm mysql-4.1.22-2.el4_8.3.s390x.rpm mysql-bench-4.1.22-2.el4_8.3.s390x.rpm mysql-debuginfo-4.1.22-2.el4_8.3.s390.rpm mysql-debuginfo-4.1.22-2.el4_8.3.s390x.rpm mysql-devel-4.1.22-2.el4_8.3.s390x.rpm mysql-server-4.1.22-2.el4_8.3.s390x.rpm x86_64: mysql-4.1.22-2.el4_8.3.i386.rpm mysql-4.1.22-2.el4_8.3.x86_64.rpm mysql-bench-4.1.22-2.el4_8.3.x86_64.rpm mysql-debuginfo-4.1.22-2.el4_8.3.i386.rpm mysql-debuginfo-4.1.22-2.el4_8.3.x86_64.rpm mysql-devel-4.1.22-2.el4_8.3.x86_64.rpm mysql-server-4.1.22-2.el4_8.3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mysql-4.1.22-2.el4_8.3.src.rpm i386: mysql-4.1.22-2.el4_8.3.i386.rpm mysql-bench-4.1.22-2.el4_8.3.i386.rpm mysql-debuginfo-4.1.22-2.el4_8.3.i386.rpm mysql-devel-4.1.22-2.el4_8.3.i386.rpm mysql-server-4.1.22-2.el4_8.3.i386.rpm x86_64: mysql-4.1.22-2.el4_8.3.i386.rpm mysql-4.1.22-2.el4_8.3.x86_64.rpm mysql-bench-4.1.22-2.el4_8.3.x86_64.rpm mysql-debuginfo-4.1.22-2.el4_8.3.i386.rpm mysql-debuginfo-4.1.22-2.el4_8.3.x86_64.rpm mysql-devel-4.1.22-2.el4_8.3.x86_64.rpm mysql-server-4.1.22-2.el4_8.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mysql-4.1.22-2.el4_8.3.src.rpm i386: mysql-4.1.22-2.el4_8.3.i386.rpm mysql-bench-4.1.22-2.el4_8.3.i386.rpm mysql-debuginfo-4.1.22-2.el4_8.3.i386.rpm mysql-devel-4.1.22-2.el4_8.3.i386.rpm mysql-server-4.1.22-2.el4_8.3.i386.rpm ia64: mysql-4.1.22-2.el4_8.3.i386.rpm mysql-4.1.22-2.el4_8.3.ia64.rpm mysql-bench-4.1.22-2.el4_8.3.ia64.rpm mysql-debuginfo-4.1.22-2.el4_8.3.i386.rpm mysql-debuginfo-4.1.22-2.el4_8.3.ia64.rpm mysql-devel-4.1.22-2.el4_8.3.ia64.rpm mysql-server-4.1.22-2.el4_8.3.ia64.rpm x86_64: mysql-4.1.22-2.el4_8.3.i386.rpm mysql-4.1.22-2.el4_8.3.x86_64.rpm mysql-bench-4.1.22-2.el4_8.3.x86_64.rpm mysql-debuginfo-4.1.22-2.el4_8.3.i386.rpm mysql-debuginfo-4.1.22-2.el4_8.3.x86_64.rpm mysql-devel-4.1.22-2.el4_8.3.x86_64.rpm mysql-server-4.1.22-2.el4_8.3.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mysql-4.1.22-2.el4_8.3.src.rpm i386: mysql-4.1.22-2.el4_8.3.i386.rpm mysql-bench-4.1.22-2.el4_8.3.i386.rpm mysql-debuginfo-4.1.22-2.el4_8.3.i386.rpm mysql-devel-4.1.22-2.el4_8.3.i386.rpm mysql-server-4.1.22-2.el4_8.3.i386.rpm ia64: mysql-4.1.22-2.el4_8.3.i386.rpm mysql-4.1.22-2.el4_8.3.ia64.rpm mysql-bench-4.1.22-2.el4_8.3.ia64.rpm mysql-debuginfo-4.1.22-2.el4_8.3.i386.rpm mysql-debuginfo-4.1.22-2.el4_8.3.ia64.rpm mysql-devel-4.1.22-2.el4_8.3.ia64.rpm mysql-server-4.1.22-2.el4_8.3.ia64.rpm x86_64: mysql-4.1.22-2.el4_8.3.i386.rpm mysql-4.1.22-2.el4_8.3.x86_64.rpm mysql-bench-4.1.22-2.el4_8.3.x86_64.rpm mysql-debuginfo-4.1.22-2.el4_8.3.i386.rpm mysql-debuginfo-4.1.22-2.el4_8.3.x86_64.rpm mysql-devel-4.1.22-2.el4_8.3.x86_64.rpm mysql-server-4.1.22-2.el4_8.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2008-4098.html https://www.redhat.com/security/data/cve/CVE-2008-4456.html https://www.redhat.com/security/data/cve/CVE-2009-2446.html https://www.redhat.com/security/data/cve/CVE-2009-4030.html http://www.redhat.com/security/updates/classification/#moderate http://dev.mysql.com/doc/refman/4.1/en/symbolic-links-to-tables.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLetDDXlSAg2UNWIIRAoWjAJ9RvlmdBumZmN25fgUAanKP0QHAkgCgwM5T qvDAHsmhNIQSgHkxM8KCFc0= =+LfE -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 16 17:07:42 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 16 Feb 2010 12:07:42 -0500 Subject: [RHSA-2010:0111-01] Important: kernel security update Message-ID: <201002161707.o1GH7geZ018783@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2010:0111-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0111.html Issue date: 2010-02-16 CVE Names: CVE-2009-4536 CVE-2009-4537 CVE-2009-4538 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4.7.z - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 4.7.z - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * a flaw was found in each of the following Intel PRO/1000 Linux drivers in the Linux kernel: e1000 and e1000e. A remote attacker using packets larger than the MTU could bypass the existing fragment check, resulting in partial, invalid frames being passed to the network stack. These flaws could also possibly be used to trigger a remote denial of service. (CVE-2009-4536, CVE-2009-4538, Important) * a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. Receiving overly-long frames with a certain revision of the network cards supported by this driver could possibly result in a remote denial of service. (CVE-2009-4537, Important) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 550907 - CVE-2009-4537 kernel: r8169 issue reported at 26c3 551214 - CVE-2009-4538 kernel: e1000e frame fragment issue 552126 - CVE-2009-4536 kernel: e1000 issue reported at 26c3 6. Package List: Red Hat Enterprise Linux AS version 4.7.z: Source: kernel-2.6.9-78.0.29.EL.src.rpm i386: kernel-2.6.9-78.0.29.EL.i686.rpm kernel-debuginfo-2.6.9-78.0.29.EL.i686.rpm kernel-devel-2.6.9-78.0.29.EL.i686.rpm kernel-hugemem-2.6.9-78.0.29.EL.i686.rpm kernel-hugemem-devel-2.6.9-78.0.29.EL.i686.rpm kernel-smp-2.6.9-78.0.29.EL.i686.rpm kernel-smp-devel-2.6.9-78.0.29.EL.i686.rpm kernel-xenU-2.6.9-78.0.29.EL.i686.rpm kernel-xenU-devel-2.6.9-78.0.29.EL.i686.rpm ia64: kernel-2.6.9-78.0.29.EL.ia64.rpm kernel-debuginfo-2.6.9-78.0.29.EL.ia64.rpm kernel-devel-2.6.9-78.0.29.EL.ia64.rpm kernel-largesmp-2.6.9-78.0.29.EL.ia64.rpm kernel-largesmp-devel-2.6.9-78.0.29.EL.ia64.rpm noarch: kernel-doc-2.6.9-78.0.29.EL.noarch.rpm ppc: kernel-2.6.9-78.0.29.EL.ppc64.rpm kernel-2.6.9-78.0.29.EL.ppc64iseries.rpm kernel-debuginfo-2.6.9-78.0.29.EL.ppc64.rpm kernel-debuginfo-2.6.9-78.0.29.EL.ppc64iseries.rpm kernel-devel-2.6.9-78.0.29.EL.ppc64.rpm kernel-devel-2.6.9-78.0.29.EL.ppc64iseries.rpm kernel-largesmp-2.6.9-78.0.29.EL.ppc64.rpm kernel-largesmp-devel-2.6.9-78.0.29.EL.ppc64.rpm s390: kernel-2.6.9-78.0.29.EL.s390.rpm kernel-debuginfo-2.6.9-78.0.29.EL.s390.rpm kernel-devel-2.6.9-78.0.29.EL.s390.rpm s390x: kernel-2.6.9-78.0.29.EL.s390x.rpm kernel-debuginfo-2.6.9-78.0.29.EL.s390x.rpm kernel-devel-2.6.9-78.0.29.EL.s390x.rpm x86_64: kernel-2.6.9-78.0.29.EL.x86_64.rpm kernel-debuginfo-2.6.9-78.0.29.EL.x86_64.rpm kernel-devel-2.6.9-78.0.29.EL.x86_64.rpm kernel-largesmp-2.6.9-78.0.29.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-78.0.29.EL.x86_64.rpm kernel-smp-2.6.9-78.0.29.EL.x86_64.rpm kernel-smp-devel-2.6.9-78.0.29.EL.x86_64.rpm kernel-xenU-2.6.9-78.0.29.EL.x86_64.rpm kernel-xenU-devel-2.6.9-78.0.29.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4.7.z: Source: kernel-2.6.9-78.0.29.EL.src.rpm i386: kernel-2.6.9-78.0.29.EL.i686.rpm kernel-debuginfo-2.6.9-78.0.29.EL.i686.rpm kernel-devel-2.6.9-78.0.29.EL.i686.rpm kernel-hugemem-2.6.9-78.0.29.EL.i686.rpm kernel-hugemem-devel-2.6.9-78.0.29.EL.i686.rpm kernel-smp-2.6.9-78.0.29.EL.i686.rpm kernel-smp-devel-2.6.9-78.0.29.EL.i686.rpm kernel-xenU-2.6.9-78.0.29.EL.i686.rpm kernel-xenU-devel-2.6.9-78.0.29.EL.i686.rpm ia64: kernel-2.6.9-78.0.29.EL.ia64.rpm kernel-debuginfo-2.6.9-78.0.29.EL.ia64.rpm kernel-devel-2.6.9-78.0.29.EL.ia64.rpm kernel-largesmp-2.6.9-78.0.29.EL.ia64.rpm kernel-largesmp-devel-2.6.9-78.0.29.EL.ia64.rpm noarch: kernel-doc-2.6.9-78.0.29.EL.noarch.rpm x86_64: kernel-2.6.9-78.0.29.EL.x86_64.rpm kernel-debuginfo-2.6.9-78.0.29.EL.x86_64.rpm kernel-devel-2.6.9-78.0.29.EL.x86_64.rpm kernel-largesmp-2.6.9-78.0.29.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-78.0.29.EL.x86_64.rpm kernel-smp-2.6.9-78.0.29.EL.x86_64.rpm kernel-smp-devel-2.6.9-78.0.29.EL.x86_64.rpm kernel-xenU-2.6.9-78.0.29.EL.x86_64.rpm kernel-xenU-devel-2.6.9-78.0.29.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-4536.html https://www.redhat.com/security/data/cve/CVE-2009-4537.html https://www.redhat.com/security/data/cve/CVE-2009-4538.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLetDUXlSAg2UNWIIRAooiAKCwdWEZRLDgl6LGGnwLrGlwJ9FBFwCgm7UJ xWaGjHj04vBsJpDydM4zJ58= =X+Fe -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 17 21:57:30 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 17 Feb 2010 16:57:30 -0500 Subject: [RHSA-2010:0112-01] Critical: firefox security update Message-ID: <201002172157.o1HLvUVY023004@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2010:0112-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0112.html Issue date: 2010-02-17 CVE Names: CVE-2009-1571 CVE-2009-3988 CVE-2010-0159 CVE-2010-0160 CVE-2010-0162 ===================================================================== 1. Summary: Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A use-after-free flaw was found in Firefox. Under low memory conditions, visiting a web page containing malicious content could result in Firefox executing arbitrary code with the privileges of the user running Firefox. (CVE-2009-1571) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-0159, CVE-2010-0160) Two flaws were found in the way certain content was processed. An attacker could use these flaws to create a malicious web page that could bypass the same-origin policy, or possibly run untrusted JavaScript. (CVE-2009-3988, CVE-2010-0162) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.18. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.18, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 566047 - CVE-2010-0159 Mozilla crashes with evidence of memory corruption (MFSA 2010-01) 566049 - CVE-2010-0160 Mozilla implementation of Web Workers can lead to crash with evidence of memory corruption (MFSA 2010-02) 566050 - CVE-2009-1571 Mozilla incorrectly frees used memory (MFSA 2010-03) 566051 - CVE-2009-3988 Mozilla violation of same-origin policy due to properties set on objects passed to showModalDialog (MFSA 2010-04) 566052 - CVE-2010-0162 Mozilla bypass of same-origin policy due to improper SVG document processing (MFSA 2010-05) 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-3.0.18-1.el4.src.rpm i386: firefox-3.0.18-1.el4.i386.rpm firefox-debuginfo-3.0.18-1.el4.i386.rpm ia64: firefox-3.0.18-1.el4.ia64.rpm firefox-debuginfo-3.0.18-1.el4.ia64.rpm ppc: firefox-3.0.18-1.el4.ppc.rpm firefox-debuginfo-3.0.18-1.el4.ppc.rpm s390: firefox-3.0.18-1.el4.s390.rpm firefox-debuginfo-3.0.18-1.el4.s390.rpm s390x: firefox-3.0.18-1.el4.s390x.rpm firefox-debuginfo-3.0.18-1.el4.s390x.rpm x86_64: firefox-3.0.18-1.el4.x86_64.rpm firefox-debuginfo-3.0.18-1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-3.0.18-1.el4.src.rpm i386: firefox-3.0.18-1.el4.i386.rpm firefox-debuginfo-3.0.18-1.el4.i386.rpm x86_64: firefox-3.0.18-1.el4.x86_64.rpm firefox-debuginfo-3.0.18-1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-3.0.18-1.el4.src.rpm i386: firefox-3.0.18-1.el4.i386.rpm firefox-debuginfo-3.0.18-1.el4.i386.rpm ia64: firefox-3.0.18-1.el4.ia64.rpm firefox-debuginfo-3.0.18-1.el4.ia64.rpm x86_64: firefox-3.0.18-1.el4.x86_64.rpm firefox-debuginfo-3.0.18-1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-3.0.18-1.el4.src.rpm i386: firefox-3.0.18-1.el4.i386.rpm firefox-debuginfo-3.0.18-1.el4.i386.rpm ia64: firefox-3.0.18-1.el4.ia64.rpm firefox-debuginfo-3.0.18-1.el4.ia64.rpm x86_64: firefox-3.0.18-1.el4.x86_64.rpm firefox-debuginfo-3.0.18-1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-3.0.18-1.el5_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-1.9.0.18-1.el5_4.src.rpm i386: firefox-3.0.18-1.el5_4.i386.rpm firefox-debuginfo-3.0.18-1.el5_4.i386.rpm xulrunner-1.9.0.18-1.el5_4.i386.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.i386.rpm x86_64: firefox-3.0.18-1.el5_4.i386.rpm firefox-3.0.18-1.el5_4.x86_64.rpm firefox-debuginfo-3.0.18-1.el5_4.i386.rpm firefox-debuginfo-3.0.18-1.el5_4.x86_64.rpm xulrunner-1.9.0.18-1.el5_4.i386.rpm xulrunner-1.9.0.18-1.el5_4.x86_64.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.i386.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-1.9.0.18-1.el5_4.src.rpm i386: xulrunner-debuginfo-1.9.0.18-1.el5_4.i386.rpm xulrunner-devel-1.9.0.18-1.el5_4.i386.rpm xulrunner-devel-unstable-1.9.0.18-1.el5_4.i386.rpm x86_64: xulrunner-debuginfo-1.9.0.18-1.el5_4.i386.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.x86_64.rpm xulrunner-devel-1.9.0.18-1.el5_4.i386.rpm xulrunner-devel-1.9.0.18-1.el5_4.x86_64.rpm xulrunner-devel-unstable-1.9.0.18-1.el5_4.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-3.0.18-1.el5_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xulrunner-1.9.0.18-1.el5_4.src.rpm i386: firefox-3.0.18-1.el5_4.i386.rpm firefox-debuginfo-3.0.18-1.el5_4.i386.rpm xulrunner-1.9.0.18-1.el5_4.i386.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.i386.rpm xulrunner-devel-1.9.0.18-1.el5_4.i386.rpm xulrunner-devel-unstable-1.9.0.18-1.el5_4.i386.rpm ia64: firefox-3.0.18-1.el5_4.ia64.rpm firefox-debuginfo-3.0.18-1.el5_4.ia64.rpm xulrunner-1.9.0.18-1.el5_4.ia64.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.ia64.rpm xulrunner-devel-1.9.0.18-1.el5_4.ia64.rpm xulrunner-devel-unstable-1.9.0.18-1.el5_4.ia64.rpm ppc: firefox-3.0.18-1.el5_4.ppc.rpm firefox-debuginfo-3.0.18-1.el5_4.ppc.rpm xulrunner-1.9.0.18-1.el5_4.ppc.rpm xulrunner-1.9.0.18-1.el5_4.ppc64.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.ppc.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.ppc64.rpm xulrunner-devel-1.9.0.18-1.el5_4.ppc.rpm xulrunner-devel-1.9.0.18-1.el5_4.ppc64.rpm xulrunner-devel-unstable-1.9.0.18-1.el5_4.ppc.rpm s390x: firefox-3.0.18-1.el5_4.s390.rpm firefox-3.0.18-1.el5_4.s390x.rpm firefox-debuginfo-3.0.18-1.el5_4.s390.rpm firefox-debuginfo-3.0.18-1.el5_4.s390x.rpm xulrunner-1.9.0.18-1.el5_4.s390.rpm xulrunner-1.9.0.18-1.el5_4.s390x.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.s390.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.s390x.rpm xulrunner-devel-1.9.0.18-1.el5_4.s390.rpm xulrunner-devel-1.9.0.18-1.el5_4.s390x.rpm xulrunner-devel-unstable-1.9.0.18-1.el5_4.s390x.rpm x86_64: firefox-3.0.18-1.el5_4.i386.rpm firefox-3.0.18-1.el5_4.x86_64.rpm firefox-debuginfo-3.0.18-1.el5_4.i386.rpm firefox-debuginfo-3.0.18-1.el5_4.x86_64.rpm xulrunner-1.9.0.18-1.el5_4.i386.rpm xulrunner-1.9.0.18-1.el5_4.x86_64.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.i386.rpm xulrunner-debuginfo-1.9.0.18-1.el5_4.x86_64.rpm xulrunner-devel-1.9.0.18-1.el5_4.i386.rpm xulrunner-devel-1.9.0.18-1.el5_4.x86_64.rpm xulrunner-devel-unstable-1.9.0.18-1.el5_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-1571.html https://www.redhat.com/security/data/cve/CVE-2009-3988.html https://www.redhat.com/security/data/cve/CVE-2010-0159.html https://www.redhat.com/security/data/cve/CVE-2010-0160.html https://www.redhat.com/security/data/cve/CVE-2010-0162.html http://www.redhat.com/security/updates/classification/#critical http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.18 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLfGY6XlSAg2UNWIIRAp0zAJ42E4jpGc7ArpaSYicUGCYaR4vSKACghHQ+ je+3wIyjtnq/svKLbmuck2g= =TKb0 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 17 21:57:55 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 17 Feb 2010 16:57:55 -0500 Subject: [RHSA-2010:0113-01] Critical: seamonkey security update Message-ID: <201002172157.o1HLvtGp003614@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: seamonkey security update Advisory ID: RHSA-2010:0113-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0113.html Issue date: 2010-02-17 CVE Names: CVE-2009-1571 CVE-2010-0159 ===================================================================== 1. Summary: Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. A use-after-free flaw was found in SeaMonkey. Under low memory conditions, visiting a web page containing malicious content could result in SeaMonkey executing arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-1571) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-0159) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 566047 - CVE-2010-0159 Mozilla crashes with evidence of memory corruption (MFSA 2010-01) 566050 - CVE-2009-1571 Mozilla incorrectly frees used memory (MFSA 2010-03) 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/seamonkey-1.0.9-0.50.el3.src.rpm i386: seamonkey-1.0.9-0.50.el3.i386.rpm seamonkey-chat-1.0.9-0.50.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.50.el3.i386.rpm seamonkey-devel-1.0.9-0.50.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.50.el3.i386.rpm seamonkey-mail-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.i386.rpm seamonkey-nss-1.0.9-0.50.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.50.el3.i386.rpm ia64: seamonkey-1.0.9-0.50.el3.ia64.rpm seamonkey-chat-1.0.9-0.50.el3.ia64.rpm seamonkey-debuginfo-1.0.9-0.50.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.50.el3.ia64.rpm seamonkey-devel-1.0.9-0.50.el3.ia64.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.ia64.rpm seamonkey-js-debugger-1.0.9-0.50.el3.ia64.rpm seamonkey-mail-1.0.9-0.50.el3.ia64.rpm seamonkey-nspr-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-1.0.9-0.50.el3.ia64.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.ia64.rpm seamonkey-nss-1.0.9-0.50.el3.i386.rpm seamonkey-nss-1.0.9-0.50.el3.ia64.rpm seamonkey-nss-devel-1.0.9-0.50.el3.ia64.rpm ppc: seamonkey-1.0.9-0.50.el3.ppc.rpm seamonkey-chat-1.0.9-0.50.el3.ppc.rpm seamonkey-debuginfo-1.0.9-0.50.el3.ppc.rpm seamonkey-devel-1.0.9-0.50.el3.ppc.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.ppc.rpm seamonkey-js-debugger-1.0.9-0.50.el3.ppc.rpm seamonkey-mail-1.0.9-0.50.el3.ppc.rpm seamonkey-nspr-1.0.9-0.50.el3.ppc.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.ppc.rpm seamonkey-nss-1.0.9-0.50.el3.ppc.rpm seamonkey-nss-devel-1.0.9-0.50.el3.ppc.rpm s390: seamonkey-1.0.9-0.50.el3.s390.rpm seamonkey-chat-1.0.9-0.50.el3.s390.rpm seamonkey-debuginfo-1.0.9-0.50.el3.s390.rpm seamonkey-devel-1.0.9-0.50.el3.s390.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.s390.rpm seamonkey-js-debugger-1.0.9-0.50.el3.s390.rpm seamonkey-mail-1.0.9-0.50.el3.s390.rpm seamonkey-nspr-1.0.9-0.50.el3.s390.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.s390.rpm seamonkey-nss-1.0.9-0.50.el3.s390.rpm seamonkey-nss-devel-1.0.9-0.50.el3.s390.rpm s390x: seamonkey-1.0.9-0.50.el3.s390x.rpm seamonkey-chat-1.0.9-0.50.el3.s390x.rpm seamonkey-debuginfo-1.0.9-0.50.el3.s390.rpm seamonkey-debuginfo-1.0.9-0.50.el3.s390x.rpm seamonkey-devel-1.0.9-0.50.el3.s390x.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.s390x.rpm seamonkey-js-debugger-1.0.9-0.50.el3.s390x.rpm seamonkey-mail-1.0.9-0.50.el3.s390x.rpm seamonkey-nspr-1.0.9-0.50.el3.s390.rpm seamonkey-nspr-1.0.9-0.50.el3.s390x.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.s390x.rpm seamonkey-nss-1.0.9-0.50.el3.s390.rpm seamonkey-nss-1.0.9-0.50.el3.s390x.rpm seamonkey-nss-devel-1.0.9-0.50.el3.s390x.rpm x86_64: seamonkey-1.0.9-0.50.el3.i386.rpm seamonkey-1.0.9-0.50.el3.x86_64.rpm seamonkey-chat-1.0.9-0.50.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.50.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.50.el3.x86_64.rpm seamonkey-devel-1.0.9-0.50.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.50.el3.x86_64.rpm seamonkey-mail-1.0.9-0.50.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-1.0.9-0.50.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.x86_64.rpm seamonkey-nss-1.0.9-0.50.el3.i386.rpm seamonkey-nss-1.0.9-0.50.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.50.el3.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/seamonkey-1.0.9-0.50.el3.src.rpm i386: seamonkey-1.0.9-0.50.el3.i386.rpm seamonkey-chat-1.0.9-0.50.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.50.el3.i386.rpm seamonkey-devel-1.0.9-0.50.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.50.el3.i386.rpm seamonkey-mail-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.i386.rpm seamonkey-nss-1.0.9-0.50.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.50.el3.i386.rpm x86_64: seamonkey-1.0.9-0.50.el3.i386.rpm seamonkey-1.0.9-0.50.el3.x86_64.rpm seamonkey-chat-1.0.9-0.50.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.50.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.50.el3.x86_64.rpm seamonkey-devel-1.0.9-0.50.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.50.el3.x86_64.rpm seamonkey-mail-1.0.9-0.50.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-1.0.9-0.50.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.x86_64.rpm seamonkey-nss-1.0.9-0.50.el3.i386.rpm seamonkey-nss-1.0.9-0.50.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.50.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/seamonkey-1.0.9-0.50.el3.src.rpm i386: seamonkey-1.0.9-0.50.el3.i386.rpm seamonkey-chat-1.0.9-0.50.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.50.el3.i386.rpm seamonkey-devel-1.0.9-0.50.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.50.el3.i386.rpm seamonkey-mail-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.i386.rpm seamonkey-nss-1.0.9-0.50.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.50.el3.i386.rpm ia64: seamonkey-1.0.9-0.50.el3.ia64.rpm seamonkey-chat-1.0.9-0.50.el3.ia64.rpm seamonkey-debuginfo-1.0.9-0.50.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.50.el3.ia64.rpm seamonkey-devel-1.0.9-0.50.el3.ia64.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.ia64.rpm seamonkey-js-debugger-1.0.9-0.50.el3.ia64.rpm seamonkey-mail-1.0.9-0.50.el3.ia64.rpm seamonkey-nspr-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-1.0.9-0.50.el3.ia64.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.ia64.rpm seamonkey-nss-1.0.9-0.50.el3.i386.rpm seamonkey-nss-1.0.9-0.50.el3.ia64.rpm seamonkey-nss-devel-1.0.9-0.50.el3.ia64.rpm x86_64: seamonkey-1.0.9-0.50.el3.i386.rpm seamonkey-1.0.9-0.50.el3.x86_64.rpm seamonkey-chat-1.0.9-0.50.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.50.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.50.el3.x86_64.rpm seamonkey-devel-1.0.9-0.50.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.50.el3.x86_64.rpm seamonkey-mail-1.0.9-0.50.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-1.0.9-0.50.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.x86_64.rpm seamonkey-nss-1.0.9-0.50.el3.i386.rpm seamonkey-nss-1.0.9-0.50.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.50.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/seamonkey-1.0.9-0.50.el3.src.rpm i386: seamonkey-1.0.9-0.50.el3.i386.rpm seamonkey-chat-1.0.9-0.50.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.50.el3.i386.rpm seamonkey-devel-1.0.9-0.50.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.50.el3.i386.rpm seamonkey-mail-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.i386.rpm seamonkey-nss-1.0.9-0.50.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.50.el3.i386.rpm ia64: seamonkey-1.0.9-0.50.el3.ia64.rpm seamonkey-chat-1.0.9-0.50.el3.ia64.rpm seamonkey-debuginfo-1.0.9-0.50.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.50.el3.ia64.rpm seamonkey-devel-1.0.9-0.50.el3.ia64.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.ia64.rpm seamonkey-js-debugger-1.0.9-0.50.el3.ia64.rpm seamonkey-mail-1.0.9-0.50.el3.ia64.rpm seamonkey-nspr-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-1.0.9-0.50.el3.ia64.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.ia64.rpm seamonkey-nss-1.0.9-0.50.el3.i386.rpm seamonkey-nss-1.0.9-0.50.el3.ia64.rpm seamonkey-nss-devel-1.0.9-0.50.el3.ia64.rpm x86_64: seamonkey-1.0.9-0.50.el3.i386.rpm seamonkey-1.0.9-0.50.el3.x86_64.rpm seamonkey-chat-1.0.9-0.50.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.50.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.50.el3.x86_64.rpm seamonkey-devel-1.0.9-0.50.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.50.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.50.el3.x86_64.rpm seamonkey-mail-1.0.9-0.50.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.50.el3.i386.rpm seamonkey-nspr-1.0.9-0.50.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.50.el3.x86_64.rpm seamonkey-nss-1.0.9-0.50.el3.i386.rpm seamonkey-nss-1.0.9-0.50.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.50.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-52.el4_8.src.rpm i386: seamonkey-1.0.9-52.el4_8.i386.rpm seamonkey-chat-1.0.9-52.el4_8.i386.rpm seamonkey-debuginfo-1.0.9-52.el4_8.i386.rpm seamonkey-devel-1.0.9-52.el4_8.i386.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.i386.rpm seamonkey-js-debugger-1.0.9-52.el4_8.i386.rpm seamonkey-mail-1.0.9-52.el4_8.i386.rpm ia64: seamonkey-1.0.9-52.el4_8.ia64.rpm seamonkey-chat-1.0.9-52.el4_8.ia64.rpm seamonkey-debuginfo-1.0.9-52.el4_8.ia64.rpm seamonkey-devel-1.0.9-52.el4_8.ia64.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.ia64.rpm seamonkey-js-debugger-1.0.9-52.el4_8.ia64.rpm seamonkey-mail-1.0.9-52.el4_8.ia64.rpm ppc: seamonkey-1.0.9-52.el4_8.ppc.rpm seamonkey-chat-1.0.9-52.el4_8.ppc.rpm seamonkey-debuginfo-1.0.9-52.el4_8.ppc.rpm seamonkey-devel-1.0.9-52.el4_8.ppc.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.ppc.rpm seamonkey-js-debugger-1.0.9-52.el4_8.ppc.rpm seamonkey-mail-1.0.9-52.el4_8.ppc.rpm s390: seamonkey-1.0.9-52.el4_8.s390.rpm seamonkey-chat-1.0.9-52.el4_8.s390.rpm seamonkey-debuginfo-1.0.9-52.el4_8.s390.rpm seamonkey-devel-1.0.9-52.el4_8.s390.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.s390.rpm seamonkey-js-debugger-1.0.9-52.el4_8.s390.rpm seamonkey-mail-1.0.9-52.el4_8.s390.rpm s390x: seamonkey-1.0.9-52.el4_8.s390x.rpm seamonkey-chat-1.0.9-52.el4_8.s390x.rpm seamonkey-debuginfo-1.0.9-52.el4_8.s390x.rpm seamonkey-devel-1.0.9-52.el4_8.s390x.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.s390x.rpm seamonkey-js-debugger-1.0.9-52.el4_8.s390x.rpm seamonkey-mail-1.0.9-52.el4_8.s390x.rpm x86_64: seamonkey-1.0.9-52.el4_8.x86_64.rpm seamonkey-chat-1.0.9-52.el4_8.x86_64.rpm seamonkey-debuginfo-1.0.9-52.el4_8.x86_64.rpm seamonkey-devel-1.0.9-52.el4_8.x86_64.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.x86_64.rpm seamonkey-js-debugger-1.0.9-52.el4_8.x86_64.rpm seamonkey-mail-1.0.9-52.el4_8.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-52.el4_8.src.rpm i386: seamonkey-1.0.9-52.el4_8.i386.rpm seamonkey-chat-1.0.9-52.el4_8.i386.rpm seamonkey-debuginfo-1.0.9-52.el4_8.i386.rpm seamonkey-devel-1.0.9-52.el4_8.i386.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.i386.rpm seamonkey-js-debugger-1.0.9-52.el4_8.i386.rpm seamonkey-mail-1.0.9-52.el4_8.i386.rpm x86_64: seamonkey-1.0.9-52.el4_8.x86_64.rpm seamonkey-chat-1.0.9-52.el4_8.x86_64.rpm seamonkey-debuginfo-1.0.9-52.el4_8.x86_64.rpm seamonkey-devel-1.0.9-52.el4_8.x86_64.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.x86_64.rpm seamonkey-js-debugger-1.0.9-52.el4_8.x86_64.rpm seamonkey-mail-1.0.9-52.el4_8.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-52.el4_8.src.rpm i386: seamonkey-1.0.9-52.el4_8.i386.rpm seamonkey-chat-1.0.9-52.el4_8.i386.rpm seamonkey-debuginfo-1.0.9-52.el4_8.i386.rpm seamonkey-devel-1.0.9-52.el4_8.i386.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.i386.rpm seamonkey-js-debugger-1.0.9-52.el4_8.i386.rpm seamonkey-mail-1.0.9-52.el4_8.i386.rpm ia64: seamonkey-1.0.9-52.el4_8.ia64.rpm seamonkey-chat-1.0.9-52.el4_8.ia64.rpm seamonkey-debuginfo-1.0.9-52.el4_8.ia64.rpm seamonkey-devel-1.0.9-52.el4_8.ia64.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.ia64.rpm seamonkey-js-debugger-1.0.9-52.el4_8.ia64.rpm seamonkey-mail-1.0.9-52.el4_8.ia64.rpm x86_64: seamonkey-1.0.9-52.el4_8.x86_64.rpm seamonkey-chat-1.0.9-52.el4_8.x86_64.rpm seamonkey-debuginfo-1.0.9-52.el4_8.x86_64.rpm seamonkey-devel-1.0.9-52.el4_8.x86_64.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.x86_64.rpm seamonkey-js-debugger-1.0.9-52.el4_8.x86_64.rpm seamonkey-mail-1.0.9-52.el4_8.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-52.el4_8.src.rpm i386: seamonkey-1.0.9-52.el4_8.i386.rpm seamonkey-chat-1.0.9-52.el4_8.i386.rpm seamonkey-debuginfo-1.0.9-52.el4_8.i386.rpm seamonkey-devel-1.0.9-52.el4_8.i386.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.i386.rpm seamonkey-js-debugger-1.0.9-52.el4_8.i386.rpm seamonkey-mail-1.0.9-52.el4_8.i386.rpm ia64: seamonkey-1.0.9-52.el4_8.ia64.rpm seamonkey-chat-1.0.9-52.el4_8.ia64.rpm seamonkey-debuginfo-1.0.9-52.el4_8.ia64.rpm seamonkey-devel-1.0.9-52.el4_8.ia64.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.ia64.rpm seamonkey-js-debugger-1.0.9-52.el4_8.ia64.rpm seamonkey-mail-1.0.9-52.el4_8.ia64.rpm x86_64: seamonkey-1.0.9-52.el4_8.x86_64.rpm seamonkey-chat-1.0.9-52.el4_8.x86_64.rpm seamonkey-debuginfo-1.0.9-52.el4_8.x86_64.rpm seamonkey-devel-1.0.9-52.el4_8.x86_64.rpm seamonkey-dom-inspector-1.0.9-52.el4_8.x86_64.rpm seamonkey-js-debugger-1.0.9-52.el4_8.x86_64.rpm seamonkey-mail-1.0.9-52.el4_8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-1571.html https://www.redhat.com/security/data/cve/CVE-2010-0159.html http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLfGZPXlSAg2UNWIIRAi6gAKCPPCh1jBuPCKvbg7tTARgOhe529gCfWZOR 9EPm603qP+4JJvzkPOkyWdI= =LOdZ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 18 16:12:29 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 18 Feb 2010 11:12:29 -0500 Subject: [RHSA-2010:0114-01] Critical: acroread security and bug fix update Message-ID: <201002181612.o1IGCTgC017619@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: acroread security and bug fix update Advisory ID: RHSA-2010:0114-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0114.html Issue date: 2010-02-18 CVE Names: CVE-2010-0186 CVE-2010-0188 ===================================================================== 1. Summary: Updated acroread packages that fix two security issues and a bug are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 3. Description: Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes two vulnerabilities in Adobe Reader. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-07 page listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2010-0186, CVE-2010-0188) This update also fixes a bug where, on some systems, attempting to install or upgrade the acroread packages failed due to a package dependency issue. (BZ#557506) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.3.1, which is not vulnerable to these issues and fixes this bug. All running instances of Adobe Reader must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 557506 - acroread requires openldap-devel which is in Workstation/ 563819 - CVE-2010-0186 flash-plugin: unauthorized cross-domain requests (APSB10-06) 566087 - CVE-2010-0188 acroread: unspecified code execution flaw 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: acroread-9.3.1-1.el4.i386.rpm acroread-plugin-9.3.1-1.el4.i386.rpm x86_64: acroread-9.3.1-1.el4.i386.rpm Red Hat Desktop version 4 Extras: i386: acroread-9.3.1-1.el4.i386.rpm acroread-plugin-9.3.1-1.el4.i386.rpm x86_64: acroread-9.3.1-1.el4.i386.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: acroread-9.3.1-1.el4.i386.rpm acroread-plugin-9.3.1-1.el4.i386.rpm x86_64: acroread-9.3.1-1.el4.i386.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: acroread-9.3.1-1.el4.i386.rpm acroread-plugin-9.3.1-1.el4.i386.rpm x86_64: acroread-9.3.1-1.el4.i386.rpm RHEL Desktop Supplementary (v. 5 client): i386: acroread-9.3.1-1.el5.i386.rpm acroread-plugin-9.3.1-1.el5.i386.rpm x86_64: acroread-9.3.1-1.el5.i386.rpm acroread-plugin-9.3.1-1.el5.i386.rpm RHEL Supplementary (v. 5 server): i386: acroread-9.3.1-1.el5.i386.rpm acroread-plugin-9.3.1-1.el5.i386.rpm x86_64: acroread-9.3.1-1.el5.i386.rpm acroread-plugin-9.3.1-1.el5.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0186.html https://www.redhat.com/security/data/cve/CVE-2010-0188.html http://www.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb10-07.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLfWbgXlSAg2UNWIIRAgWGAJ0e8aSP9WEY967v12+ZKhOhKHna5QCguAV7 FvX0zpgyUc5i1iuNUTK4HtE= =uyPw -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 18 16:12:49 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 18 Feb 2010 11:12:49 -0500 Subject: [RHSA-2010:0115-01] Moderate: pidgin security update Message-ID: <201002181612.o1IGCnie018048@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: pidgin security update Advisory ID: RHSA-2010:0115-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0115.html Issue date: 2010-02-18 CVE Names: CVE-2010-0277 CVE-2010-0420 CVE-2010-0423 ===================================================================== 1. Summary: Updated pidgin packages that fix three security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way Pidgin's MSN protocol implementation handled MSNSLP invitations. A remote attacker could send a specially-crafted INVITE request that would cause a denial of service (memory corruption and Pidgin crash). (CVE-2010-0277) A denial of service flaw was found in Finch's XMPP chat implementation, when using multi-user chat. If a Finch user in a multi-user chat session were to change their nickname to contain the HTML "br" element, it would cause Finch to crash. (CVE-2010-0420) Red Hat would like to thank Sadrul Habib Chowdhury of the Pidgin project for responsibly reporting the CVE-2010-0420 issue. A denial of service flaw was found in the way Pidgin processed emoticon images. A remote attacker could flood the victim with emoticon images during mutual communication, leading to excessive CPU use. (CVE-2010-0423) These packages upgrade Pidgin to version 2.6.6. Refer to the Pidgin release notes for a full list of changes: http://developer.pidgin.im/wiki/ChangeLog All Pidgin users are advised to upgrade to these updated packages, which correct these issues. Pidgin must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 554335 - CVE-2010-0277 pidgin MSN protocol plugin memory corruption 565786 - CVE-2010-0420 pidgin: Finch XMPP MUC Crash 565792 - CVE-2010-0423 pidgin: Smiley Denial of Service 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/pidgin-2.6.6-1.el4.src.rpm i386: finch-2.6.6-1.el4.i386.rpm finch-devel-2.6.6-1.el4.i386.rpm libpurple-2.6.6-1.el4.i386.rpm libpurple-devel-2.6.6-1.el4.i386.rpm libpurple-perl-2.6.6-1.el4.i386.rpm libpurple-tcl-2.6.6-1.el4.i386.rpm pidgin-2.6.6-1.el4.i386.rpm pidgin-debuginfo-2.6.6-1.el4.i386.rpm pidgin-devel-2.6.6-1.el4.i386.rpm pidgin-perl-2.6.6-1.el4.i386.rpm ia64: finch-2.6.6-1.el4.ia64.rpm finch-devel-2.6.6-1.el4.ia64.rpm libpurple-2.6.6-1.el4.ia64.rpm libpurple-devel-2.6.6-1.el4.ia64.rpm libpurple-perl-2.6.6-1.el4.ia64.rpm libpurple-tcl-2.6.6-1.el4.ia64.rpm pidgin-2.6.6-1.el4.ia64.rpm pidgin-debuginfo-2.6.6-1.el4.ia64.rpm pidgin-devel-2.6.6-1.el4.ia64.rpm pidgin-perl-2.6.6-1.el4.ia64.rpm ppc: finch-2.6.6-1.el4.ppc.rpm finch-devel-2.6.6-1.el4.ppc.rpm libpurple-2.6.6-1.el4.ppc.rpm libpurple-devel-2.6.6-1.el4.ppc.rpm libpurple-perl-2.6.6-1.el4.ppc.rpm libpurple-tcl-2.6.6-1.el4.ppc.rpm pidgin-2.6.6-1.el4.ppc.rpm pidgin-debuginfo-2.6.6-1.el4.ppc.rpm pidgin-devel-2.6.6-1.el4.ppc.rpm pidgin-perl-2.6.6-1.el4.ppc.rpm x86_64: finch-2.6.6-1.el4.x86_64.rpm finch-devel-2.6.6-1.el4.x86_64.rpm libpurple-2.6.6-1.el4.x86_64.rpm libpurple-devel-2.6.6-1.el4.x86_64.rpm libpurple-perl-2.6.6-1.el4.x86_64.rpm libpurple-tcl-2.6.6-1.el4.x86_64.rpm pidgin-2.6.6-1.el4.x86_64.rpm pidgin-debuginfo-2.6.6-1.el4.x86_64.rpm pidgin-devel-2.6.6-1.el4.x86_64.rpm pidgin-perl-2.6.6-1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/pidgin-2.6.6-1.el4.src.rpm i386: finch-2.6.6-1.el4.i386.rpm finch-devel-2.6.6-1.el4.i386.rpm libpurple-2.6.6-1.el4.i386.rpm libpurple-devel-2.6.6-1.el4.i386.rpm libpurple-perl-2.6.6-1.el4.i386.rpm libpurple-tcl-2.6.6-1.el4.i386.rpm pidgin-2.6.6-1.el4.i386.rpm pidgin-debuginfo-2.6.6-1.el4.i386.rpm pidgin-devel-2.6.6-1.el4.i386.rpm pidgin-perl-2.6.6-1.el4.i386.rpm x86_64: finch-2.6.6-1.el4.x86_64.rpm finch-devel-2.6.6-1.el4.x86_64.rpm libpurple-2.6.6-1.el4.x86_64.rpm libpurple-devel-2.6.6-1.el4.x86_64.rpm libpurple-perl-2.6.6-1.el4.x86_64.rpm libpurple-tcl-2.6.6-1.el4.x86_64.rpm pidgin-2.6.6-1.el4.x86_64.rpm pidgin-debuginfo-2.6.6-1.el4.x86_64.rpm pidgin-devel-2.6.6-1.el4.x86_64.rpm pidgin-perl-2.6.6-1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/pidgin-2.6.6-1.el4.src.rpm i386: finch-2.6.6-1.el4.i386.rpm finch-devel-2.6.6-1.el4.i386.rpm libpurple-2.6.6-1.el4.i386.rpm libpurple-devel-2.6.6-1.el4.i386.rpm libpurple-perl-2.6.6-1.el4.i386.rpm libpurple-tcl-2.6.6-1.el4.i386.rpm pidgin-2.6.6-1.el4.i386.rpm pidgin-debuginfo-2.6.6-1.el4.i386.rpm pidgin-devel-2.6.6-1.el4.i386.rpm pidgin-perl-2.6.6-1.el4.i386.rpm ia64: finch-2.6.6-1.el4.ia64.rpm finch-devel-2.6.6-1.el4.ia64.rpm libpurple-2.6.6-1.el4.ia64.rpm libpurple-devel-2.6.6-1.el4.ia64.rpm libpurple-perl-2.6.6-1.el4.ia64.rpm libpurple-tcl-2.6.6-1.el4.ia64.rpm pidgin-2.6.6-1.el4.ia64.rpm pidgin-debuginfo-2.6.6-1.el4.ia64.rpm pidgin-devel-2.6.6-1.el4.ia64.rpm pidgin-perl-2.6.6-1.el4.ia64.rpm x86_64: finch-2.6.6-1.el4.x86_64.rpm finch-devel-2.6.6-1.el4.x86_64.rpm libpurple-2.6.6-1.el4.x86_64.rpm libpurple-devel-2.6.6-1.el4.x86_64.rpm libpurple-perl-2.6.6-1.el4.x86_64.rpm libpurple-tcl-2.6.6-1.el4.x86_64.rpm pidgin-2.6.6-1.el4.x86_64.rpm pidgin-debuginfo-2.6.6-1.el4.x86_64.rpm pidgin-devel-2.6.6-1.el4.x86_64.rpm pidgin-perl-2.6.6-1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/pidgin-2.6.6-1.el4.src.rpm i386: finch-2.6.6-1.el4.i386.rpm finch-devel-2.6.6-1.el4.i386.rpm libpurple-2.6.6-1.el4.i386.rpm libpurple-devel-2.6.6-1.el4.i386.rpm libpurple-perl-2.6.6-1.el4.i386.rpm libpurple-tcl-2.6.6-1.el4.i386.rpm pidgin-2.6.6-1.el4.i386.rpm pidgin-debuginfo-2.6.6-1.el4.i386.rpm pidgin-devel-2.6.6-1.el4.i386.rpm pidgin-perl-2.6.6-1.el4.i386.rpm ia64: finch-2.6.6-1.el4.ia64.rpm finch-devel-2.6.6-1.el4.ia64.rpm libpurple-2.6.6-1.el4.ia64.rpm libpurple-devel-2.6.6-1.el4.ia64.rpm libpurple-perl-2.6.6-1.el4.ia64.rpm libpurple-tcl-2.6.6-1.el4.ia64.rpm pidgin-2.6.6-1.el4.ia64.rpm pidgin-debuginfo-2.6.6-1.el4.ia64.rpm pidgin-devel-2.6.6-1.el4.ia64.rpm pidgin-perl-2.6.6-1.el4.ia64.rpm x86_64: finch-2.6.6-1.el4.x86_64.rpm finch-devel-2.6.6-1.el4.x86_64.rpm libpurple-2.6.6-1.el4.x86_64.rpm libpurple-devel-2.6.6-1.el4.x86_64.rpm libpurple-perl-2.6.6-1.el4.x86_64.rpm libpurple-tcl-2.6.6-1.el4.x86_64.rpm pidgin-2.6.6-1.el4.x86_64.rpm pidgin-debuginfo-2.6.6-1.el4.x86_64.rpm pidgin-devel-2.6.6-1.el4.x86_64.rpm pidgin-perl-2.6.6-1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/pidgin-2.6.6-1.el5.src.rpm i386: finch-2.6.6-1.el5.i386.rpm libpurple-2.6.6-1.el5.i386.rpm libpurple-perl-2.6.6-1.el5.i386.rpm libpurple-tcl-2.6.6-1.el5.i386.rpm pidgin-2.6.6-1.el5.i386.rpm pidgin-debuginfo-2.6.6-1.el5.i386.rpm pidgin-perl-2.6.6-1.el5.i386.rpm x86_64: finch-2.6.6-1.el5.i386.rpm finch-2.6.6-1.el5.x86_64.rpm libpurple-2.6.6-1.el5.i386.rpm libpurple-2.6.6-1.el5.x86_64.rpm libpurple-perl-2.6.6-1.el5.x86_64.rpm libpurple-tcl-2.6.6-1.el5.x86_64.rpm pidgin-2.6.6-1.el5.i386.rpm pidgin-2.6.6-1.el5.x86_64.rpm pidgin-debuginfo-2.6.6-1.el5.i386.rpm pidgin-debuginfo-2.6.6-1.el5.x86_64.rpm pidgin-perl-2.6.6-1.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/pidgin-2.6.6-1.el5.src.rpm i386: finch-devel-2.6.6-1.el5.i386.rpm libpurple-devel-2.6.6-1.el5.i386.rpm pidgin-debuginfo-2.6.6-1.el5.i386.rpm pidgin-devel-2.6.6-1.el5.i386.rpm x86_64: finch-devel-2.6.6-1.el5.i386.rpm finch-devel-2.6.6-1.el5.x86_64.rpm libpurple-devel-2.6.6-1.el5.i386.rpm libpurple-devel-2.6.6-1.el5.x86_64.rpm pidgin-debuginfo-2.6.6-1.el5.i386.rpm pidgin-debuginfo-2.6.6-1.el5.x86_64.rpm pidgin-devel-2.6.6-1.el5.i386.rpm pidgin-devel-2.6.6-1.el5.x86_64.rpm RHEL Optional Productivity Applications (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/pidgin-2.6.6-1.el5.src.rpm i386: finch-2.6.6-1.el5.i386.rpm finch-devel-2.6.6-1.el5.i386.rpm libpurple-2.6.6-1.el5.i386.rpm libpurple-devel-2.6.6-1.el5.i386.rpm libpurple-perl-2.6.6-1.el5.i386.rpm libpurple-tcl-2.6.6-1.el5.i386.rpm pidgin-2.6.6-1.el5.i386.rpm pidgin-debuginfo-2.6.6-1.el5.i386.rpm pidgin-devel-2.6.6-1.el5.i386.rpm pidgin-perl-2.6.6-1.el5.i386.rpm x86_64: finch-2.6.6-1.el5.i386.rpm finch-2.6.6-1.el5.x86_64.rpm finch-devel-2.6.6-1.el5.i386.rpm finch-devel-2.6.6-1.el5.x86_64.rpm libpurple-2.6.6-1.el5.i386.rpm libpurple-2.6.6-1.el5.x86_64.rpm libpurple-devel-2.6.6-1.el5.i386.rpm libpurple-devel-2.6.6-1.el5.x86_64.rpm libpurple-perl-2.6.6-1.el5.x86_64.rpm libpurple-tcl-2.6.6-1.el5.x86_64.rpm pidgin-2.6.6-1.el5.i386.rpm pidgin-2.6.6-1.el5.x86_64.rpm pidgin-debuginfo-2.6.6-1.el5.i386.rpm pidgin-debuginfo-2.6.6-1.el5.x86_64.rpm pidgin-devel-2.6.6-1.el5.i386.rpm pidgin-devel-2.6.6-1.el5.x86_64.rpm pidgin-perl-2.6.6-1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0277.html https://www.redhat.com/security/data/cve/CVE-2010-0420.html https://www.redhat.com/security/data/cve/CVE-2010-0423.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLfWbxXlSAg2UNWIIRAgLAAKCEtE/CEkgrqcKYIrjuldrc1T3eWgCdEL0q vNisx8G/HxTE3EihiGtuYRE= =tu7N -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Feb 26 11:07:57 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 26 Feb 2010 06:07:57 -0500 Subject: [RHSA-2010:0122-01] Important: sudo security update Message-ID: <201002261107.o1QB7vXr020250@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: sudo security update Advisory ID: RHSA-2010:0122-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0122.html Issue date: 2010-02-26 CVE Names: CVE-2010-0426 CVE-2010-0427 ===================================================================== 1. Summary: An updated sudo package that fixes two security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The sudo (superuser do) utility allows system administrators to give certain users the ability to run commands as root. A privilege escalation flaw was found in the way sudo handled the sudoedit pseudo-command. If a local user were authorized by the sudoers file to use this pseudo-command, they could possibly leverage this flaw to execute arbitrary code with the privileges of the root user. (CVE-2010-0426) The sudo utility did not properly initialize supplementary groups when the "runas_default" option (in the sudoers file) was used. If a local user were authorized by the sudoers file to perform their sudo commands under the account specified with "runas_default", they would receive the root user's supplementary groups instead of those of the intended target user, giving them unintended privileges. (CVE-2010-0427) Users of sudo should upgrade to this updated package, which contains backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 567337 - CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution 567622 - CVE-2010-0427 sudo: Fails to reset group permissions if runas_default set 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/sudo-1.6.9p17-6.el5_4.src.rpm i386: sudo-1.6.9p17-6.el5_4.i386.rpm sudo-debuginfo-1.6.9p17-6.el5_4.i386.rpm x86_64: sudo-1.6.9p17-6.el5_4.x86_64.rpm sudo-debuginfo-1.6.9p17-6.el5_4.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/sudo-1.6.9p17-6.el5_4.src.rpm i386: sudo-1.6.9p17-6.el5_4.i386.rpm sudo-debuginfo-1.6.9p17-6.el5_4.i386.rpm ia64: sudo-1.6.9p17-6.el5_4.ia64.rpm sudo-debuginfo-1.6.9p17-6.el5_4.ia64.rpm ppc: sudo-1.6.9p17-6.el5_4.ppc.rpm sudo-debuginfo-1.6.9p17-6.el5_4.ppc.rpm s390x: sudo-1.6.9p17-6.el5_4.s390x.rpm sudo-debuginfo-1.6.9p17-6.el5_4.s390x.rpm x86_64: sudo-1.6.9p17-6.el5_4.x86_64.rpm sudo-debuginfo-1.6.9p17-6.el5_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0426.html https://www.redhat.com/security/data/cve/CVE-2010-0427.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLh6uDXlSAg2UNWIIRAhhJAJ49T7Ti+KIYKerJG/GGnMZHGFVkgwCgijUM FJatlE21Yc9aqgmpeMl/d58= =8gCr -----END PGP SIGNATURE-----