From bugzilla at redhat.com  Tue Jun  1 18:58:23 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Tue, 1 Jun 2010 12:58:23 -0600
Subject: [RHSA-2010:0449-01] Moderate: rhn-client-tools security update
Message-ID: <201006011858.o51IwNQC028988@int-mx02.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: rhn-client-tools security update
Advisory ID:       RHSA-2010:0449-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0449.html
Issue date:        2010-06-01
CVE Names:         CVE-2010-1439 
=====================================================================

1. Summary:

Updated rhn-client-tools packages that fix one security issue are now
available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - noarch
Red Hat Enterprise Linux Desktop (v. 5 client) - noarch

3. Description:

Red Hat Network Client Tools provide programs and libraries that allow your
system to receive software updates from the Red Hat Network (RHN).

It was discovered that rhn-client-tools set insecure permissions on the
loginAuth.pkl file, used to store session credentials for authenticating
connections to Red Hat Network servers. A local, unprivileged user could
use these credentials to download packages from the Red Hat Network. They
could also manipulate package or action lists associated with the system's
profile. (CVE-2010-1439)

Users of rhn-client-tools are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

585386 - CVE-2010-1439 rhn-client-tools: authorized information disclosure

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/rhn-client-tools-0.4.20-33.el5_5.2.src.rpm

noarch:
rhn-check-0.4.20-33.el5_5.2.noarch.rpm
rhn-client-tools-0.4.20-33.el5_5.2.noarch.rpm
rhn-setup-0.4.20-33.el5_5.2.noarch.rpm
rhn-setup-gnome-0.4.20-33.el5_5.2.noarch.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/rhn-client-tools-0.4.20-33.el5_5.2.src.rpm

noarch:
rhn-check-0.4.20-33.el5_5.2.noarch.rpm
rhn-client-tools-0.4.20-33.el5_5.2.noarch.rpm
rhn-setup-0.4.20-33.el5_5.2.noarch.rpm
rhn-setup-gnome-0.4.20-33.el5_5.2.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-1439.html
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMBVgnXlSAg2UNWIIRAoW7AKCbO8acpkoOLi5b494hvH8NVXOvVQCgkMns
CgWbdTxtQ7GOjibKcOeeRrQ=
=UnCV
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Mon Jun  7 16:24:20 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Mon, 7 Jun 2010 10:24:20 -0600
Subject: [RHSA-2010:0457-01] Moderate: perl security update
Message-ID: <201006071624.o57GOL9Q002148@int-mx01.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: perl security update
Advisory ID:       RHSA-2010:0457-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0457.html
Issue date:        2010-06-07
CVE Names:         CVE-2010-1168 CVE-2010-1447 
=====================================================================

1. Summary:

Updated perl packages that fix two security issues are now available for
Red Hat Enterprise Linux 3 and 4.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

Perl is a high-level programming language commonly used for system
administration utilities and web programming. The Safe extension module
allows users to compile and execute Perl code in restricted compartments.

The Safe module did not properly restrict the code of implicitly called
methods (such as DESTROY and AUTOLOAD) on implicitly blessed objects
returned as a result of unsafe code evaluation. These methods could have
been executed unrestricted by Safe when such objects were accessed or
destroyed. A specially-crafted Perl script executed inside of a Safe
compartment could use this flaw to bypass intended Safe module
restrictions. (CVE-2010-1168)

The Safe module did not properly restrict code compiled in a Safe
compartment and executed out of the compartment via a subroutine reference
returned as a result of unsafe code evaluation. A specially-crafted Perl
script executed inside of a Safe compartment could use this flaw to bypass
intended Safe module restrictions, if the returned subroutine reference was
called from outside of the compartment. (CVE-2010-1447)

Red Hat would like to thank Tim Bunce for responsibly reporting the
CVE-2010-1168 and CVE-2010-1447 issues. Upstream acknowledges Nick Cleaton
as the original reporter of CVE-2010-1168, and Tim Bunce and Rafa?l
Garcia-Suarez as the original reporters of CVE-2010-1447.

These packages upgrade the Safe extension module to version 2.27. Refer to
the Safe module's Changes file, linked to in the References, for a full
list of changes.

Users of perl are advised to upgrade to these updated packages, which
correct these issues. All applications using the Safe extension module must
be restarted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

576508 - CVE-2010-1168 perl Safe: Intended restriction bypass via object references
588269 - CVE-2010-1447 perl: Safe restriction bypass when reference to subroutine in compartment is called from outside

6. Package List:

Red Hat Enterprise Linux AS version 3:

Source:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/perl-5.8.0-101.EL3.src.rpm

i386:
perl-5.8.0-101.EL3.i386.rpm
perl-CGI-2.89-101.EL3.i386.rpm
perl-CPAN-1.61-101.EL3.i386.rpm
perl-DB_File-1.806-101.EL3.i386.rpm
perl-debuginfo-5.8.0-101.EL3.i386.rpm
perl-suidperl-5.8.0-101.EL3.i386.rpm

ia64:
perl-5.8.0-101.EL3.ia64.rpm
perl-CGI-2.89-101.EL3.ia64.rpm
perl-CPAN-1.61-101.EL3.ia64.rpm
perl-DB_File-1.806-101.EL3.ia64.rpm
perl-debuginfo-5.8.0-101.EL3.ia64.rpm
perl-suidperl-5.8.0-101.EL3.ia64.rpm

ppc:
perl-5.8.0-101.EL3.ppc.rpm
perl-CGI-2.89-101.EL3.ppc.rpm
perl-CPAN-1.61-101.EL3.ppc.rpm
perl-DB_File-1.806-101.EL3.ppc.rpm
perl-debuginfo-5.8.0-101.EL3.ppc.rpm
perl-suidperl-5.8.0-101.EL3.ppc.rpm

s390:
perl-5.8.0-101.EL3.s390.rpm
perl-CGI-2.89-101.EL3.s390.rpm
perl-CPAN-1.61-101.EL3.s390.rpm
perl-DB_File-1.806-101.EL3.s390.rpm
perl-debuginfo-5.8.0-101.EL3.s390.rpm
perl-suidperl-5.8.0-101.EL3.s390.rpm

s390x:
perl-5.8.0-101.EL3.s390x.rpm
perl-CGI-2.89-101.EL3.s390x.rpm
perl-CPAN-1.61-101.EL3.s390x.rpm
perl-DB_File-1.806-101.EL3.s390x.rpm
perl-debuginfo-5.8.0-101.EL3.s390x.rpm
perl-suidperl-5.8.0-101.EL3.s390x.rpm

x86_64:
perl-5.8.0-101.EL3.x86_64.rpm
perl-CGI-2.89-101.EL3.x86_64.rpm
perl-CPAN-1.61-101.EL3.x86_64.rpm
perl-DB_File-1.806-101.EL3.x86_64.rpm
perl-debuginfo-5.8.0-101.EL3.x86_64.rpm
perl-suidperl-5.8.0-101.EL3.x86_64.rpm

Red Hat Desktop version 3:

Source:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/perl-5.8.0-101.EL3.src.rpm

i386:
perl-5.8.0-101.EL3.i386.rpm
perl-CGI-2.89-101.EL3.i386.rpm
perl-CPAN-1.61-101.EL3.i386.rpm
perl-DB_File-1.806-101.EL3.i386.rpm
perl-debuginfo-5.8.0-101.EL3.i386.rpm
perl-suidperl-5.8.0-101.EL3.i386.rpm

x86_64:
perl-5.8.0-101.EL3.x86_64.rpm
perl-CGI-2.89-101.EL3.x86_64.rpm
perl-CPAN-1.61-101.EL3.x86_64.rpm
perl-DB_File-1.806-101.EL3.x86_64.rpm
perl-debuginfo-5.8.0-101.EL3.x86_64.rpm
perl-suidperl-5.8.0-101.EL3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

Source:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/perl-5.8.0-101.EL3.src.rpm

i386:
perl-5.8.0-101.EL3.i386.rpm
perl-CGI-2.89-101.EL3.i386.rpm
perl-CPAN-1.61-101.EL3.i386.rpm
perl-DB_File-1.806-101.EL3.i386.rpm
perl-debuginfo-5.8.0-101.EL3.i386.rpm
perl-suidperl-5.8.0-101.EL3.i386.rpm

ia64:
perl-5.8.0-101.EL3.ia64.rpm
perl-CGI-2.89-101.EL3.ia64.rpm
perl-CPAN-1.61-101.EL3.ia64.rpm
perl-DB_File-1.806-101.EL3.ia64.rpm
perl-debuginfo-5.8.0-101.EL3.ia64.rpm
perl-suidperl-5.8.0-101.EL3.ia64.rpm

x86_64:
perl-5.8.0-101.EL3.x86_64.rpm
perl-CGI-2.89-101.EL3.x86_64.rpm
perl-CPAN-1.61-101.EL3.x86_64.rpm
perl-DB_File-1.806-101.EL3.x86_64.rpm
perl-debuginfo-5.8.0-101.EL3.x86_64.rpm
perl-suidperl-5.8.0-101.EL3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

Source:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/perl-5.8.0-101.EL3.src.rpm

i386:
perl-5.8.0-101.EL3.i386.rpm
perl-CGI-2.89-101.EL3.i386.rpm
perl-CPAN-1.61-101.EL3.i386.rpm
perl-DB_File-1.806-101.EL3.i386.rpm
perl-debuginfo-5.8.0-101.EL3.i386.rpm
perl-suidperl-5.8.0-101.EL3.i386.rpm

ia64:
perl-5.8.0-101.EL3.ia64.rpm
perl-CGI-2.89-101.EL3.ia64.rpm
perl-CPAN-1.61-101.EL3.ia64.rpm
perl-DB_File-1.806-101.EL3.ia64.rpm
perl-debuginfo-5.8.0-101.EL3.ia64.rpm
perl-suidperl-5.8.0-101.EL3.ia64.rpm

x86_64:
perl-5.8.0-101.EL3.x86_64.rpm
perl-CGI-2.89-101.EL3.x86_64.rpm
perl-CPAN-1.61-101.EL3.x86_64.rpm
perl-DB_File-1.806-101.EL3.x86_64.rpm
perl-debuginfo-5.8.0-101.EL3.x86_64.rpm
perl-suidperl-5.8.0-101.EL3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/perl-5.8.5-53.el4.src.rpm

i386:
perl-5.8.5-53.el4.i386.rpm
perl-debuginfo-5.8.5-53.el4.i386.rpm
perl-suidperl-5.8.5-53.el4.i386.rpm

ia64:
perl-5.8.5-53.el4.ia64.rpm
perl-debuginfo-5.8.5-53.el4.ia64.rpm
perl-suidperl-5.8.5-53.el4.ia64.rpm

ppc:
perl-5.8.5-53.el4.ppc.rpm
perl-debuginfo-5.8.5-53.el4.ppc.rpm
perl-suidperl-5.8.5-53.el4.ppc.rpm

s390:
perl-5.8.5-53.el4.s390.rpm
perl-debuginfo-5.8.5-53.el4.s390.rpm
perl-suidperl-5.8.5-53.el4.s390.rpm

s390x:
perl-5.8.5-53.el4.s390x.rpm
perl-debuginfo-5.8.5-53.el4.s390x.rpm
perl-suidperl-5.8.5-53.el4.s390x.rpm

x86_64:
perl-5.8.5-53.el4.x86_64.rpm
perl-debuginfo-5.8.5-53.el4.x86_64.rpm
perl-suidperl-5.8.5-53.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/perl-5.8.5-53.el4.src.rpm

i386:
perl-5.8.5-53.el4.i386.rpm
perl-debuginfo-5.8.5-53.el4.i386.rpm
perl-suidperl-5.8.5-53.el4.i386.rpm

x86_64:
perl-5.8.5-53.el4.x86_64.rpm
perl-debuginfo-5.8.5-53.el4.x86_64.rpm
perl-suidperl-5.8.5-53.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/perl-5.8.5-53.el4.src.rpm

i386:
perl-5.8.5-53.el4.i386.rpm
perl-debuginfo-5.8.5-53.el4.i386.rpm
perl-suidperl-5.8.5-53.el4.i386.rpm

ia64:
perl-5.8.5-53.el4.ia64.rpm
perl-debuginfo-5.8.5-53.el4.ia64.rpm
perl-suidperl-5.8.5-53.el4.ia64.rpm

x86_64:
perl-5.8.5-53.el4.x86_64.rpm
perl-debuginfo-5.8.5-53.el4.x86_64.rpm
perl-suidperl-5.8.5-53.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/perl-5.8.5-53.el4.src.rpm

i386:
perl-5.8.5-53.el4.i386.rpm
perl-debuginfo-5.8.5-53.el4.i386.rpm
perl-suidperl-5.8.5-53.el4.i386.rpm

ia64:
perl-5.8.5-53.el4.ia64.rpm
perl-debuginfo-5.8.5-53.el4.ia64.rpm
perl-suidperl-5.8.5-53.el4.ia64.rpm

x86_64:
perl-5.8.5-53.el4.x86_64.rpm
perl-debuginfo-5.8.5-53.el4.x86_64.rpm
perl-suidperl-5.8.5-53.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-1168.html
https://www.redhat.com/security/data/cve/CVE-2010-1447.html
http://www.redhat.com/security/updates/classification/#moderate
http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMDR0fXlSAg2UNWIIRAvK6AKCgxDoULNrU8auS+klo7gFwKsOokwCbB0WU
xWE80BKK9xiiMZ5E+GidQok=
=SsIi
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Mon Jun  7 16:25:01 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Mon, 7 Jun 2010 10:25:01 -0600
Subject: [RHSA-2010:0458-02] Moderate: perl security update
Message-ID: <201006071625.o57GP1SP003458@int-mx08.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: perl security update
Advisory ID:       RHSA-2010:0458-02
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0458.html
Issue date:        2010-06-07
CVE Names:         CVE-2008-5302 CVE-2008-5303 CVE-2010-1168 
                   CVE-2010-1447 
=====================================================================

1. Summary:

Updated perl packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

Perl is a high-level programming language commonly used for system
administration utilities and web programming. The Safe extension module
allows users to compile and execute Perl code in restricted compartments.
The File::Path module allows users to create and remove directory trees.

The Safe module did not properly restrict the code of implicitly called
methods (such as DESTROY and AUTOLOAD) on implicitly blessed objects
returned as a result of unsafe code evaluation. These methods could have
been executed unrestricted by Safe when such objects were accessed or
destroyed. A specially-crafted Perl script executed inside of a Safe
compartment could use this flaw to bypass intended Safe module
restrictions. (CVE-2010-1168)

The Safe module did not properly restrict code compiled in a Safe
compartment and executed out of the compartment via a subroutine reference
returned as a result of unsafe code evaluation. A specially-crafted Perl
script executed inside of a Safe compartment could use this flaw to bypass
intended Safe module restrictions, if the returned subroutine reference was
called from outside of the compartment. (CVE-2010-1447)

Multiple race conditions were found in the way the File::Path module's
rmtree function removed directory trees. A malicious, local user with write
access to a directory being removed by a victim, running a Perl script
using rmtree, could cause the permissions of arbitrary files to be changed
to world-writable and setuid, or delete arbitrary files via a symbolic link
attack, if the victim had the privileges to change the permissions of the
target files or to remove them. (CVE-2008-5302, CVE-2008-5303)

Red Hat would like to thank Tim Bunce for responsibly reporting the
CVE-2010-1168 and CVE-2010-1447 issues. Upstream acknowledges Nick Cleaton
as the original reporter of CVE-2010-1168, and Tim Bunce and Rafa?l
Garcia-Suarez as the original reporters of CVE-2010-1447.

These packages upgrade the Safe extension module to version 2.27. Refer to
the Safe module's Changes file, linked to in the References, for a full
list of changes.

Users of perl are advised to upgrade to these updated packages, which
correct these issues. All applications using the Safe or File::Path modules
must be restarted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

473450 - CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
474217 - CVE-2008-5303 symlink perl: File::Path rmtree race condition (CVE-2004-0452) reintroduced after upstream rebase to 5.8.8-1
576508 - CVE-2010-1168 perl Safe: Intended restriction bypass via object references
588269 - CVE-2010-1447 perl: Safe restriction bypass when reference to subroutine in compartment is called from outside

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/perl-5.8.8-32.el5_5.1.src.rpm

i386:
perl-5.8.8-32.el5_5.1.i386.rpm
perl-debuginfo-5.8.8-32.el5_5.1.i386.rpm
perl-suidperl-5.8.8-32.el5_5.1.i386.rpm

x86_64:
perl-5.8.8-32.el5_5.1.i386.rpm
perl-5.8.8-32.el5_5.1.x86_64.rpm
perl-debuginfo-5.8.8-32.el5_5.1.i386.rpm
perl-debuginfo-5.8.8-32.el5_5.1.x86_64.rpm
perl-suidperl-5.8.8-32.el5_5.1.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/perl-5.8.8-32.el5_5.1.src.rpm

i386:
perl-5.8.8-32.el5_5.1.i386.rpm
perl-debuginfo-5.8.8-32.el5_5.1.i386.rpm
perl-suidperl-5.8.8-32.el5_5.1.i386.rpm

ia64:
perl-5.8.8-32.el5_5.1.ia64.rpm
perl-debuginfo-5.8.8-32.el5_5.1.ia64.rpm
perl-suidperl-5.8.8-32.el5_5.1.ia64.rpm

ppc:
perl-5.8.8-32.el5_5.1.ppc.rpm
perl-debuginfo-5.8.8-32.el5_5.1.ppc.rpm
perl-suidperl-5.8.8-32.el5_5.1.ppc.rpm

s390x:
perl-5.8.8-32.el5_5.1.s390x.rpm
perl-debuginfo-5.8.8-32.el5_5.1.s390x.rpm
perl-suidperl-5.8.8-32.el5_5.1.s390x.rpm

x86_64:
perl-5.8.8-32.el5_5.1.x86_64.rpm
perl-debuginfo-5.8.8-32.el5_5.1.x86_64.rpm
perl-suidperl-5.8.8-32.el5_5.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2008-5302.html
https://www.redhat.com/security/data/cve/CVE-2008-5303.html
https://www.redhat.com/security/data/cve/CVE-2010-1168.html
https://www.redhat.com/security/data/cve/CVE-2010-1447.html
http://www.redhat.com/security/updates/classification/#moderate
http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMDR1CXlSAg2UNWIIRAh+ZAJ9JXWWZl1wUHG6xQzjYnPaMD/4vBgCgjuX7
/rnlNnb5K4s+kwNX9qSOeMU=
=QfqT
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Mon Jun  7 19:45:42 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Mon, 7 Jun 2010 13:45:42 -0600
Subject: [RHSA-2010:0459-01] Moderate: openoffice.org security update
Message-ID: <201006071945.o57JjgVq024439@int-mx08.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: openoffice.org security update
Advisory ID:       RHSA-2010:0459-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0459.html
Issue date:        2010-06-07
CVE Names:         CVE-2010-0395 
=====================================================================

1. Summary:

Updated openoffice.org packages that fix one security issue are now
available for Red Hat Enterprise Linux 4 and 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ppc, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, x86_64
Red Hat Enterprise Linux WS version 4 - i386, x86_64

3. Description:

OpenOffice.org is an office productivity suite that includes desktop
applications, such as a word processor, spreadsheet application,
presentation manager, formula editor, and a drawing program.

A flaw was found in the way OpenOffice.org enforced a macro security
setting for macros, written in the Python scripting language, that were
embedded in OpenOffice.org documents. If a user were tricked into opening
a specially-crafted OpenOffice.org document and previewed the macro
directory structure, it could lead to Python macro execution even if macro
execution was disabled. (CVE-2010-0395)

All users of OpenOffice.org are advised to upgrade to these updated
packages, which contain a backported patch to correct this issue. For Red
Hat Enterprise Linux 4, this erratum provides updated openoffice.org2
packages. For Red Hat Enterprise Linux 5, this erratum provides updated
openoffice.org packages. All running instances of OpenOffice.org
applications must be restarted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

574119 - CVE-2010-0395 openoffice.org Execution of Python code when browsing macros

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.4.src.rpm

i386:
openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm

ppc:
openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm
openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.4.ppc.rpm

x86_64:
openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.4.src.rpm

i386:
openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm

x86_64:
openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.4.src.rpm

i386:
openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm

x86_64:
openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openoffice.org2-2.0.4-5.7.0.6.1.el4_8.4.src.rpm

i386:
openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm

x86_64:
openoffice.org2-base-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-calc-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-core-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-debuginfo-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-draw-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-emailmerge-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-graphicfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-impress-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-javafilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ar-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-bn-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-da_DK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-de-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-el_GR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-es-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-et_EE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-fr-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-he_IL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hr_HR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-hu_HU-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-it-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ja_JP-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ko_KR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-lt_LT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ms_MY-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nb_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nl-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-nn_NO-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pa_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pl_PL-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_BR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-pt_PT-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ru-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sk_SK-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sl_SI-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sr_CS-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-sv-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-ta_IN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-th_TH-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-tr_TR-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_CN-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zh_TW-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-langpack-zu_ZA-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-math-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-pyuno-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-testtools-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-writer-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm
openoffice.org2-xsltfilter-2.0.4-5.7.0.6.1.el4_8.4.i386.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/openoffice.org-3.1.1-19.5.el5_5.1.src.rpm

i386:
openoffice.org-base-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-calc-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-core-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-debuginfo-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-draw-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-emailmerge-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-graphicfilter-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-headless-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-impress-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-javafilter-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-af_ZA-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ar-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-as_IN-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-bg_BG-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-bn-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ca_ES-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-cs_CZ-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-cy_GB-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-da_DK-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-de-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-el_GR-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-es-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-et_EE-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-eu_ES-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-fi_FI-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-fr-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ga_IE-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-gl_ES-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-gu_IN-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-he_IL-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-hi_IN-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-hr_HR-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-hu_HU-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-it-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ja_JP-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-kn_IN-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ko_KR-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-lt_LT-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ml_IN-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-mr_IN-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ms_MY-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-nb_NO-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-nl-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-nn_NO-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-nr_ZA-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-nso_ZA-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-or_IN-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-pa_IN-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-pl_PL-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-pt_BR-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-pt_PT-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ru-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-sk_SK-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-sl_SI-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-sr_CS-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ss_ZA-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-st_ZA-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-sv-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ta_IN-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-te_IN-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-th_TH-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-tn_ZA-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-tr_TR-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ts_ZA-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ur-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-ve_ZA-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-xh_ZA-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-zh_CN-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-zh_TW-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-langpack-zu_ZA-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-math-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-pyuno-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-sdk-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-sdk-doc-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-testtools-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-ure-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-writer-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-xsltfilter-3.1.1-19.5.el5_5.1.i386.rpm

x86_64:
openoffice.org-base-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-calc-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-core-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-debuginfo-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-draw-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-emailmerge-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-graphicfilter-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-headless-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-impress-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-javafilter-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-af_ZA-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ar-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-as_IN-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-bg_BG-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-bn-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ca_ES-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-cs_CZ-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-cy_GB-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-da_DK-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-de-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-el_GR-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-es-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-et_EE-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-eu_ES-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-fi_FI-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-fr-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ga_IE-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-gl_ES-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-gu_IN-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-he_IL-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-hi_IN-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-hr_HR-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-hu_HU-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-it-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ja_JP-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-kn_IN-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ko_KR-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-lt_LT-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ml_IN-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-mr_IN-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ms_MY-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-nb_NO-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-nl-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-nn_NO-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-nr_ZA-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-nso_ZA-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-or_IN-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-pa_IN-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-pl_PL-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-pt_BR-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-pt_PT-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ru-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-sk_SK-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-sl_SI-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-sr_CS-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ss_ZA-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-st_ZA-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-sv-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ta_IN-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-te_IN-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-th_TH-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-tn_ZA-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-tr_TR-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ts_ZA-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ur-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-ve_ZA-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-xh_ZA-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-zh_CN-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-zh_TW-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-langpack-zu_ZA-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-math-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-pyuno-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-testtools-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-ure-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-writer-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-xsltfilter-3.1.1-19.5.el5_5.1.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/openoffice.org-3.1.1-19.5.el5_5.1.src.rpm

i386:
openoffice.org-debuginfo-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-sdk-3.1.1-19.5.el5_5.1.i386.rpm
openoffice.org-sdk-doc-3.1.1-19.5.el5_5.1.i386.rpm

x86_64:
openoffice.org-debuginfo-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-sdk-3.1.1-19.5.el5_5.1.x86_64.rpm
openoffice.org-sdk-doc-3.1.1-19.5.el5_5.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-0395.html
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMDUxKXlSAg2UNWIIRAsQVAJ0Vghl0yu91iYtF5LHlAZUCGohWfACfSfSH
14IQ/qATU7+iGo+5jrWSJFo=
=p7/o
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Fri Jun 11 16:34:33 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Fri, 11 Jun 2010 10:34:33 -0600
Subject: [RHSA-2010:0464-01] Critical: flash-plugin security update
Message-ID: <201006111634.o5BGYXEY012970@int-mx02.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: flash-plugin security update
Advisory ID:       RHSA-2010:0464-01
Product:           Red Hat Enterprise Linux Extras
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0464.html
Issue date:        2010-06-11
CVE Names:         CVE-2008-4546 CVE-2009-3793 CVE-2010-1297 
                   CVE-2010-2160 CVE-2010-2161 CVE-2010-2162 
                   CVE-2010-2163 CVE-2010-2164 CVE-2010-2165 
                   CVE-2010-2166 CVE-2010-2167 CVE-2010-2169 
                   CVE-2010-2170 CVE-2010-2171 CVE-2010-2173 
                   CVE-2010-2174 CVE-2010-2175 CVE-2010-2176 
                   CVE-2010-2177 CVE-2010-2178 CVE-2010-2179 
                   CVE-2010-2180 CVE-2010-2181 CVE-2010-2182 
                   CVE-2010-2183 CVE-2010-2184 CVE-2010-2185 
                   CVE-2010-2186 CVE-2010-2187 CVE-2010-2188 
=====================================================================

1. Summary:

An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 Supplementary.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Desktop Supplementary (v. 5 client) - i386, x86_64
RHEL Supplementary (v. 5 server) - i386, x86_64

3. Description:

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.

This update fixes multiple vulnerabilities in Adobe Flash Player. These
vulnerabilities are detailed on the Adobe security pages APSA10-01 and
APSB10-14, listed in the References section.

Multiple security flaws were found in the way flash-plugin displayed
certain SWF content. An attacker could use these flaws to create a
specially-crafted SWF file that would cause flash-plugin to crash or,
potentially, execute arbitrary code when the victim loaded a page
containing the specially-crafted SWF content. (CVE-2009-3793,
CVE-2010-1297, CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163,
CVE-2010-2164, CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169,
CVE-2010-2170, CVE-2010-2171, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175,
CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2181,
CVE-2010-2182, CVE-2010-2183, CVE-2010-2184, CVE-2010-2185, CVE-2010-2186,
CVE-2010-2187, CVE-2010-2188)

An input sanitization flaw was found in the way flash-plugin processed
certain URLs. An attacker could use this flaw to conduct cross-site
scripting (XSS) attacks if a victim were tricked into visiting a
specially-crafted web page. (CVE-2010-2179)

A denial of service flaw was found in the way flash-plugin processed
certain SWF content. An attacker could use this flaw to create a
specially-crafted SWF file that would cause flash-plugin to crash.
(CVE-2008-4546)

All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 10.1.53.64.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

467082 - CVE-2008-4546 flash-plugin: crash caused by SWF files with different SWF versions obtained from the same URL
600692 - CVE-2010-1297 acroread, flash-plugin: Arbitrary code execution by opening a specially-crafted PDF file with malicious SWF content (APSA10-01)
602847 - flash-plugin: multiple security flaws (APSB10-14)

6. Package List:

RHEL Desktop Supplementary (v. 5 client):

i386:
flash-plugin-10.1-2.el5.i386.rpm

x86_64:
flash-plugin-10.1-2.el5.i386.rpm

RHEL Supplementary (v. 5 server):

i386:
flash-plugin-10.1-2.el5.i386.rpm

x86_64:
flash-plugin-10.1-2.el5.i386.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2008-4546.html
https://www.redhat.com/security/data/cve/CVE-2009-3793.html
https://www.redhat.com/security/data/cve/CVE-2010-1297.html
https://www.redhat.com/security/data/cve/CVE-2010-2160.html
https://www.redhat.com/security/data/cve/CVE-2010-2161.html
https://www.redhat.com/security/data/cve/CVE-2010-2162.html
https://www.redhat.com/security/data/cve/CVE-2010-2163.html
https://www.redhat.com/security/data/cve/CVE-2010-2164.html
https://www.redhat.com/security/data/cve/CVE-2010-2165.html
https://www.redhat.com/security/data/cve/CVE-2010-2166.html
https://www.redhat.com/security/data/cve/CVE-2010-2167.html
https://www.redhat.com/security/data/cve/CVE-2010-2169.html
https://www.redhat.com/security/data/cve/CVE-2010-2170.html
https://www.redhat.com/security/data/cve/CVE-2010-2171.html
https://www.redhat.com/security/data/cve/CVE-2010-2173.html
https://www.redhat.com/security/data/cve/CVE-2010-2174.html
https://www.redhat.com/security/data/cve/CVE-2010-2175.html
https://www.redhat.com/security/data/cve/CVE-2010-2176.html
https://www.redhat.com/security/data/cve/CVE-2010-2177.html
https://www.redhat.com/security/data/cve/CVE-2010-2178.html
https://www.redhat.com/security/data/cve/CVE-2010-2179.html
https://www.redhat.com/security/data/cve/CVE-2010-2180.html
https://www.redhat.com/security/data/cve/CVE-2010-2181.html
https://www.redhat.com/security/data/cve/CVE-2010-2182.html
https://www.redhat.com/security/data/cve/CVE-2010-2183.html
https://www.redhat.com/security/data/cve/CVE-2010-2184.html
https://www.redhat.com/security/data/cve/CVE-2010-2185.html
https://www.redhat.com/security/data/cve/CVE-2010-2186.html
https://www.redhat.com/security/data/cve/CVE-2010-2187.html
https://www.redhat.com/security/data/cve/CVE-2010-2188.html
http://www.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/advisories/apsa10-01.html
http://www.adobe.com/support/security/bulletins/apsb10-14.html

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMEmV+XlSAg2UNWIIRArxxAJkBfl/dOmFRIAqzficWGgtCi5PqyACgvT/Y
v+rUV7NqfnCTSGKYzhRoHiU=
=NS2W
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Mon Jun 14 22:37:39 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Mon, 14 Jun 2010 16:37:39 -0600
Subject: [RHSA-2010:0470-01] Critical: flash-plugin security update
Message-ID: <201006142237.o5EMbdS5031453@int-mx04.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: flash-plugin security update
Advisory ID:       RHSA-2010:0470-01
Product:           Red Hat Enterprise Linux Extras
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0470.html
Issue date:        2010-06-14
CVE Names:         CVE-2009-3793 CVE-2010-2160 CVE-2010-2161 
                   CVE-2010-2162 CVE-2010-2163 CVE-2010-2164 
                   CVE-2010-2165 CVE-2010-2166 CVE-2010-2167 
                   CVE-2010-2169 CVE-2010-2170 CVE-2010-2171 
                   CVE-2010-2172 CVE-2010-2173 CVE-2010-2174 
                   CVE-2010-2175 CVE-2010-2176 CVE-2010-2177 
                   CVE-2010-2178 CVE-2010-2179 CVE-2010-2180 
                   CVE-2010-2181 CVE-2010-2182 CVE-2010-2183 
                   CVE-2010-2184 CVE-2010-2185 CVE-2010-2186 
                   CVE-2010-2187 CVE-2010-2188 
=====================================================================

1. Summary:

An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 3 and 4 Extras.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Desktop version 3 Extras - i386
Red Hat Desktop version 4 Extras - i386
Red Hat Enterprise Linux AS version 3 Extras - i386
Red Hat Enterprise Linux AS version 4 Extras - i386
Red Hat Enterprise Linux ES version 3 Extras - i386
Red Hat Enterprise Linux ES version 4 Extras - i386
Red Hat Enterprise Linux WS version 3 Extras - i386
Red Hat Enterprise Linux WS version 4 Extras - i386

3. Description:

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.

This update fixes multiple vulnerabilities in Adobe Flash Player. These
vulnerabilities are detailed on the Adobe security page APSB10-14,
listed in the References section.

Multiple security flaws were found in the way flash-plugin displayed
certain SWF content. An attacker could use these flaws to create a
specially-crafted SWF file that would cause flash-plugin to crash or,
potentially, execute arbitrary code when the victim loaded a page
containing the specially-crafted SWF content. (CVE-2009-3793,
CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163, CVE-2010-2164, 
CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169, CVE-2010-2170, 
CVE-2010-2171, CVE-2010-2172, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175, 
CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2181, 
CVE-2010-2182, CVE-2010-2183, CVE-2010-2184, CVE-2010-2185, CVE-2010-2186, 
CVE-2010-2187, CVE-2010-2188)

An input sanitization flaw was found in the way flash-plugin processed
certain URLs. An attacker could use this flaw to conduct cross-site
scripting (XSS) attacks if a victim were tricked into visiting a
specially-crafted web page. (CVE-2010-2179)

All users of Adobe Flash Player should install this updated package,
which upgrades Flash Player to version 9.0.277.0.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

602627 - CVE-2010-2172 flash-plugin: CVE-2010-0187 "possible player crash" affects also v9.x versions of Adobe Flash Player
602847 - flash-plugin: multiple security flaws (APSB10-14)

6. Package List:

Red Hat Enterprise Linux AS version 3 Extras:

i386:
flash-plugin-9.0.277.0-1.el3.with.oss.i386.rpm

Red Hat Desktop version 3 Extras:

i386:
flash-plugin-9.0.277.0-1.el3.with.oss.i386.rpm

Red Hat Enterprise Linux ES version 3 Extras:

i386:
flash-plugin-9.0.277.0-1.el3.with.oss.i386.rpm

Red Hat Enterprise Linux WS version 3 Extras:

i386:
flash-plugin-9.0.277.0-1.el3.with.oss.i386.rpm

Red Hat Enterprise Linux AS version 4 Extras:

i386:
flash-plugin-9.0.277.0-1.el4.i386.rpm

Red Hat Desktop version 4 Extras:

i386:
flash-plugin-9.0.277.0-1.el4.i386.rpm

Red Hat Enterprise Linux ES version 4 Extras:

i386:
flash-plugin-9.0.277.0-1.el4.i386.rpm

Red Hat Enterprise Linux WS version 4 Extras:

i386:
flash-plugin-9.0.277.0-1.el4.i386.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2009-3793.html
https://www.redhat.com/security/data/cve/CVE-2010-2160.html
https://www.redhat.com/security/data/cve/CVE-2010-2161.html
https://www.redhat.com/security/data/cve/CVE-2010-2162.html
https://www.redhat.com/security/data/cve/CVE-2010-2163.html
https://www.redhat.com/security/data/cve/CVE-2010-2164.html
https://www.redhat.com/security/data/cve/CVE-2010-2165.html
https://www.redhat.com/security/data/cve/CVE-2010-2166.html
https://www.redhat.com/security/data/cve/CVE-2010-2167.html
https://www.redhat.com/security/data/cve/CVE-2010-2169.html
https://www.redhat.com/security/data/cve/CVE-2010-2170.html
https://www.redhat.com/security/data/cve/CVE-2010-2171.html
https://www.redhat.com/security/data/cve/CVE-2010-2172.html
https://www.redhat.com/security/data/cve/CVE-2010-2173.html
https://www.redhat.com/security/data/cve/CVE-2010-2174.html
https://www.redhat.com/security/data/cve/CVE-2010-2175.html
https://www.redhat.com/security/data/cve/CVE-2010-2176.html
https://www.redhat.com/security/data/cve/CVE-2010-2177.html
https://www.redhat.com/security/data/cve/CVE-2010-2178.html
https://www.redhat.com/security/data/cve/CVE-2010-2179.html
https://www.redhat.com/security/data/cve/CVE-2010-2180.html
https://www.redhat.com/security/data/cve/CVE-2010-2181.html
https://www.redhat.com/security/data/cve/CVE-2010-2182.html
https://www.redhat.com/security/data/cve/CVE-2010-2183.html
https://www.redhat.com/security/data/cve/CVE-2010-2184.html
https://www.redhat.com/security/data/cve/CVE-2010-2185.html
https://www.redhat.com/security/data/cve/CVE-2010-2186.html
https://www.redhat.com/security/data/cve/CVE-2010-2187.html
https://www.redhat.com/security/data/cve/CVE-2010-2188.html
http://www.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb10-14.html

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMFq8gXlSAg2UNWIIRAircAJwKjcvhBnB4LM3/k0QyNr8c1+zjewCgmxH+
kDDBVLqtWLHb/nHS6fGNXqc=
=h16w
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Wed Jun 16 00:07:46 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Tue, 15 Jun 2010 18:07:46 -0600
Subject: [RHSA-2010:0474-01] Important: kernel security and bug fix update
Message-ID: <201006160007.o5G07kSb027274@int-mx01.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2010:0474-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0474.html
Issue date:        2010-06-15
CVE Names:         CVE-2009-3726 CVE-2010-1173 CVE-2010-1437 
=====================================================================

1. Summary:

Updated kernel packages that fix three security issues and several bugs are
now available for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security fixes:

* a NULL pointer dereference flaw was found in the Linux kernel NFSv4
implementation. Several of the NFSv4 file locking functions failed to check
whether a file had been opened on the server before performing locking
operations on it. A local, unprivileged user on a system with an NFSv4
share mounted could possibly use this flaw to cause a kernel panic (denial
of service) or escalate their privileges. (CVE-2009-3726, Important)

* a flaw was found in the sctp_process_unk_param() function in the Linux
kernel Stream Control Transmission Protocol (SCTP) implementation. A remote
attacker could send a specially-crafted SCTP packet to an SCTP listening
port on a target system, causing a kernel panic (denial of service).
(CVE-2010-1173, Important)

* a race condition between finding a keyring by name and destroying a freed
keyring was found in the Linux kernel key management facility. A local,
unprivileged user could use this flaw to cause a kernel panic (denial of
service) or escalate their privileges. (CVE-2010-1437, Important)

Red Hat would like to thank Simon Vallet for responsibly reporting
CVE-2009-3726; and Jukka Taimisto and Olli Jarva of Codenomicon Ltd, Nokia
Siemens Networks, and Wind River on behalf of their customer, for
responsibly reporting CVE-2010-1173.

Bug fixes:

* RHBA-2007:0791 introduced a regression in the Journaling Block Device
(JBD). Under certain circumstances, removing a large file (such as 300 MB
or more) did not result in inactive memory being freed, leading to the
system having a large amount of inactive memory. Now, the memory is
correctly freed. (BZ#589155)

* the timer_interrupt() routine did not scale lost real ticks to logical
ticks correctly, possibly causing time drift for 64-bit Red Hat Enterprise
Linux 4 KVM (Kernel-based Virtual Machine) guests that were booted with the
"divider=x" kernel parameter set to a value greater than 1. "warning: many
lost ticks" messages may have been logged on the affected guest systems.
(BZ#590551)

* a bug could have prevented NFSv3 clients from having the most up-to-date
file attributes for files on a given NFSv3 file system. In cases where a
file type changed, such as if a file was removed and replaced with a
directory of the same name, the NFSv3 client may not have noticed this
change until stat(2) was called (for example, by running "ls -l").
(BZ#596372)

* RHBA-2007:0791 introduced bugs in the Linux kernel PCI-X subsystem. These
could have caused a system deadlock on some systems where the BIOS set the
default Maximum Memory Read Byte Count (MMRBC) to 4096, and that also use
the Intel PRO/1000 Linux driver, e1000. Errors such as "e1000: eth[x]:
e1000_clean_tx_irq: Detected Tx Unit Hang" were logged. (BZ#596374)

* an out of memory condition in a KVM guest, using the virtio-net network
driver and also under heavy network stress, could have resulted in
that guest being unable to receive network traffic. Users had to manually
remove and re-add the virtio_net module and restart the network service
before networking worked as expected. Such memory conditions no longer
prevent KVM guests receiving network traffic. (BZ#597310)

* when an SFQ qdisc that limited the queue size to two packets was added to
a network interface, sending traffic through that interface resulted in a
kernel crash. Such a qdisc no longer results in a kernel crash. (BZ#597312)

* when an NFS client opened a file with the O_TRUNC flag set, it received
a valid stateid, but did not use that stateid to perform the SETATTR call.
Such cases were rejected by Red Hat Enterprise Linux 4 NFS servers with an
"NFS4ERR_BAD_STATEID" error, possibly preventing some NFS clients from
writing files to an NFS file system. (BZ#597314)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

529227 - CVE-2009-3726 kernel: nfsv4: kernel panic in nfs4_proc_lock()
584645 - CVE-2010-1173 kernel: sctp: crash due to malformed SCTPChunkInit packet
585094 - CVE-2010-1437 kernel: keyrings: find_keyring_by_name() can gain the freed keyring
589155 - jbd not releasing data buffers, causing high inactive meory in RHEL4.6 /proc/meminfo [rhel-4.8.z]
590551 - time drift due to incorrect accounting of lost ticks with VXTIME_PMTMR mode and VXTIME_TSC mode if 'tick_divider' > 1 [rhel-4.8.z]
596372 - NFSv3 file attributes are not updated by READDIRPLUS reply [rhel-4.8.z]
596374 - e1000_clean_tx_irq: Detected Tx Unit Hang [rhel-4.8.z]
597310 - Lost the network in a KVM VM on top of 4.9 [rhel-4.8.z]
597312 - SFQ qdisc crashes with limit of 2 packets [rhel-4.8.z]
597314 - cthon test5 failing on nfsv4 with rhel6 client vs. rhel4 server [rhel-4.8.z]

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-89.0.26.EL.src.rpm

i386:
kernel-2.6.9-89.0.26.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.i686.rpm
kernel-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.26.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-smp-2.6.9-89.0.26.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-xenU-2.6.9-89.0.26.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.26.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.26.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.ia64.rpm
kernel-devel-2.6.9-89.0.26.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.26.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.26.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.26.EL.noarch.rpm

ppc:
kernel-2.6.9-89.0.26.EL.ppc64.rpm
kernel-2.6.9-89.0.26.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.ppc64.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.ppc64iseries.rpm
kernel-devel-2.6.9-89.0.26.EL.ppc64.rpm
kernel-devel-2.6.9-89.0.26.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-89.0.26.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-89.0.26.EL.ppc64.rpm

s390:
kernel-2.6.9-89.0.26.EL.s390.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.s390.rpm
kernel-devel-2.6.9-89.0.26.EL.s390.rpm

s390x:
kernel-2.6.9-89.0.26.EL.s390x.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.s390x.rpm
kernel-devel-2.6.9-89.0.26.EL.s390x.rpm

x86_64:
kernel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.26.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.26.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.26.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.26.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-89.0.26.EL.src.rpm

i386:
kernel-2.6.9-89.0.26.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.i686.rpm
kernel-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.26.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-smp-2.6.9-89.0.26.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-xenU-2.6.9-89.0.26.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.26.EL.i686.rpm

noarch:
kernel-doc-2.6.9-89.0.26.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.26.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.26.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.26.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.26.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-89.0.26.EL.src.rpm

i386:
kernel-2.6.9-89.0.26.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.i686.rpm
kernel-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.26.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-smp-2.6.9-89.0.26.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-xenU-2.6.9-89.0.26.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.26.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.26.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.ia64.rpm
kernel-devel-2.6.9-89.0.26.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.26.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.26.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.26.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.26.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.26.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.26.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.26.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-89.0.26.EL.src.rpm

i386:
kernel-2.6.9-89.0.26.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.i686.rpm
kernel-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.26.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-smp-2.6.9-89.0.26.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.26.EL.i686.rpm
kernel-xenU-2.6.9-89.0.26.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.26.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.26.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.ia64.rpm
kernel-devel-2.6.9-89.0.26.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.26.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.26.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.26.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.26.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.26.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.26.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.26.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.26.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.26.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2009-3726.html
https://www.redhat.com/security/data/cve/CVE-2010-1173.html
https://www.redhat.com/security/data/cve/CVE-2010-1437.html
http://www.redhat.com/security/updates/classification/#important
http://kbase.redhat.com/faq/docs/DOC-31052

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMGBWaXlSAg2UNWIIRAkUbAJ90czdaWrqB/tD+CV3xWuRBey6GhQCfRO9e
hZNay9T4vFoXU9t3eMO8KSc=
=o6Vh
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Wed Jun 16 00:09:04 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Tue, 15 Jun 2010 18:09:04 -0600
Subject: [RHSA-2010:0475-01] Moderate: sudo security update
Message-ID: <201006160009.o5G094SE019493@int-mx03.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: sudo security update
Advisory ID:       RHSA-2010:0475-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0475.html
Issue date:        2010-06-15
CVE Names:         CVE-2010-1646 
=====================================================================

1. Summary:

An updated sudo package that fixes one security issue is now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root.

A flaw was found in the way sudo handled the presence of duplicated
environment variables. A local user authorized to run commands using sudo
could use this flaw to set additional values for the environment variables
set by sudo, which could result in those values being used by the executed
command instead of the values set by sudo. This could possibly lead to
certain intended restrictions being bypassed, such as the secure_path
setting. (CVE-2010-1646)

Red Hat would like to thank Anders Kaseorg and Evan Broder of Ksplice, Inc.
for responsibly reporting this issue.

Users of sudo should upgrade to this updated package, which contains a
backported patch to correct this issue.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

598154 - CVE-2010-1646 sudo: insufficient environment sanitization issue

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/sudo-1.7.2p1-7.el5_5.src.rpm

i386:
sudo-1.7.2p1-7.el5_5.i386.rpm
sudo-debuginfo-1.7.2p1-7.el5_5.i386.rpm

x86_64:
sudo-1.7.2p1-7.el5_5.x86_64.rpm
sudo-debuginfo-1.7.2p1-7.el5_5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/sudo-1.7.2p1-7.el5_5.src.rpm

i386:
sudo-1.7.2p1-7.el5_5.i386.rpm
sudo-debuginfo-1.7.2p1-7.el5_5.i386.rpm

ia64:
sudo-1.7.2p1-7.el5_5.ia64.rpm
sudo-debuginfo-1.7.2p1-7.el5_5.ia64.rpm

ppc:
sudo-1.7.2p1-7.el5_5.ppc.rpm
sudo-debuginfo-1.7.2p1-7.el5_5.ppc.rpm

s390x:
sudo-1.7.2p1-7.el5_5.s390x.rpm
sudo-debuginfo-1.7.2p1-7.el5_5.s390x.rpm

x86_64:
sudo-1.7.2p1-7.el5_5.x86_64.rpm
sudo-debuginfo-1.7.2p1-7.el5_5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-1646.html
http://www.redhat.com/security/updates/classification/#moderate
http://www.sudo.ws/sudo/alerts/secure_path.html

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMGBXsXlSAg2UNWIIRAnukAJ0UoCVPSqzBoJY7roEO7U67yMxvOACgipz2
S8841RyUm0eSGVXz2tJv6d8=
=ermd
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Wed Jun 16 21:38:33 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Wed, 16 Jun 2010 15:38:33 -0600
Subject: [RHSA-2010:0488-01] Critical: samba and samba3x security update
Message-ID: <201006162138.o5GLcXw1002781@int-mx01.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: samba and samba3x security update
Advisory ID:       RHSA-2010:0488-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0488.html
Issue date:        2010-06-16
CVE Names:         CVE-2010-2063 
=====================================================================

1. Summary:

Updated samba and samba3x packages that fix one security issue are now
available for Red Hat Enterprise Linux 3, 4, and 5, and Red Hat Enterprise
Linux 4.7, 5.3, and 5.4 Extended Update Support.

The Red Hat Security Response Team has rated this update as having critical
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux (v. 5.3.z server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux (v. 5.4.z server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux AS version 4.7.z - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux ES version 4.7.z - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

Samba is a suite of programs used by machines to share files, printers, and
other information.

An input sanitization flaw was found in the way Samba parsed client data. A
malicious client could send a specially-crafted SMB packet to the Samba
server, resulting in arbitrary code execution with the privileges of the
Samba server (smbd). (CVE-2010-2063)

Red Hat would like to thank the Samba team for responsibly reporting this
issue. Upstream acknowledges Jun Mao as the original reporter.

Users of Samba are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing this
update, the smb service will be restarted automatically.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

601419 - CVE-2010-2063 samba: memory corruption vulnerability

6. Package List:

Red Hat Enterprise Linux AS version 3:

Source:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/samba-3.0.9-1.3E.17.src.rpm

i386:
samba-3.0.9-1.3E.17.i386.rpm
samba-client-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-debuginfo-3.0.9-1.3E.17.i386.rpm
samba-swat-3.0.9-1.3E.17.i386.rpm

ia64:
samba-3.0.9-1.3E.17.i386.rpm
samba-3.0.9-1.3E.17.ia64.rpm
samba-client-3.0.9-1.3E.17.ia64.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.ia64.rpm
samba-debuginfo-3.0.9-1.3E.17.i386.rpm
samba-debuginfo-3.0.9-1.3E.17.ia64.rpm
samba-swat-3.0.9-1.3E.17.ia64.rpm

ppc:
samba-3.0.9-1.3E.17.ppc.rpm
samba-3.0.9-1.3E.17.ppc64.rpm
samba-client-3.0.9-1.3E.17.ppc.rpm
samba-common-3.0.9-1.3E.17.ppc.rpm
samba-common-3.0.9-1.3E.17.ppc64.rpm
samba-debuginfo-3.0.9-1.3E.17.ppc.rpm
samba-debuginfo-3.0.9-1.3E.17.ppc64.rpm
samba-swat-3.0.9-1.3E.17.ppc.rpm

s390:
samba-3.0.9-1.3E.17.s390.rpm
samba-client-3.0.9-1.3E.17.s390.rpm
samba-common-3.0.9-1.3E.17.s390.rpm
samba-debuginfo-3.0.9-1.3E.17.s390.rpm
samba-swat-3.0.9-1.3E.17.s390.rpm

s390x:
samba-3.0.9-1.3E.17.s390.rpm
samba-3.0.9-1.3E.17.s390x.rpm
samba-client-3.0.9-1.3E.17.s390x.rpm
samba-common-3.0.9-1.3E.17.s390.rpm
samba-common-3.0.9-1.3E.17.s390x.rpm
samba-debuginfo-3.0.9-1.3E.17.s390.rpm
samba-debuginfo-3.0.9-1.3E.17.s390x.rpm
samba-swat-3.0.9-1.3E.17.s390x.rpm

x86_64:
samba-3.0.9-1.3E.17.i386.rpm
samba-3.0.9-1.3E.17.x86_64.rpm
samba-client-3.0.9-1.3E.17.x86_64.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.x86_64.rpm
samba-debuginfo-3.0.9-1.3E.17.i386.rpm
samba-debuginfo-3.0.9-1.3E.17.x86_64.rpm
samba-swat-3.0.9-1.3E.17.x86_64.rpm

Red Hat Desktop version 3:

Source:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/samba-3.0.9-1.3E.17.src.rpm

i386:
samba-3.0.9-1.3E.17.i386.rpm
samba-client-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-debuginfo-3.0.9-1.3E.17.i386.rpm
samba-swat-3.0.9-1.3E.17.i386.rpm

x86_64:
samba-3.0.9-1.3E.17.i386.rpm
samba-3.0.9-1.3E.17.x86_64.rpm
samba-client-3.0.9-1.3E.17.x86_64.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.x86_64.rpm
samba-debuginfo-3.0.9-1.3E.17.i386.rpm
samba-debuginfo-3.0.9-1.3E.17.x86_64.rpm
samba-swat-3.0.9-1.3E.17.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

Source:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/samba-3.0.9-1.3E.17.src.rpm

i386:
samba-3.0.9-1.3E.17.i386.rpm
samba-client-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-debuginfo-3.0.9-1.3E.17.i386.rpm
samba-swat-3.0.9-1.3E.17.i386.rpm

ia64:
samba-3.0.9-1.3E.17.i386.rpm
samba-3.0.9-1.3E.17.ia64.rpm
samba-client-3.0.9-1.3E.17.ia64.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.ia64.rpm
samba-debuginfo-3.0.9-1.3E.17.i386.rpm
samba-debuginfo-3.0.9-1.3E.17.ia64.rpm
samba-swat-3.0.9-1.3E.17.ia64.rpm

x86_64:
samba-3.0.9-1.3E.17.i386.rpm
samba-3.0.9-1.3E.17.x86_64.rpm
samba-client-3.0.9-1.3E.17.x86_64.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.x86_64.rpm
samba-debuginfo-3.0.9-1.3E.17.i386.rpm
samba-debuginfo-3.0.9-1.3E.17.x86_64.rpm
samba-swat-3.0.9-1.3E.17.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

Source:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/samba-3.0.9-1.3E.17.src.rpm

i386:
samba-3.0.9-1.3E.17.i386.rpm
samba-client-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-debuginfo-3.0.9-1.3E.17.i386.rpm
samba-swat-3.0.9-1.3E.17.i386.rpm

ia64:
samba-3.0.9-1.3E.17.i386.rpm
samba-3.0.9-1.3E.17.ia64.rpm
samba-client-3.0.9-1.3E.17.ia64.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.ia64.rpm
samba-debuginfo-3.0.9-1.3E.17.i386.rpm
samba-debuginfo-3.0.9-1.3E.17.ia64.rpm
samba-swat-3.0.9-1.3E.17.ia64.rpm

x86_64:
samba-3.0.9-1.3E.17.i386.rpm
samba-3.0.9-1.3E.17.x86_64.rpm
samba-client-3.0.9-1.3E.17.x86_64.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.x86_64.rpm
samba-debuginfo-3.0.9-1.3E.17.i386.rpm
samba-debuginfo-3.0.9-1.3E.17.x86_64.rpm
samba-swat-3.0.9-1.3E.17.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.33-0.19.el4_8.1.src.rpm

i386:
samba-3.0.33-0.19.el4_8.1.i386.rpm
samba-client-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.i386.rpm
samba-swat-3.0.33-0.19.el4_8.1.i386.rpm

ia64:
samba-3.0.33-0.19.el4_8.1.ia64.rpm
samba-client-3.0.33-0.19.el4_8.1.ia64.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.ia64.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.i386.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.ia64.rpm
samba-swat-3.0.33-0.19.el4_8.1.ia64.rpm

ppc:
samba-3.0.33-0.19.el4_8.1.ppc.rpm
samba-client-3.0.33-0.19.el4_8.1.ppc.rpm
samba-common-3.0.33-0.19.el4_8.1.ppc.rpm
samba-common-3.0.33-0.19.el4_8.1.ppc64.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.ppc.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.ppc64.rpm
samba-swat-3.0.33-0.19.el4_8.1.ppc.rpm

s390:
samba-3.0.33-0.19.el4_8.1.s390.rpm
samba-client-3.0.33-0.19.el4_8.1.s390.rpm
samba-common-3.0.33-0.19.el4_8.1.s390.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.s390.rpm
samba-swat-3.0.33-0.19.el4_8.1.s390.rpm

s390x:
samba-3.0.33-0.19.el4_8.1.s390x.rpm
samba-client-3.0.33-0.19.el4_8.1.s390x.rpm
samba-common-3.0.33-0.19.el4_8.1.s390.rpm
samba-common-3.0.33-0.19.el4_8.1.s390x.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.s390.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.s390x.rpm
samba-swat-3.0.33-0.19.el4_8.1.s390x.rpm

x86_64:
samba-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-client-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.i386.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-swat-3.0.33-0.19.el4_8.1.x86_64.rpm

Red Hat Enterprise Linux AS version 4.7.z:

Source:
samba-3.0.28-0.10.el4_7.src.rpm

i386:
samba-3.0.28-0.10.el4_7.i386.rpm
samba-client-3.0.28-0.10.el4_7.i386.rpm
samba-common-3.0.28-0.10.el4_7.i386.rpm
samba-debuginfo-3.0.28-0.10.el4_7.i386.rpm
samba-swat-3.0.28-0.10.el4_7.i386.rpm

ia64:
samba-3.0.28-0.10.el4_7.ia64.rpm
samba-client-3.0.28-0.10.el4_7.ia64.rpm
samba-common-3.0.28-0.10.el4_7.i386.rpm
samba-common-3.0.28-0.10.el4_7.ia64.rpm
samba-debuginfo-3.0.28-0.10.el4_7.i386.rpm
samba-debuginfo-3.0.28-0.10.el4_7.ia64.rpm
samba-swat-3.0.28-0.10.el4_7.ia64.rpm

ppc:
samba-3.0.28-0.10.el4_7.ppc.rpm
samba-client-3.0.28-0.10.el4_7.ppc.rpm
samba-common-3.0.28-0.10.el4_7.ppc.rpm
samba-common-3.0.28-0.10.el4_7.ppc64.rpm
samba-debuginfo-3.0.28-0.10.el4_7.ppc.rpm
samba-debuginfo-3.0.28-0.10.el4_7.ppc64.rpm
samba-swat-3.0.28-0.10.el4_7.ppc.rpm

s390:
samba-3.0.28-0.10.el4_7.s390.rpm
samba-client-3.0.28-0.10.el4_7.s390.rpm
samba-common-3.0.28-0.10.el4_7.s390.rpm
samba-debuginfo-3.0.28-0.10.el4_7.s390.rpm
samba-swat-3.0.28-0.10.el4_7.s390.rpm

s390x:
samba-3.0.28-0.10.el4_7.s390x.rpm
samba-client-3.0.28-0.10.el4_7.s390x.rpm
samba-common-3.0.28-0.10.el4_7.s390.rpm
samba-common-3.0.28-0.10.el4_7.s390x.rpm
samba-debuginfo-3.0.28-0.10.el4_7.s390.rpm
samba-debuginfo-3.0.28-0.10.el4_7.s390x.rpm
samba-swat-3.0.28-0.10.el4_7.s390x.rpm

x86_64:
samba-3.0.28-0.10.el4_7.x86_64.rpm
samba-client-3.0.28-0.10.el4_7.x86_64.rpm
samba-common-3.0.28-0.10.el4_7.i386.rpm
samba-common-3.0.28-0.10.el4_7.x86_64.rpm
samba-debuginfo-3.0.28-0.10.el4_7.i386.rpm
samba-debuginfo-3.0.28-0.10.el4_7.x86_64.rpm
samba-swat-3.0.28-0.10.el4_7.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.33-0.19.el4_8.1.src.rpm

i386:
samba-3.0.33-0.19.el4_8.1.i386.rpm
samba-client-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.i386.rpm
samba-swat-3.0.33-0.19.el4_8.1.i386.rpm

x86_64:
samba-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-client-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.i386.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-swat-3.0.33-0.19.el4_8.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.33-0.19.el4_8.1.src.rpm

i386:
samba-3.0.33-0.19.el4_8.1.i386.rpm
samba-client-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.i386.rpm
samba-swat-3.0.33-0.19.el4_8.1.i386.rpm

ia64:
samba-3.0.33-0.19.el4_8.1.ia64.rpm
samba-client-3.0.33-0.19.el4_8.1.ia64.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.ia64.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.i386.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.ia64.rpm
samba-swat-3.0.33-0.19.el4_8.1.ia64.rpm

x86_64:
samba-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-client-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.i386.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-swat-3.0.33-0.19.el4_8.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4.7.z:

Source:
samba-3.0.28-0.10.el4_7.src.rpm

i386:
samba-3.0.28-0.10.el4_7.i386.rpm
samba-client-3.0.28-0.10.el4_7.i386.rpm
samba-common-3.0.28-0.10.el4_7.i386.rpm
samba-debuginfo-3.0.28-0.10.el4_7.i386.rpm
samba-swat-3.0.28-0.10.el4_7.i386.rpm

ia64:
samba-3.0.28-0.10.el4_7.ia64.rpm
samba-client-3.0.28-0.10.el4_7.ia64.rpm
samba-common-3.0.28-0.10.el4_7.i386.rpm
samba-common-3.0.28-0.10.el4_7.ia64.rpm
samba-debuginfo-3.0.28-0.10.el4_7.i386.rpm
samba-debuginfo-3.0.28-0.10.el4_7.ia64.rpm
samba-swat-3.0.28-0.10.el4_7.ia64.rpm

x86_64:
samba-3.0.28-0.10.el4_7.x86_64.rpm
samba-client-3.0.28-0.10.el4_7.x86_64.rpm
samba-common-3.0.28-0.10.el4_7.i386.rpm
samba-common-3.0.28-0.10.el4_7.x86_64.rpm
samba-debuginfo-3.0.28-0.10.el4_7.i386.rpm
samba-debuginfo-3.0.28-0.10.el4_7.x86_64.rpm
samba-swat-3.0.28-0.10.el4_7.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.33-0.19.el4_8.1.src.rpm

i386:
samba-3.0.33-0.19.el4_8.1.i386.rpm
samba-client-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.i386.rpm
samba-swat-3.0.33-0.19.el4_8.1.i386.rpm

ia64:
samba-3.0.33-0.19.el4_8.1.ia64.rpm
samba-client-3.0.33-0.19.el4_8.1.ia64.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.ia64.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.i386.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.ia64.rpm
samba-swat-3.0.33-0.19.el4_8.1.ia64.rpm

x86_64:
samba-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-client-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.i386.rpm
samba-debuginfo-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-swat-3.0.33-0.19.el4_8.1.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba-3.0.33-3.29.el5_5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba3x-3.3.8-0.52.el5_5.src.rpm

i386:
libsmbclient-3.0.33-3.29.el5_5.i386.rpm
libsmbclient-devel-3.0.33-3.29.el5_5.i386.rpm
libtalloc-1.2.0-52.el5_5.i386.rpm
libtalloc-devel-1.2.0-52.el5_5.i386.rpm
libtdb-1.1.2-52.el5_5.i386.rpm
libtdb-devel-1.1.2-52.el5_5.i386.rpm
samba-3.0.33-3.29.el5_5.i386.rpm
samba-client-3.0.33-3.29.el5_5.i386.rpm
samba-common-3.0.33-3.29.el5_5.i386.rpm
samba-debuginfo-3.0.33-3.29.el5_5.i386.rpm
samba-swat-3.0.33-3.29.el5_5.i386.rpm
samba3x-3.3.8-0.52.el5_5.i386.rpm
samba3x-client-3.3.8-0.52.el5_5.i386.rpm
samba3x-common-3.3.8-0.52.el5_5.i386.rpm
samba3x-debuginfo-3.3.8-0.52.el5_5.i386.rpm
samba3x-doc-3.3.8-0.52.el5_5.i386.rpm
samba3x-domainjoin-gui-3.3.8-0.52.el5_5.i386.rpm
samba3x-swat-3.3.8-0.52.el5_5.i386.rpm
samba3x-winbind-3.3.8-0.52.el5_5.i386.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.i386.rpm
tdb-tools-1.1.2-52.el5_5.i386.rpm

x86_64:
libsmbclient-3.0.33-3.29.el5_5.i386.rpm
libsmbclient-3.0.33-3.29.el5_5.x86_64.rpm
libsmbclient-devel-3.0.33-3.29.el5_5.i386.rpm
libsmbclient-devel-3.0.33-3.29.el5_5.x86_64.rpm
libtalloc-1.2.0-52.el5_5.i386.rpm
libtalloc-1.2.0-52.el5_5.x86_64.rpm
libtalloc-devel-1.2.0-52.el5_5.i386.rpm
libtalloc-devel-1.2.0-52.el5_5.x86_64.rpm
libtdb-1.1.2-52.el5_5.i386.rpm
libtdb-1.1.2-52.el5_5.x86_64.rpm
libtdb-devel-1.1.2-52.el5_5.i386.rpm
libtdb-devel-1.1.2-52.el5_5.x86_64.rpm
samba-3.0.33-3.29.el5_5.x86_64.rpm
samba-client-3.0.33-3.29.el5_5.x86_64.rpm
samba-common-3.0.33-3.29.el5_5.i386.rpm
samba-common-3.0.33-3.29.el5_5.x86_64.rpm
samba-debuginfo-3.0.33-3.29.el5_5.i386.rpm
samba-debuginfo-3.0.33-3.29.el5_5.x86_64.rpm
samba-swat-3.0.33-3.29.el5_5.x86_64.rpm
samba3x-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-client-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-common-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-debuginfo-3.3.8-0.52.el5_5.i386.rpm
samba3x-debuginfo-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-doc-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-domainjoin-gui-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-swat-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-winbind-3.3.8-0.52.el5_5.i386.rpm
samba3x-winbind-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.i386.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.x86_64.rpm
tdb-tools-1.1.2-52.el5_5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/samba-3.0.33-3.29.el5_5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/samba3x-3.3.8-0.52.el5_5.src.rpm

i386:
libsmbclient-3.0.33-3.29.el5_5.i386.rpm
libsmbclient-devel-3.0.33-3.29.el5_5.i386.rpm
libtalloc-1.2.0-52.el5_5.i386.rpm
libtalloc-devel-1.2.0-52.el5_5.i386.rpm
libtdb-1.1.2-52.el5_5.i386.rpm
libtdb-devel-1.1.2-52.el5_5.i386.rpm
samba-3.0.33-3.29.el5_5.i386.rpm
samba-client-3.0.33-3.29.el5_5.i386.rpm
samba-common-3.0.33-3.29.el5_5.i386.rpm
samba-debuginfo-3.0.33-3.29.el5_5.i386.rpm
samba-swat-3.0.33-3.29.el5_5.i386.rpm
samba3x-3.3.8-0.52.el5_5.i386.rpm
samba3x-client-3.3.8-0.52.el5_5.i386.rpm
samba3x-common-3.3.8-0.52.el5_5.i386.rpm
samba3x-debuginfo-3.3.8-0.52.el5_5.i386.rpm
samba3x-doc-3.3.8-0.52.el5_5.i386.rpm
samba3x-domainjoin-gui-3.3.8-0.52.el5_5.i386.rpm
samba3x-swat-3.3.8-0.52.el5_5.i386.rpm
samba3x-winbind-3.3.8-0.52.el5_5.i386.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.i386.rpm
tdb-tools-1.1.2-52.el5_5.i386.rpm

ia64:
libsmbclient-3.0.33-3.29.el5_5.ia64.rpm
libsmbclient-devel-3.0.33-3.29.el5_5.ia64.rpm
libtalloc-1.2.0-52.el5_5.ia64.rpm
libtalloc-devel-1.2.0-52.el5_5.ia64.rpm
libtdb-1.1.2-52.el5_5.ia64.rpm
libtdb-devel-1.1.2-52.el5_5.ia64.rpm
samba-3.0.33-3.29.el5_5.ia64.rpm
samba-client-3.0.33-3.29.el5_5.ia64.rpm
samba-common-3.0.33-3.29.el5_5.ia64.rpm
samba-debuginfo-3.0.33-3.29.el5_5.ia64.rpm
samba-swat-3.0.33-3.29.el5_5.ia64.rpm
samba3x-3.3.8-0.52.el5_5.ia64.rpm
samba3x-client-3.3.8-0.52.el5_5.ia64.rpm
samba3x-common-3.3.8-0.52.el5_5.ia64.rpm
samba3x-debuginfo-3.3.8-0.52.el5_5.ia64.rpm
samba3x-doc-3.3.8-0.52.el5_5.ia64.rpm
samba3x-domainjoin-gui-3.3.8-0.52.el5_5.ia64.rpm
samba3x-swat-3.3.8-0.52.el5_5.ia64.rpm
samba3x-winbind-3.3.8-0.52.el5_5.ia64.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.ia64.rpm
tdb-tools-1.1.2-52.el5_5.ia64.rpm

ppc:
libsmbclient-3.0.33-3.29.el5_5.ppc.rpm
libsmbclient-3.0.33-3.29.el5_5.ppc64.rpm
libsmbclient-devel-3.0.33-3.29.el5_5.ppc.rpm
libsmbclient-devel-3.0.33-3.29.el5_5.ppc64.rpm
libtalloc-1.2.0-52.el5_5.ppc.rpm
libtalloc-1.2.0-52.el5_5.ppc64.rpm
libtalloc-devel-1.2.0-52.el5_5.ppc.rpm
libtalloc-devel-1.2.0-52.el5_5.ppc64.rpm
libtdb-1.1.2-52.el5_5.ppc.rpm
libtdb-1.1.2-52.el5_5.ppc64.rpm
libtdb-devel-1.1.2-52.el5_5.ppc.rpm
libtdb-devel-1.1.2-52.el5_5.ppc64.rpm
samba-3.0.33-3.29.el5_5.ppc.rpm
samba-client-3.0.33-3.29.el5_5.ppc.rpm
samba-common-3.0.33-3.29.el5_5.ppc.rpm
samba-common-3.0.33-3.29.el5_5.ppc64.rpm
samba-debuginfo-3.0.33-3.29.el5_5.ppc.rpm
samba-debuginfo-3.0.33-3.29.el5_5.ppc64.rpm
samba-swat-3.0.33-3.29.el5_5.ppc.rpm
samba3x-3.3.8-0.52.el5_5.ppc.rpm
samba3x-client-3.3.8-0.52.el5_5.ppc.rpm
samba3x-common-3.3.8-0.52.el5_5.ppc.rpm
samba3x-debuginfo-3.3.8-0.52.el5_5.ppc.rpm
samba3x-debuginfo-3.3.8-0.52.el5_5.ppc64.rpm
samba3x-doc-3.3.8-0.52.el5_5.ppc.rpm
samba3x-domainjoin-gui-3.3.8-0.52.el5_5.ppc.rpm
samba3x-swat-3.3.8-0.52.el5_5.ppc.rpm
samba3x-winbind-3.3.8-0.52.el5_5.ppc.rpm
samba3x-winbind-3.3.8-0.52.el5_5.ppc64.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.ppc.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.ppc64.rpm
tdb-tools-1.1.2-52.el5_5.ppc.rpm

s390x:
libsmbclient-3.0.33-3.29.el5_5.s390.rpm
libsmbclient-3.0.33-3.29.el5_5.s390x.rpm
libsmbclient-devel-3.0.33-3.29.el5_5.s390.rpm
libsmbclient-devel-3.0.33-3.29.el5_5.s390x.rpm
libtalloc-1.2.0-52.el5_5.s390.rpm
libtalloc-1.2.0-52.el5_5.s390x.rpm
libtalloc-devel-1.2.0-52.el5_5.s390.rpm
libtalloc-devel-1.2.0-52.el5_5.s390x.rpm
libtdb-1.1.2-52.el5_5.s390.rpm
libtdb-1.1.2-52.el5_5.s390x.rpm
libtdb-devel-1.1.2-52.el5_5.s390.rpm
libtdb-devel-1.1.2-52.el5_5.s390x.rpm
samba-3.0.33-3.29.el5_5.s390x.rpm
samba-client-3.0.33-3.29.el5_5.s390x.rpm
samba-common-3.0.33-3.29.el5_5.s390.rpm
samba-common-3.0.33-3.29.el5_5.s390x.rpm
samba-debuginfo-3.0.33-3.29.el5_5.s390.rpm
samba-debuginfo-3.0.33-3.29.el5_5.s390x.rpm
samba-swat-3.0.33-3.29.el5_5.s390x.rpm
samba3x-3.3.8-0.52.el5_5.s390x.rpm
samba3x-client-3.3.8-0.52.el5_5.s390x.rpm
samba3x-common-3.3.8-0.52.el5_5.s390x.rpm
samba3x-debuginfo-3.3.8-0.52.el5_5.s390.rpm
samba3x-debuginfo-3.3.8-0.52.el5_5.s390x.rpm
samba3x-doc-3.3.8-0.52.el5_5.s390x.rpm
samba3x-domainjoin-gui-3.3.8-0.52.el5_5.s390x.rpm
samba3x-swat-3.3.8-0.52.el5_5.s390x.rpm
samba3x-winbind-3.3.8-0.52.el5_5.s390.rpm
samba3x-winbind-3.3.8-0.52.el5_5.s390x.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.s390.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.s390x.rpm
tdb-tools-1.1.2-52.el5_5.s390x.rpm

x86_64:
libsmbclient-3.0.33-3.29.el5_5.i386.rpm
libsmbclient-3.0.33-3.29.el5_5.x86_64.rpm
libsmbclient-devel-3.0.33-3.29.el5_5.i386.rpm
libsmbclient-devel-3.0.33-3.29.el5_5.x86_64.rpm
libtalloc-1.2.0-52.el5_5.i386.rpm
libtalloc-1.2.0-52.el5_5.x86_64.rpm
libtalloc-devel-1.2.0-52.el5_5.i386.rpm
libtalloc-devel-1.2.0-52.el5_5.x86_64.rpm
libtdb-1.1.2-52.el5_5.i386.rpm
libtdb-1.1.2-52.el5_5.x86_64.rpm
libtdb-devel-1.1.2-52.el5_5.i386.rpm
libtdb-devel-1.1.2-52.el5_5.x86_64.rpm
samba-3.0.33-3.29.el5_5.x86_64.rpm
samba-client-3.0.33-3.29.el5_5.x86_64.rpm
samba-common-3.0.33-3.29.el5_5.i386.rpm
samba-common-3.0.33-3.29.el5_5.x86_64.rpm
samba-debuginfo-3.0.33-3.29.el5_5.i386.rpm
samba-debuginfo-3.0.33-3.29.el5_5.x86_64.rpm
samba-swat-3.0.33-3.29.el5_5.x86_64.rpm
samba3x-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-client-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-common-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-debuginfo-3.3.8-0.52.el5_5.i386.rpm
samba3x-debuginfo-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-doc-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-domainjoin-gui-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-swat-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-winbind-3.3.8-0.52.el5_5.i386.rpm
samba3x-winbind-3.3.8-0.52.el5_5.x86_64.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.i386.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.x86_64.rpm
tdb-tools-1.1.2-52.el5_5.x86_64.rpm

Red Hat Enterprise Linux (v. 5.3.z server):

Source:
samba-3.0.33-3.7.el5_3.2.src.rpm

i386:
samba-3.0.33-3.7.el5_3.2.i386.rpm
samba-client-3.0.33-3.7.el5_3.2.i386.rpm
samba-common-3.0.33-3.7.el5_3.2.i386.rpm
samba-debuginfo-3.0.33-3.7.el5_3.2.i386.rpm
samba-swat-3.0.33-3.7.el5_3.2.i386.rpm

ia64:
samba-3.0.33-3.7.el5_3.2.ia64.rpm
samba-client-3.0.33-3.7.el5_3.2.ia64.rpm
samba-common-3.0.33-3.7.el5_3.2.ia64.rpm
samba-debuginfo-3.0.33-3.7.el5_3.2.ia64.rpm
samba-swat-3.0.33-3.7.el5_3.2.ia64.rpm

ppc:
samba-3.0.33-3.7.el5_3.2.ppc.rpm
samba-client-3.0.33-3.7.el5_3.2.ppc.rpm
samba-common-3.0.33-3.7.el5_3.2.ppc.rpm
samba-common-3.0.33-3.7.el5_3.2.ppc64.rpm
samba-debuginfo-3.0.33-3.7.el5_3.2.ppc.rpm
samba-debuginfo-3.0.33-3.7.el5_3.2.ppc64.rpm
samba-swat-3.0.33-3.7.el5_3.2.ppc.rpm

s390x:
samba-3.0.33-3.7.el5_3.2.s390x.rpm
samba-client-3.0.33-3.7.el5_3.2.s390x.rpm
samba-common-3.0.33-3.7.el5_3.2.s390.rpm
samba-common-3.0.33-3.7.el5_3.2.s390x.rpm
samba-debuginfo-3.0.33-3.7.el5_3.2.s390.rpm
samba-debuginfo-3.0.33-3.7.el5_3.2.s390x.rpm
samba-swat-3.0.33-3.7.el5_3.2.s390x.rpm

x86_64:
samba-3.0.33-3.7.el5_3.2.x86_64.rpm
samba-client-3.0.33-3.7.el5_3.2.x86_64.rpm
samba-common-3.0.33-3.7.el5_3.2.i386.rpm
samba-common-3.0.33-3.7.el5_3.2.x86_64.rpm
samba-debuginfo-3.0.33-3.7.el5_3.2.i386.rpm
samba-debuginfo-3.0.33-3.7.el5_3.2.x86_64.rpm
samba-swat-3.0.33-3.7.el5_3.2.x86_64.rpm

Red Hat Enterprise Linux (v. 5.4.z server):

Source:
samba-3.0.33-3.15.el5_4.2.src.rpm

i386:
samba-3.0.33-3.15.el5_4.2.i386.rpm
samba-client-3.0.33-3.15.el5_4.2.i386.rpm
samba-common-3.0.33-3.15.el5_4.2.i386.rpm
samba-debuginfo-3.0.33-3.15.el5_4.2.i386.rpm
samba-swat-3.0.33-3.15.el5_4.2.i386.rpm

ia64:
samba-3.0.33-3.15.el5_4.2.ia64.rpm
samba-client-3.0.33-3.15.el5_4.2.ia64.rpm
samba-common-3.0.33-3.15.el5_4.2.ia64.rpm
samba-debuginfo-3.0.33-3.15.el5_4.2.ia64.rpm
samba-swat-3.0.33-3.15.el5_4.2.ia64.rpm

ppc:
samba-3.0.33-3.15.el5_4.2.ppc.rpm
samba-client-3.0.33-3.15.el5_4.2.ppc.rpm
samba-common-3.0.33-3.15.el5_4.2.ppc.rpm
samba-common-3.0.33-3.15.el5_4.2.ppc64.rpm
samba-debuginfo-3.0.33-3.15.el5_4.2.ppc.rpm
samba-debuginfo-3.0.33-3.15.el5_4.2.ppc64.rpm
samba-swat-3.0.33-3.15.el5_4.2.ppc.rpm

s390x:
samba-3.0.33-3.15.el5_4.2.s390x.rpm
samba-client-3.0.33-3.15.el5_4.2.s390x.rpm
samba-common-3.0.33-3.15.el5_4.2.s390.rpm
samba-common-3.0.33-3.15.el5_4.2.s390x.rpm
samba-debuginfo-3.0.33-3.15.el5_4.2.s390.rpm
samba-debuginfo-3.0.33-3.15.el5_4.2.s390x.rpm
samba-swat-3.0.33-3.15.el5_4.2.s390x.rpm

x86_64:
samba-3.0.33-3.15.el5_4.2.x86_64.rpm
samba-client-3.0.33-3.15.el5_4.2.x86_64.rpm
samba-common-3.0.33-3.15.el5_4.2.i386.rpm
samba-common-3.0.33-3.15.el5_4.2.x86_64.rpm
samba-debuginfo-3.0.33-3.15.el5_4.2.i386.rpm
samba-debuginfo-3.0.33-3.15.el5_4.2.x86_64.rpm
samba-swat-3.0.33-3.15.el5_4.2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-2063.html
http://www.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMGUQ7XlSAg2UNWIIRAmYNAJ0WtiZlZk61BEvvv+nzqn6N3xILjACfZZ+s
hph9ogCR+PCCSMuvfToZLjc=
=jKQY
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Thu Jun 17 22:22:25 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Thu, 17 Jun 2010 16:22:25 -0600
Subject: [RHSA-2010:0489-01] Critical: java-1.5.0-ibm security update
Message-ID: <201006172222.o5HMMSM5009938@int-mx02.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: java-1.5.0-ibm security update
Advisory ID:       RHSA-2010:0489-01
Product:           Red Hat Enterprise Linux Extras
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0489.html
Issue date:        2010-06-17
CVE Names:         CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 
                   CVE-2010-0843 CVE-2010-0844 CVE-2010-0846 
                   CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 
=====================================================================

1. Summary:

Updated java-1.5.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Desktop Supplementary (v. 5 client) - i386, x86_64
RHEL Supplementary (v. 5 server) - i386, ppc, s390x, x86_64
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64

3. Description:

The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and
the IBM Java 2 Software Development Kit.

This update fixes several vulnerabilities in the IBM Java 2 Runtime
Environment and the IBM Java 2 Software Development Kit. Detailed
vulnerability descriptions are linked from the IBM "Security alerts" page,
listed in the References section. (CVE-2010-0840, CVE-2010-0841,
CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0846, CVE-2010-0847,
CVE-2010-0848, CVE-2010-0849)

All users of java-1.5.0-ibm are advised to upgrade to these updated
packages, containing the IBM 1.5.0 SR11-FP2 Java release. All running
instances of IBM Java must be restarted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

575846 - CVE-2010-0840 OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)
575854 - CVE-2010-0841 OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597)
575865 - CVE-2010-0848 OpenJDK AWT Library Invalid Index Vulnerability (6914823)
575871 - CVE-2010-0847 OpenJDK ImagingLib arbitrary code execution vulnerability (6914866)
578430 - CVE-2010-0846 JDK unspecified vulnerability in ImageIO component
578432 - CVE-2010-0849 JDK unspecified vulnerability in Java2D component
578436 - CVE-2010-0839 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 JDK multiple unspecified vulnerabilities

6. Package List:

Red Hat Enterprise Linux AS version 4 Extras:

i386:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.i386.rpm

ppc:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.ppc.rpm
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.ppc64.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.ppc.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.ppc64.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.ppc.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.ppc64.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4.ppc.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4.ppc64.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el4.ppc.rpm
java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el4.ppc.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.ppc.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.ppc64.rpm

s390:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.s390.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.s390.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.s390.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el4.s390.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.s390.rpm

s390x:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.s390x.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.s390x.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.s390x.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.s390x.rpm

x86_64:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.x86_64.rpm

Red Hat Desktop version 4 Extras:

i386:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.i386.rpm

x86_64:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4 Extras:

i386:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.i386.rpm

x86_64:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4 Extras:

i386:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el4.i386.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.i386.rpm

x86_64:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4.x86_64.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4.x86_64.rpm

RHEL Desktop Supplementary (v. 5 client):

i386:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-accessibility-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el5.i386.rpm

x86_64:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-accessibility-1.5.0.11.2-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el5.x86_64.rpm

RHEL Supplementary (v. 5 server):

i386:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-accessibility-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el5.i386.rpm

ppc:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el5.ppc64.rpm
java-1.5.0-ibm-accessibility-1.5.0.11.2-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el5.ppc64.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el5.ppc64.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el5.ppc64.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el5.ppc64.rpm

s390x:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el5.s390.rpm
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el5.s390x.rpm
java-1.5.0-ibm-accessibility-1.5.0.11.2-1jpp.1.el5.s390x.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el5.s390.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el5.s390x.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el5.s390.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el5.s390x.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el5.s390.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el5.s390.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el5.s390x.rpm

x86_64:
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-accessibility-1.5.0.11.2-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-0840.html
https://www.redhat.com/security/data/cve/CVE-2010-0841.html
https://www.redhat.com/security/data/cve/CVE-2010-0842.html
https://www.redhat.com/security/data/cve/CVE-2010-0843.html
https://www.redhat.com/security/data/cve/CVE-2010-0844.html
https://www.redhat.com/security/data/cve/CVE-2010-0846.html
https://www.redhat.com/security/data/cve/CVE-2010-0847.html
https://www.redhat.com/security/data/cve/CVE-2010-0848.html
https://www.redhat.com/security/data/cve/CVE-2010-0849.html
http://www.redhat.com/security/updates/classification/#critical
http://www.ibm.com/developerworks/java/jdk/alerts/

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMGqAWXlSAg2UNWIIRAo2dAJoCOMFW6a8M0K34ogxYGvxRZcMoZQCfRKc5
7wpiHIVOSSprkkGmYI7iv+s=
=JWyg
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Thu Jun 17 22:23:30 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Thu, 17 Jun 2010 16:23:30 -0600
Subject: [RHSA-2010:0490-01] Important: cups security update
Message-ID: <201006172223.o5HMNUuc030364@int-mx03.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: cups security update
Advisory ID:       RHSA-2010:0490-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0490.html
Issue date:        2010-06-17
CVE Names:         CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 
=====================================================================

1. Summary:

Updated cups packages that fix three security issues are now available for
Red Hat Enterprise Linux 3, 4, and 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The CUPS "texttops" filter converts text files
to PostScript.

A missing memory allocation failure check flaw, leading to a NULL pointer
dereference, was found in the CUPS "texttops" filter. An attacker could
create a malicious text file that would cause "texttops" to crash or,
potentially, execute arbitrary code as the "lp" user if the file was
printed. (CVE-2010-0542)

A Cross-Site Request Forgery (CSRF) issue was found in the CUPS web
interface. If a remote attacker could trick a user, who is logged into the
CUPS web interface as an administrator, into visiting a specially-crafted
website, the attacker could reconfigure and disable CUPS, and gain access
to print jobs and system files. (CVE-2010-0540)

Note: As a result of the fix for CVE-2010-0540, cookies must now be enabled
in your web browser to use the CUPS web interface.

An uninitialized memory read issue was found in the CUPS web interface. If
an attacker had access to the CUPS web interface, they could use a
specially-crafted URL to leverage this flaw to read a limited amount of
memory from the cupsd process, possibly obtaining sensitive information.
(CVE-2010-1748)

Red Hat would like to thank the Apple Product Security team for responsibly
reporting these issues. Upstream acknowledges regenrecht as the original
reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of GNUCITIZEN and Tim
Starling as the original reporters of CVE-2010-0540; and Luca Carettoni as
the original reporter of CVE-2010-1748.

Users of cups are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing this
update, the cupsd daemon will be restarted automatically.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

587746 - CVE-2010-0542 CUPS: texttops unchecked memory allocation failure leading to NULL pointer dereference
588805 - CVE-2010-0540 CUPS administrator web interface CSRF
591983 - CVE-2010-1748 cups: web interface memory disclosure

6. Package List:

Red Hat Enterprise Linux AS version 3:

Source:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/cups-1.1.17-13.3.65.src.rpm

i386:
cups-1.1.17-13.3.65.i386.rpm
cups-debuginfo-1.1.17-13.3.65.i386.rpm
cups-devel-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.i386.rpm

ia64:
cups-1.1.17-13.3.65.ia64.rpm
cups-debuginfo-1.1.17-13.3.65.i386.rpm
cups-debuginfo-1.1.17-13.3.65.ia64.rpm
cups-devel-1.1.17-13.3.65.ia64.rpm
cups-libs-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.ia64.rpm

ppc:
cups-1.1.17-13.3.65.ppc.rpm
cups-debuginfo-1.1.17-13.3.65.ppc.rpm
cups-debuginfo-1.1.17-13.3.65.ppc64.rpm
cups-devel-1.1.17-13.3.65.ppc.rpm
cups-libs-1.1.17-13.3.65.ppc.rpm
cups-libs-1.1.17-13.3.65.ppc64.rpm

s390:
cups-1.1.17-13.3.65.s390.rpm
cups-debuginfo-1.1.17-13.3.65.s390.rpm
cups-devel-1.1.17-13.3.65.s390.rpm
cups-libs-1.1.17-13.3.65.s390.rpm

s390x:
cups-1.1.17-13.3.65.s390x.rpm
cups-debuginfo-1.1.17-13.3.65.s390.rpm
cups-debuginfo-1.1.17-13.3.65.s390x.rpm
cups-devel-1.1.17-13.3.65.s390x.rpm
cups-libs-1.1.17-13.3.65.s390.rpm
cups-libs-1.1.17-13.3.65.s390x.rpm

x86_64:
cups-1.1.17-13.3.65.x86_64.rpm
cups-debuginfo-1.1.17-13.3.65.i386.rpm
cups-debuginfo-1.1.17-13.3.65.x86_64.rpm
cups-devel-1.1.17-13.3.65.x86_64.rpm
cups-libs-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.x86_64.rpm

Red Hat Desktop version 3:

Source:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/cups-1.1.17-13.3.65.src.rpm

i386:
cups-1.1.17-13.3.65.i386.rpm
cups-debuginfo-1.1.17-13.3.65.i386.rpm
cups-devel-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.i386.rpm

x86_64:
cups-1.1.17-13.3.65.x86_64.rpm
cups-debuginfo-1.1.17-13.3.65.i386.rpm
cups-debuginfo-1.1.17-13.3.65.x86_64.rpm
cups-devel-1.1.17-13.3.65.x86_64.rpm
cups-libs-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

Source:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/cups-1.1.17-13.3.65.src.rpm

i386:
cups-1.1.17-13.3.65.i386.rpm
cups-debuginfo-1.1.17-13.3.65.i386.rpm
cups-devel-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.i386.rpm

ia64:
cups-1.1.17-13.3.65.ia64.rpm
cups-debuginfo-1.1.17-13.3.65.i386.rpm
cups-debuginfo-1.1.17-13.3.65.ia64.rpm
cups-devel-1.1.17-13.3.65.ia64.rpm
cups-libs-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.ia64.rpm

x86_64:
cups-1.1.17-13.3.65.x86_64.rpm
cups-debuginfo-1.1.17-13.3.65.i386.rpm
cups-debuginfo-1.1.17-13.3.65.x86_64.rpm
cups-devel-1.1.17-13.3.65.x86_64.rpm
cups-libs-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

Source:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/cups-1.1.17-13.3.65.src.rpm

i386:
cups-1.1.17-13.3.65.i386.rpm
cups-debuginfo-1.1.17-13.3.65.i386.rpm
cups-devel-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.i386.rpm

ia64:
cups-1.1.17-13.3.65.ia64.rpm
cups-debuginfo-1.1.17-13.3.65.i386.rpm
cups-debuginfo-1.1.17-13.3.65.ia64.rpm
cups-devel-1.1.17-13.3.65.ia64.rpm
cups-libs-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.ia64.rpm

x86_64:
cups-1.1.17-13.3.65.x86_64.rpm
cups-debuginfo-1.1.17-13.3.65.i386.rpm
cups-debuginfo-1.1.17-13.3.65.x86_64.rpm
cups-devel-1.1.17-13.3.65.x86_64.rpm
cups-libs-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/cups-1.1.22-0.rc1.9.32.el4_8.6.src.rpm

i386:
cups-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm

ia64:
cups-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm

ppc:
cups-1.1.22-0.rc1.9.32.el4_8.6.ppc.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.ppc.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.ppc64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.ppc.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.ppc.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.ppc64.rpm

s390:
cups-1.1.22-0.rc1.9.32.el4_8.6.s390.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.s390.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.s390.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.s390.rpm

s390x:
cups-1.1.22-0.rc1.9.32.el4_8.6.s390x.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.s390.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.s390x.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.s390x.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.s390.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.s390x.rpm

x86_64:
cups-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/cups-1.1.22-0.rc1.9.32.el4_8.6.src.rpm

i386:
cups-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm

x86_64:
cups-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/cups-1.1.22-0.rc1.9.32.el4_8.6.src.rpm

i386:
cups-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm

ia64:
cups-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm

x86_64:
cups-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/cups-1.1.22-0.rc1.9.32.el4_8.6.src.rpm

i386:
cups-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm

ia64:
cups-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm

x86_64:
cups-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-debuginfo-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/cups-1.3.7-18.el5_5.4.src.rpm

i386:
cups-1.3.7-18.el5_5.4.i386.rpm
cups-debuginfo-1.3.7-18.el5_5.4.i386.rpm
cups-devel-1.3.7-18.el5_5.4.i386.rpm
cups-libs-1.3.7-18.el5_5.4.i386.rpm
cups-lpd-1.3.7-18.el5_5.4.i386.rpm

x86_64:
cups-1.3.7-18.el5_5.4.x86_64.rpm
cups-debuginfo-1.3.7-18.el5_5.4.i386.rpm
cups-debuginfo-1.3.7-18.el5_5.4.x86_64.rpm
cups-libs-1.3.7-18.el5_5.4.i386.rpm
cups-libs-1.3.7-18.el5_5.4.x86_64.rpm
cups-lpd-1.3.7-18.el5_5.4.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/cups-1.3.7-18.el5_5.4.src.rpm

i386:
cups-debuginfo-1.3.7-18.el5_5.4.i386.rpm
cups-devel-1.3.7-18.el5_5.4.i386.rpm

x86_64:
cups-debuginfo-1.3.7-18.el5_5.4.i386.rpm
cups-debuginfo-1.3.7-18.el5_5.4.x86_64.rpm
cups-devel-1.3.7-18.el5_5.4.i386.rpm
cups-devel-1.3.7-18.el5_5.4.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/cups-1.3.7-18.el5_5.4.src.rpm

i386:
cups-1.3.7-18.el5_5.4.i386.rpm
cups-debuginfo-1.3.7-18.el5_5.4.i386.rpm
cups-devel-1.3.7-18.el5_5.4.i386.rpm
cups-libs-1.3.7-18.el5_5.4.i386.rpm
cups-lpd-1.3.7-18.el5_5.4.i386.rpm

ia64:
cups-1.3.7-18.el5_5.4.ia64.rpm
cups-debuginfo-1.3.7-18.el5_5.4.i386.rpm
cups-debuginfo-1.3.7-18.el5_5.4.ia64.rpm
cups-devel-1.3.7-18.el5_5.4.ia64.rpm
cups-libs-1.3.7-18.el5_5.4.i386.rpm
cups-libs-1.3.7-18.el5_5.4.ia64.rpm
cups-lpd-1.3.7-18.el5_5.4.ia64.rpm

ppc:
cups-1.3.7-18.el5_5.4.ppc.rpm
cups-debuginfo-1.3.7-18.el5_5.4.ppc.rpm
cups-debuginfo-1.3.7-18.el5_5.4.ppc64.rpm
cups-devel-1.3.7-18.el5_5.4.ppc.rpm
cups-devel-1.3.7-18.el5_5.4.ppc64.rpm
cups-libs-1.3.7-18.el5_5.4.ppc.rpm
cups-libs-1.3.7-18.el5_5.4.ppc64.rpm
cups-lpd-1.3.7-18.el5_5.4.ppc.rpm

s390x:
cups-1.3.7-18.el5_5.4.s390x.rpm
cups-debuginfo-1.3.7-18.el5_5.4.s390.rpm
cups-debuginfo-1.3.7-18.el5_5.4.s390x.rpm
cups-devel-1.3.7-18.el5_5.4.s390.rpm
cups-devel-1.3.7-18.el5_5.4.s390x.rpm
cups-libs-1.3.7-18.el5_5.4.s390.rpm
cups-libs-1.3.7-18.el5_5.4.s390x.rpm
cups-lpd-1.3.7-18.el5_5.4.s390x.rpm

x86_64:
cups-1.3.7-18.el5_5.4.x86_64.rpm
cups-debuginfo-1.3.7-18.el5_5.4.i386.rpm
cups-debuginfo-1.3.7-18.el5_5.4.x86_64.rpm
cups-devel-1.3.7-18.el5_5.4.i386.rpm
cups-devel-1.3.7-18.el5_5.4.x86_64.rpm
cups-libs-1.3.7-18.el5_5.4.i386.rpm
cups-libs-1.3.7-18.el5_5.4.x86_64.rpm
cups-lpd-1.3.7-18.el5_5.4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-0540.html
https://www.redhat.com/security/data/cve/CVE-2010-0542.html
https://www.redhat.com/security/data/cve/CVE-2010-1748.html
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMGqBEXlSAg2UNWIIRAuCTAJ4qQueegc9m9TxEjbuKojShQM5oDwCgkBeP
Q0aIAkR3cINceOb1FHy7ecM=
=LJb+
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Tue Jun 22 22:33:10 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Tue, 22 Jun 2010 16:33:10 -0600
Subject: [RHSA-2010:0499-01] Critical: seamonkey security update
Message-ID: <201006222233.o5MMXB0q004342@int-mx01.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: seamonkey security update
Advisory ID:       RHSA-2010:0499-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0499.html
Issue date:        2010-06-22
CVE Names:         CVE-2010-0163 CVE-2010-1197 CVE-2010-1198 
                   CVE-2010-1199 CVE-2010-1200 
=====================================================================

1. Summary:

Updated seamonkey packages that fix several security issues are now
available for Red Hat Enterprise Linux 3 and 4.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source web browser, email and newsgroup client, IRC
chat client, and HTML editor.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2010-1200)

A flaw was found in the way browser plug-ins interact. It was possible for
a plug-in to reference the freed memory from a different plug-in, resulting
in the execution of arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2010-1198)

An integer overflow flaw was found in the processing of malformed web
content. A web page containing malicious content could cause SeaMonkey to
crash or, potentially, execute arbitrary code with the privileges of the
user running SeaMonkey. (CVE-2010-1199)

A flaw was found in the way SeaMonkey processed mail attachments. A
specially-crafted mail message could cause SeaMonkey to crash.
(CVE-2010-0163)

A flaw was found in the way SeaMonkey handled the "Content-Disposition:
attachment" HTTP header when the "Content-Type: multipart" HTTP header was
also present. A website that allows arbitrary uploads and relies on the
"Content-Disposition: attachment" HTTP header to prevent content from being
displayed inline, could be used by an attacker to serve malicious content
to users. (CVE-2010-1197)

All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

576391 - CVE-2010-0163 seamonkey/thunderbird: crash when indexing certain messages with attachments
590804 - CVE-2010-1200 Mozilla Crashes with evidence of memory corruption
590828 - CVE-2010-1198 Mozilla Freed object reuse across plugin instances
590833 - CVE-2010-1199 Mozilla Integer Overflow in XSLT Node Sorting
590850 - CVE-2010-1197 Mozilla Content-Disposition: attachment ignored if Content-Type: multipart also present

6. Package List:

Red Hat Enterprise Linux AS version 3:

Source:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/seamonkey-1.0.9-0.55.el3.src.rpm

i386:
seamonkey-1.0.9-0.55.el3.i386.rpm
seamonkey-chat-1.0.9-0.55.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.i386.rpm
seamonkey-devel-1.0.9-0.55.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.i386.rpm
seamonkey-mail-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.i386.rpm

ia64:
seamonkey-1.0.9-0.55.el3.ia64.rpm
seamonkey-chat-1.0.9-0.55.el3.ia64.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.ia64.rpm
seamonkey-devel-1.0.9-0.55.el3.ia64.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.ia64.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.ia64.rpm
seamonkey-mail-1.0.9-0.55.el3.ia64.rpm
seamonkey-nspr-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-1.0.9-0.55.el3.ia64.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.ia64.rpm
seamonkey-nss-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-1.0.9-0.55.el3.ia64.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.ia64.rpm

ppc:
seamonkey-1.0.9-0.55.el3.ppc.rpm
seamonkey-chat-1.0.9-0.55.el3.ppc.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.ppc.rpm
seamonkey-devel-1.0.9-0.55.el3.ppc.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.ppc.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.ppc.rpm
seamonkey-mail-1.0.9-0.55.el3.ppc.rpm
seamonkey-nspr-1.0.9-0.55.el3.ppc.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.ppc.rpm
seamonkey-nss-1.0.9-0.55.el3.ppc.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.ppc.rpm

s390:
seamonkey-1.0.9-0.55.el3.s390.rpm
seamonkey-chat-1.0.9-0.55.el3.s390.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.s390.rpm
seamonkey-devel-1.0.9-0.55.el3.s390.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.s390.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.s390.rpm
seamonkey-mail-1.0.9-0.55.el3.s390.rpm
seamonkey-nspr-1.0.9-0.55.el3.s390.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.s390.rpm
seamonkey-nss-1.0.9-0.55.el3.s390.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.s390.rpm

s390x:
seamonkey-1.0.9-0.55.el3.s390x.rpm
seamonkey-chat-1.0.9-0.55.el3.s390x.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.s390.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.s390x.rpm
seamonkey-devel-1.0.9-0.55.el3.s390x.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.s390x.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.s390x.rpm
seamonkey-mail-1.0.9-0.55.el3.s390x.rpm
seamonkey-nspr-1.0.9-0.55.el3.s390.rpm
seamonkey-nspr-1.0.9-0.55.el3.s390x.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.s390x.rpm
seamonkey-nss-1.0.9-0.55.el3.s390.rpm
seamonkey-nss-1.0.9-0.55.el3.s390x.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.s390x.rpm

x86_64:
seamonkey-1.0.9-0.55.el3.i386.rpm
seamonkey-1.0.9-0.55.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.55.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.55.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.x86_64.rpm

Red Hat Desktop version 3:

Source:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/seamonkey-1.0.9-0.55.el3.src.rpm

i386:
seamonkey-1.0.9-0.55.el3.i386.rpm
seamonkey-chat-1.0.9-0.55.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.i386.rpm
seamonkey-devel-1.0.9-0.55.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.i386.rpm
seamonkey-mail-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.i386.rpm

x86_64:
seamonkey-1.0.9-0.55.el3.i386.rpm
seamonkey-1.0.9-0.55.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.55.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.55.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

Source:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/seamonkey-1.0.9-0.55.el3.src.rpm

i386:
seamonkey-1.0.9-0.55.el3.i386.rpm
seamonkey-chat-1.0.9-0.55.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.i386.rpm
seamonkey-devel-1.0.9-0.55.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.i386.rpm
seamonkey-mail-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.i386.rpm

ia64:
seamonkey-1.0.9-0.55.el3.ia64.rpm
seamonkey-chat-1.0.9-0.55.el3.ia64.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.ia64.rpm
seamonkey-devel-1.0.9-0.55.el3.ia64.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.ia64.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.ia64.rpm
seamonkey-mail-1.0.9-0.55.el3.ia64.rpm
seamonkey-nspr-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-1.0.9-0.55.el3.ia64.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.ia64.rpm
seamonkey-nss-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-1.0.9-0.55.el3.ia64.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.ia64.rpm

x86_64:
seamonkey-1.0.9-0.55.el3.i386.rpm
seamonkey-1.0.9-0.55.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.55.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.55.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

Source:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/seamonkey-1.0.9-0.55.el3.src.rpm

i386:
seamonkey-1.0.9-0.55.el3.i386.rpm
seamonkey-chat-1.0.9-0.55.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.i386.rpm
seamonkey-devel-1.0.9-0.55.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.i386.rpm
seamonkey-mail-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.i386.rpm

ia64:
seamonkey-1.0.9-0.55.el3.ia64.rpm
seamonkey-chat-1.0.9-0.55.el3.ia64.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.ia64.rpm
seamonkey-devel-1.0.9-0.55.el3.ia64.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.ia64.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.ia64.rpm
seamonkey-mail-1.0.9-0.55.el3.ia64.rpm
seamonkey-nspr-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-1.0.9-0.55.el3.ia64.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.ia64.rpm
seamonkey-nss-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-1.0.9-0.55.el3.ia64.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.ia64.rpm

x86_64:
seamonkey-1.0.9-0.55.el3.i386.rpm
seamonkey-1.0.9-0.55.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.55.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.55.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.55.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.55.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.55.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.55.el3.i386.rpm
seamonkey-nspr-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.55.el3.i386.rpm
seamonkey-nss-1.0.9-0.55.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.55.el3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-58.el4_8.src.rpm

i386:
seamonkey-1.0.9-58.el4_8.i386.rpm
seamonkey-chat-1.0.9-58.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.i386.rpm
seamonkey-devel-1.0.9-58.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.i386.rpm
seamonkey-mail-1.0.9-58.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-58.el4_8.ia64.rpm
seamonkey-chat-1.0.9-58.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.ia64.rpm
seamonkey-devel-1.0.9-58.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.ia64.rpm
seamonkey-mail-1.0.9-58.el4_8.ia64.rpm

ppc:
seamonkey-1.0.9-58.el4_8.ppc.rpm
seamonkey-chat-1.0.9-58.el4_8.ppc.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.ppc.rpm
seamonkey-devel-1.0.9-58.el4_8.ppc.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.ppc.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.ppc.rpm
seamonkey-mail-1.0.9-58.el4_8.ppc.rpm

s390:
seamonkey-1.0.9-58.el4_8.s390.rpm
seamonkey-chat-1.0.9-58.el4_8.s390.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.s390.rpm
seamonkey-devel-1.0.9-58.el4_8.s390.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.s390.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.s390.rpm
seamonkey-mail-1.0.9-58.el4_8.s390.rpm

s390x:
seamonkey-1.0.9-58.el4_8.s390x.rpm
seamonkey-chat-1.0.9-58.el4_8.s390x.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.s390x.rpm
seamonkey-devel-1.0.9-58.el4_8.s390x.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.s390x.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.s390x.rpm
seamonkey-mail-1.0.9-58.el4_8.s390x.rpm

x86_64:
seamonkey-1.0.9-58.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-58.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-58.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-58.el4_8.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-58.el4_8.src.rpm

i386:
seamonkey-1.0.9-58.el4_8.i386.rpm
seamonkey-chat-1.0.9-58.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.i386.rpm
seamonkey-devel-1.0.9-58.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.i386.rpm
seamonkey-mail-1.0.9-58.el4_8.i386.rpm

x86_64:
seamonkey-1.0.9-58.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-58.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-58.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-58.el4_8.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-58.el4_8.src.rpm

i386:
seamonkey-1.0.9-58.el4_8.i386.rpm
seamonkey-chat-1.0.9-58.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.i386.rpm
seamonkey-devel-1.0.9-58.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.i386.rpm
seamonkey-mail-1.0.9-58.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-58.el4_8.ia64.rpm
seamonkey-chat-1.0.9-58.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.ia64.rpm
seamonkey-devel-1.0.9-58.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.ia64.rpm
seamonkey-mail-1.0.9-58.el4_8.ia64.rpm

x86_64:
seamonkey-1.0.9-58.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-58.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-58.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-58.el4_8.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-58.el4_8.src.rpm

i386:
seamonkey-1.0.9-58.el4_8.i386.rpm
seamonkey-chat-1.0.9-58.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.i386.rpm
seamonkey-devel-1.0.9-58.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.i386.rpm
seamonkey-mail-1.0.9-58.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-58.el4_8.ia64.rpm
seamonkey-chat-1.0.9-58.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.ia64.rpm
seamonkey-devel-1.0.9-58.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.ia64.rpm
seamonkey-mail-1.0.9-58.el4_8.ia64.rpm

x86_64:
seamonkey-1.0.9-58.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-58.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-58.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-58.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-58.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-58.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-58.el4_8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-0163.html
https://www.redhat.com/security/data/cve/CVE-2010-1197.html
https://www.redhat.com/security/data/cve/CVE-2010-1198.html
https://www.redhat.com/security/data/cve/CVE-2010-1199.html
https://www.redhat.com/security/data/cve/CVE-2010-1200.html
http://www.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMITnaXlSAg2UNWIIRAv72AKCcgdGXEY6KLXvu4wDOeQId3PZC8gCeIMOb
BDjjrtJY5dUFO1GGtVhLF54=
=RFfA
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Tue Jun 22 22:34:15 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Tue, 22 Jun 2010 16:34:15 -0600
Subject: [RHSA-2010:0500-01] Critical: firefox security, bug fix,
	and enhancement update
Message-ID: <201006222234.o5MMYIf9026771@int-mx03.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: firefox security, bug fix, and enhancement update
Advisory ID:       RHSA-2010:0500-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0500.html
Issue date:        2010-06-22
CVE Names:         CVE-2008-5913 CVE-2010-0182 CVE-2010-1121 
                   CVE-2010-1125 CVE-2010-1196 CVE-2010-1197 
                   CVE-2010-1198 CVE-2010-1199 CVE-2010-1200 
                   CVE-2010-1202 CVE-2010-1203 
=====================================================================

1. Summary:

An updated firefox package that addresses security issues, fixes bugs, adds
numerous enhancements, and upgrades Firefox to version 3.6.4, is now
available for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

Mozilla Firefox is an open source web browser.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203)

A flaw was found in the way browser plug-ins interact. It was possible for
a plug-in to reference the freed memory from a different plug-in, resulting
in the execution of arbitrary code with the privileges of the user running
Firefox. (CVE-2010-1198)

Several integer overflow flaws were found in the processing of malformed
web content. A web page containing malicious content could cause Firefox to
crash or, potentially, execute arbitrary code with the privileges of the
user running Firefox. (CVE-2010-1196, CVE-2010-1199)

A focus stealing flaw was found in the way Firefox handled focus changes. A
malicious website could use this flaw to steal sensitive data from a user,
such as usernames and passwords. (CVE-2010-1125)

A flaw was found in the way Firefox handled the "Content-Disposition:
attachment" HTTP header when the "Content-Type: multipart" HTTP header was
also present. A website that allows arbitrary uploads and relies on the
"Content-Disposition: attachment" HTTP header to prevent content from being
displayed inline, could be used by an attacker to serve malicious content
to users. (CVE-2010-1197)

A flaw was found in the Firefox Math.random() function. This function could
be used to identify a browsing session and track a user across different
websites. (CVE-2008-5913)

A flaw was found in the Firefox XML document loading security checks.
Certain security checks were not being called when an XML document was
loaded. This could possibly be leveraged later by an attacker to load
certain resources that violate the security policies of the browser or its
add-ons. Note that this issue cannot be exploited by only loading an XML
document. (CVE-2010-0182)

For technical details regarding these flaws, refer to the Mozilla security
advisories for Firefox 3.6.4. You can find a link to the Mozilla advisories
in the References section of this erratum.

This erratum upgrades Firefox from version 3.0.19 to version 3.6.4, and as
such, contains multiple bug fixes and numerous enhancements. Space
precludes documenting these changes in this advisory. For details
concerning these changes, refer to the Firefox Release Notes links in the
References section of this erratum.

Important: Firefox 3.6.4 is not completely backwards-compatible with all
Mozilla Add-ons and Firefox plug-ins that worked with Firefox 3.0.19.
Firefox 3.6 checks compatibility on first-launch, and, depending on the
individual configuration and the installed Add-ons and plug-ins, may
disable said Add-ons and plug-ins, or attempt to check for updates and
upgrade them. Add-ons and plug-ins may have to be manually updated.

All Firefox users should upgrade to this updated package, which contains
Firefox version 3.6.4. After installing the update, Firefox must be
restarted for the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

480938 - CVE-2008-5913 mozilla: in-session phishing attack
577029 - CVE-2010-1121 firefox: arbitrary code execution via memory corruption
577584 - CVE-2010-1125 firefox: keystrokes sent to hidden frame rather than visible frame due to javascript flaw
586580 - CVE-2010-0182 mozilla: XMLDocument::load() doesn't check nsIContentPolicy (MFSA 2010-24)
590804 - CVE-2010-1200 Mozilla Crashes with evidence of memory corruption
590810 - CVE-2010-1202 Mozilla Crashes with evidence of memory corruption
590816 - CVE-2010-1203 Mozilla Crashes with evidence of memory corruption
590828 - CVE-2010-1198 Mozilla Freed object reuse across plugin instances
590830 - CVE-2010-1196 Mozilla Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
590833 - CVE-2010-1199 Mozilla Integer Overflow in XSLT Node Sorting
590850 - CVE-2010-1197 Mozilla Content-Disposition: attachment ignored if Content-Type: multipart also present

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-3.6.4-8.el4.src.rpm

i386:
firefox-3.6.4-8.el4.i386.rpm
firefox-debuginfo-3.6.4-8.el4.i386.rpm

ia64:
firefox-3.6.4-8.el4.ia64.rpm
firefox-debuginfo-3.6.4-8.el4.ia64.rpm

ppc:
firefox-3.6.4-8.el4.ppc.rpm
firefox-debuginfo-3.6.4-8.el4.ppc.rpm

s390:
firefox-3.6.4-8.el4.s390.rpm
firefox-debuginfo-3.6.4-8.el4.s390.rpm

s390x:
firefox-3.6.4-8.el4.s390x.rpm
firefox-debuginfo-3.6.4-8.el4.s390x.rpm

x86_64:
firefox-3.6.4-8.el4.x86_64.rpm
firefox-debuginfo-3.6.4-8.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-3.6.4-8.el4.src.rpm

i386:
firefox-3.6.4-8.el4.i386.rpm
firefox-debuginfo-3.6.4-8.el4.i386.rpm

x86_64:
firefox-3.6.4-8.el4.x86_64.rpm
firefox-debuginfo-3.6.4-8.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-3.6.4-8.el4.src.rpm

i386:
firefox-3.6.4-8.el4.i386.rpm
firefox-debuginfo-3.6.4-8.el4.i386.rpm

ia64:
firefox-3.6.4-8.el4.ia64.rpm
firefox-debuginfo-3.6.4-8.el4.ia64.rpm

x86_64:
firefox-3.6.4-8.el4.x86_64.rpm
firefox-debuginfo-3.6.4-8.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-3.6.4-8.el4.src.rpm

i386:
firefox-3.6.4-8.el4.i386.rpm
firefox-debuginfo-3.6.4-8.el4.i386.rpm

ia64:
firefox-3.6.4-8.el4.ia64.rpm
firefox-debuginfo-3.6.4-8.el4.ia64.rpm

x86_64:
firefox-3.6.4-8.el4.x86_64.rpm
firefox-debuginfo-3.6.4-8.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2008-5913.html
https://www.redhat.com/security/data/cve/CVE-2010-0182.html
https://www.redhat.com/security/data/cve/CVE-2010-1121.html
https://www.redhat.com/security/data/cve/CVE-2010-1125.html
https://www.redhat.com/security/data/cve/CVE-2010-1196.html
https://www.redhat.com/security/data/cve/CVE-2010-1197.html
https://www.redhat.com/security/data/cve/CVE-2010-1198.html
https://www.redhat.com/security/data/cve/CVE-2010-1199.html
https://www.redhat.com/security/data/cve/CVE-2010-1200.html
https://www.redhat.com/security/data/cve/CVE-2010-1202.html
https://www.redhat.com/security/data/cve/CVE-2010-1203.html
http://www.redhat.com/security/updates/classification/#critical
http://mozilla.com/en-US/firefox/3.6.4/releasenotes/
http://mozilla.com/en-US/firefox/3.6/releasenotes/
http://mozilla.org/security/known-vulnerabilities/firefox35.html
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.4

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMITo6XlSAg2UNWIIRAn6PAJ0fTu1AXxt21oM83nvUSdmmZjPI6wCbBUwC
VI3k5P7pazSUTCV66HXbYac=
=Um5E
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Tue Jun 22 22:34:55 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Tue, 22 Jun 2010 16:34:55 -0600
Subject: [RHSA-2010:0501-01] Critical: firefox security, bug fix,
	and enhancement update
Message-ID: <201006222234.o5MMYtQc004613@int-mx01.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: firefox security, bug fix, and enhancement update
Advisory ID:       RHSA-2010:0501-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0501.html
Issue date:        2010-06-22
CVE Names:         CVE-2008-5913 CVE-2010-0182 CVE-2010-1121 
                   CVE-2010-1125 CVE-2010-1196 CVE-2010-1197 
                   CVE-2010-1198 CVE-2010-1199 CVE-2010-1200 
                   CVE-2010-1202 CVE-2010-1203 
=====================================================================

1. Summary:

Updated firefox packages that address several security issues, fix bugs,
add numerous enhancements, and upgrade Firefox to version 3.6.4, are now
available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

Mozilla Firefox is an open source web browser.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203)

A flaw was found in the way browser plug-ins interact. It was possible for
a plug-in to reference the freed memory from a different plug-in, resulting
in the execution of arbitrary code with the privileges of the user running
Firefox. (CVE-2010-1198)

Several integer overflow flaws were found in the processing of malformed
web content. A web page containing malicious content could cause Firefox to
crash or, potentially, execute arbitrary code with the privileges of the
user running Firefox. (CVE-2010-1196, CVE-2010-1199)

A focus stealing flaw was found in the way Firefox handled focus changes. A
malicious website could use this flaw to steal sensitive data from a user,
such as usernames and passwords. (CVE-2010-1125)

A flaw was found in the way Firefox handled the "Content-Disposition:
attachment" HTTP header when the "Content-Type: multipart" HTTP header was
also present. A website that allows arbitrary uploads and relies on the
"Content-Disposition: attachment" HTTP header to prevent content from being
displayed inline, could be used by an attacker to serve malicious content
to users. (CVE-2010-1197)

A flaw was found in the Firefox Math.random() function. This function could
be used to identify a browsing session and track a user across different
websites. (CVE-2008-5913)

A flaw was found in the Firefox XML document loading security checks.
Certain security checks were not being called when an XML document was
loaded. This could possibly be leveraged later by an attacker to load
certain resources that violate the security policies of the browser or its
add-ons. Note that this issue cannot be exploited by only loading an XML
document. (CVE-2010-0182)

For technical details regarding these flaws, refer to the Mozilla security
advisories for Firefox 3.6.4. You can find a link to the Mozilla advisories
in the References section of this erratum.

This erratum upgrades Firefox from version 3.0.19 to version 3.6.4. Due to
the requirements of Firefox 3.6.4, this erratum also provides a number of
other updated packages, including esc, totem, and yelp.

This erratum also contains multiple bug fixes and numerous enhancements.
Space precludes documenting these changes in this advisory. For details
concerning these changes, refer to the Firefox Release Notes links in the
References section of this erratum.

Important: Firefox 3.6.4 is not completely backwards-compatible with all
Mozilla Add-ons and Firefox plug-ins that worked with Firefox 3.0.19.
Firefox 3.6 checks compatibility on first-launch, and, depending on the
individual configuration and the installed Add-ons and plug-ins, may
disable said Add-ons and plug-ins, or attempt to check for updates and
upgrade them. Add-ons and plug-ins may have to be manually updated.

All Firefox users should upgrade to these updated packages, which contain
Firefox version 3.6.4. After installing the update, Firefox must be
restarted for the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

480938 - CVE-2008-5913 mozilla: in-session phishing attack
577029 - CVE-2010-1121 firefox: arbitrary code execution via memory corruption
577584 - CVE-2010-1125 firefox: keystrokes sent to hidden frame rather than visible frame due to javascript flaw
586580 - CVE-2010-0182 mozilla: XMLDocument::load() doesn't check nsIContentPolicy (MFSA 2010-24)
590804 - CVE-2010-1200 Mozilla Crashes with evidence of memory corruption
590810 - CVE-2010-1202 Mozilla Crashes with evidence of memory corruption
590816 - CVE-2010-1203 Mozilla Crashes with evidence of memory corruption
590828 - CVE-2010-1198 Mozilla Freed object reuse across plugin instances
590830 - CVE-2010-1196 Mozilla Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
590833 - CVE-2010-1199 Mozilla Integer Overflow in XSLT Node Sorting
590850 - CVE-2010-1197 Mozilla Content-Disposition: attachment ignored if Content-Type: multipart also present

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/devhelp-0.12-21.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/esc-1.1.0-12.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-3.6.4-8.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/gnome-python2-extras-2.14.2-7.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/totem-2.16.7-7.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-1.9.2.4-9.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/yelp-2.16.0-26.el5.src.rpm

i386:
devhelp-0.12-21.el5.i386.rpm
devhelp-debuginfo-0.12-21.el5.i386.rpm
esc-1.1.0-12.el5.i386.rpm
esc-debuginfo-1.1.0-12.el5.i386.rpm
firefox-3.6.4-8.el5.i386.rpm
firefox-debuginfo-3.6.4-8.el5.i386.rpm
gnome-python2-extras-2.14.2-7.el5.i386.rpm
gnome-python2-extras-debuginfo-2.14.2-7.el5.i386.rpm
gnome-python2-gtkhtml2-2.14.2-7.el5.i386.rpm
gnome-python2-gtkmozembed-2.14.2-7.el5.i386.rpm
gnome-python2-gtkspell-2.14.2-7.el5.i386.rpm
gnome-python2-libegg-2.14.2-7.el5.i386.rpm
totem-2.16.7-7.el5.i386.rpm
totem-debuginfo-2.16.7-7.el5.i386.rpm
totem-mozplugin-2.16.7-7.el5.i386.rpm
xulrunner-1.9.2.4-9.el5.i386.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.i386.rpm
xulrunner-devel-1.9.2.4-9.el5.i386.rpm
yelp-2.16.0-26.el5.i386.rpm
yelp-debuginfo-2.16.0-26.el5.i386.rpm

x86_64:
devhelp-0.12-21.el5.i386.rpm
devhelp-0.12-21.el5.x86_64.rpm
devhelp-debuginfo-0.12-21.el5.i386.rpm
devhelp-debuginfo-0.12-21.el5.x86_64.rpm
esc-1.1.0-12.el5.x86_64.rpm
esc-debuginfo-1.1.0-12.el5.x86_64.rpm
firefox-3.6.4-8.el5.i386.rpm
firefox-3.6.4-8.el5.x86_64.rpm
firefox-debuginfo-3.6.4-8.el5.i386.rpm
firefox-debuginfo-3.6.4-8.el5.x86_64.rpm
gnome-python2-extras-2.14.2-7.el5.x86_64.rpm
gnome-python2-extras-debuginfo-2.14.2-7.el5.x86_64.rpm
gnome-python2-gtkhtml2-2.14.2-7.el5.x86_64.rpm
gnome-python2-gtkmozembed-2.14.2-7.el5.x86_64.rpm
gnome-python2-gtkspell-2.14.2-7.el5.x86_64.rpm
gnome-python2-libegg-2.14.2-7.el5.x86_64.rpm
totem-2.16.7-7.el5.i386.rpm
totem-2.16.7-7.el5.x86_64.rpm
totem-debuginfo-2.16.7-7.el5.i386.rpm
totem-debuginfo-2.16.7-7.el5.x86_64.rpm
totem-mozplugin-2.16.7-7.el5.x86_64.rpm
xulrunner-1.9.2.4-9.el5.i386.rpm
xulrunner-1.9.2.4-9.el5.x86_64.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.i386.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.x86_64.rpm
yelp-2.16.0-26.el5.x86_64.rpm
yelp-debuginfo-2.16.0-26.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/devhelp-0.12-21.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/totem-2.16.7-7.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-1.9.2.4-9.el5.src.rpm

i386:
devhelp-debuginfo-0.12-21.el5.i386.rpm
devhelp-devel-0.12-21.el5.i386.rpm
totem-debuginfo-2.16.7-7.el5.i386.rpm
totem-devel-2.16.7-7.el5.i386.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.i386.rpm
xulrunner-devel-1.9.2.4-9.el5.i386.rpm

x86_64:
devhelp-debuginfo-0.12-21.el5.i386.rpm
devhelp-debuginfo-0.12-21.el5.x86_64.rpm
devhelp-devel-0.12-21.el5.i386.rpm
devhelp-devel-0.12-21.el5.x86_64.rpm
totem-debuginfo-2.16.7-7.el5.i386.rpm
totem-debuginfo-2.16.7-7.el5.x86_64.rpm
totem-devel-2.16.7-7.el5.i386.rpm
totem-devel-2.16.7-7.el5.x86_64.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.i386.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.x86_64.rpm
xulrunner-devel-1.9.2.4-9.el5.i386.rpm
xulrunner-devel-1.9.2.4-9.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/devhelp-0.12-21.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/esc-1.1.0-12.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-3.6.4-8.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/gnome-python2-extras-2.14.2-7.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/totem-2.16.7-7.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xulrunner-1.9.2.4-9.el5.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/yelp-2.16.0-26.el5.src.rpm

i386:
devhelp-0.12-21.el5.i386.rpm
devhelp-debuginfo-0.12-21.el5.i386.rpm
devhelp-devel-0.12-21.el5.i386.rpm
esc-1.1.0-12.el5.i386.rpm
esc-debuginfo-1.1.0-12.el5.i386.rpm
firefox-3.6.4-8.el5.i386.rpm
firefox-debuginfo-3.6.4-8.el5.i386.rpm
gnome-python2-extras-2.14.2-7.el5.i386.rpm
gnome-python2-extras-debuginfo-2.14.2-7.el5.i386.rpm
gnome-python2-gtkhtml2-2.14.2-7.el5.i386.rpm
gnome-python2-gtkmozembed-2.14.2-7.el5.i386.rpm
gnome-python2-gtkspell-2.14.2-7.el5.i386.rpm
gnome-python2-libegg-2.14.2-7.el5.i386.rpm
totem-2.16.7-7.el5.i386.rpm
totem-debuginfo-2.16.7-7.el5.i386.rpm
totem-devel-2.16.7-7.el5.i386.rpm
totem-mozplugin-2.16.7-7.el5.i386.rpm
xulrunner-1.9.2.4-9.el5.i386.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.i386.rpm
xulrunner-devel-1.9.2.4-9.el5.i386.rpm
yelp-2.16.0-26.el5.i386.rpm
yelp-debuginfo-2.16.0-26.el5.i386.rpm

ia64:
devhelp-0.12-21.el5.ia64.rpm
devhelp-debuginfo-0.12-21.el5.ia64.rpm
devhelp-devel-0.12-21.el5.ia64.rpm
esc-1.1.0-12.el5.ia64.rpm
esc-debuginfo-1.1.0-12.el5.ia64.rpm
firefox-3.6.4-8.el5.ia64.rpm
firefox-debuginfo-3.6.4-8.el5.ia64.rpm
gnome-python2-extras-2.14.2-7.el5.ia64.rpm
gnome-python2-extras-debuginfo-2.14.2-7.el5.ia64.rpm
gnome-python2-gtkhtml2-2.14.2-7.el5.ia64.rpm
gnome-python2-gtkmozembed-2.14.2-7.el5.ia64.rpm
gnome-python2-gtkspell-2.14.2-7.el5.ia64.rpm
gnome-python2-libegg-2.14.2-7.el5.ia64.rpm
totem-2.16.7-7.el5.ia64.rpm
totem-debuginfo-2.16.7-7.el5.ia64.rpm
totem-devel-2.16.7-7.el5.ia64.rpm
totem-mozplugin-2.16.7-7.el5.ia64.rpm
xulrunner-1.9.2.4-9.el5.ia64.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.ia64.rpm
xulrunner-devel-1.9.2.4-9.el5.ia64.rpm
yelp-2.16.0-26.el5.ia64.rpm
yelp-debuginfo-2.16.0-26.el5.ia64.rpm

ppc:
devhelp-0.12-21.el5.ppc.rpm
devhelp-debuginfo-0.12-21.el5.ppc.rpm
devhelp-devel-0.12-21.el5.ppc.rpm
esc-1.1.0-12.el5.ppc.rpm
esc-debuginfo-1.1.0-12.el5.ppc.rpm
firefox-3.6.4-8.el5.ppc.rpm
firefox-debuginfo-3.6.4-8.el5.ppc.rpm
gnome-python2-extras-2.14.2-7.el5.ppc.rpm
gnome-python2-extras-debuginfo-2.14.2-7.el5.ppc.rpm
gnome-python2-gtkhtml2-2.14.2-7.el5.ppc.rpm
gnome-python2-gtkmozembed-2.14.2-7.el5.ppc.rpm
gnome-python2-gtkspell-2.14.2-7.el5.ppc.rpm
gnome-python2-libegg-2.14.2-7.el5.ppc.rpm
totem-2.16.7-7.el5.ppc.rpm
totem-2.16.7-7.el5.ppc64.rpm
totem-debuginfo-2.16.7-7.el5.ppc.rpm
totem-debuginfo-2.16.7-7.el5.ppc64.rpm
totem-devel-2.16.7-7.el5.ppc.rpm
totem-devel-2.16.7-7.el5.ppc64.rpm
totem-mozplugin-2.16.7-7.el5.ppc.rpm
xulrunner-1.9.2.4-9.el5.ppc.rpm
xulrunner-1.9.2.4-9.el5.ppc64.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.ppc.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.ppc64.rpm
xulrunner-devel-1.9.2.4-9.el5.ppc.rpm
xulrunner-devel-1.9.2.4-9.el5.ppc64.rpm
yelp-2.16.0-26.el5.ppc.rpm
yelp-debuginfo-2.16.0-26.el5.ppc.rpm

s390x:
devhelp-0.12-21.el5.s390.rpm
devhelp-0.12-21.el5.s390x.rpm
devhelp-debuginfo-0.12-21.el5.s390.rpm
devhelp-debuginfo-0.12-21.el5.s390x.rpm
devhelp-devel-0.12-21.el5.s390.rpm
devhelp-devel-0.12-21.el5.s390x.rpm
firefox-3.6.4-8.el5.s390.rpm
firefox-3.6.4-8.el5.s390x.rpm
firefox-debuginfo-3.6.4-8.el5.s390.rpm
firefox-debuginfo-3.6.4-8.el5.s390x.rpm
gnome-python2-extras-2.14.2-7.el5.s390x.rpm
gnome-python2-extras-debuginfo-2.14.2-7.el5.s390x.rpm
gnome-python2-gtkhtml2-2.14.2-7.el5.s390x.rpm
gnome-python2-gtkmozembed-2.14.2-7.el5.s390x.rpm
gnome-python2-gtkspell-2.14.2-7.el5.s390x.rpm
gnome-python2-libegg-2.14.2-7.el5.s390x.rpm
totem-2.16.7-7.el5.s390.rpm
totem-2.16.7-7.el5.s390x.rpm
totem-debuginfo-2.16.7-7.el5.s390.rpm
totem-debuginfo-2.16.7-7.el5.s390x.rpm
totem-devel-2.16.7-7.el5.s390.rpm
totem-devel-2.16.7-7.el5.s390x.rpm
totem-mozplugin-2.16.7-7.el5.s390x.rpm
xulrunner-1.9.2.4-9.el5.s390.rpm
xulrunner-1.9.2.4-9.el5.s390x.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.s390.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.s390x.rpm
xulrunner-devel-1.9.2.4-9.el5.s390.rpm
xulrunner-devel-1.9.2.4-9.el5.s390x.rpm
yelp-2.16.0-26.el5.s390x.rpm
yelp-debuginfo-2.16.0-26.el5.s390x.rpm

x86_64:
devhelp-0.12-21.el5.i386.rpm
devhelp-0.12-21.el5.x86_64.rpm
devhelp-debuginfo-0.12-21.el5.i386.rpm
devhelp-debuginfo-0.12-21.el5.x86_64.rpm
devhelp-devel-0.12-21.el5.i386.rpm
devhelp-devel-0.12-21.el5.x86_64.rpm
esc-1.1.0-12.el5.x86_64.rpm
esc-debuginfo-1.1.0-12.el5.x86_64.rpm
firefox-3.6.4-8.el5.i386.rpm
firefox-3.6.4-8.el5.x86_64.rpm
firefox-debuginfo-3.6.4-8.el5.i386.rpm
firefox-debuginfo-3.6.4-8.el5.x86_64.rpm
gnome-python2-extras-2.14.2-7.el5.x86_64.rpm
gnome-python2-extras-debuginfo-2.14.2-7.el5.x86_64.rpm
gnome-python2-gtkhtml2-2.14.2-7.el5.x86_64.rpm
gnome-python2-gtkmozembed-2.14.2-7.el5.x86_64.rpm
gnome-python2-gtkspell-2.14.2-7.el5.x86_64.rpm
gnome-python2-libegg-2.14.2-7.el5.x86_64.rpm
totem-2.16.7-7.el5.i386.rpm
totem-2.16.7-7.el5.x86_64.rpm
totem-debuginfo-2.16.7-7.el5.i386.rpm
totem-debuginfo-2.16.7-7.el5.x86_64.rpm
totem-devel-2.16.7-7.el5.i386.rpm
totem-devel-2.16.7-7.el5.x86_64.rpm
totem-mozplugin-2.16.7-7.el5.x86_64.rpm
xulrunner-1.9.2.4-9.el5.i386.rpm
xulrunner-1.9.2.4-9.el5.x86_64.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.i386.rpm
xulrunner-debuginfo-1.9.2.4-9.el5.x86_64.rpm
xulrunner-devel-1.9.2.4-9.el5.i386.rpm
xulrunner-devel-1.9.2.4-9.el5.x86_64.rpm
yelp-2.16.0-26.el5.x86_64.rpm
yelp-debuginfo-2.16.0-26.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2008-5913.html
https://www.redhat.com/security/data/cve/CVE-2010-0182.html
https://www.redhat.com/security/data/cve/CVE-2010-1121.html
https://www.redhat.com/security/data/cve/CVE-2010-1125.html
https://www.redhat.com/security/data/cve/CVE-2010-1196.html
https://www.redhat.com/security/data/cve/CVE-2010-1197.html
https://www.redhat.com/security/data/cve/CVE-2010-1198.html
https://www.redhat.com/security/data/cve/CVE-2010-1199.html
https://www.redhat.com/security/data/cve/CVE-2010-1200.html
https://www.redhat.com/security/data/cve/CVE-2010-1202.html
https://www.redhat.com/security/data/cve/CVE-2010-1203.html
http://www.redhat.com/security/updates/classification/#critical
http://mozilla.com/en-US/firefox/3.6.4/releasenotes/
http://mozilla.com/en-US/firefox/3.6/releasenotes/
http://mozilla.org/security/known-vulnerabilities/firefox35.html
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.4

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMITp6XlSAg2UNWIIRArVxAJ0byDUPlx3QmcePAMOdPlGPWOBVoACgvVGI
0C0soNgmU6yhhtohWTDbwBc=
=fsWx
-----END PGP SIGNATURE-----




From bugzilla at redhat.com  Wed Jun 30 18:00:34 2010
From: bugzilla at redhat.com (bugzilla at redhat.com)
Date: Wed, 30 Jun 2010 14:00:34 -0400
Subject: [RHSA-2010:0503-01] Critical: acroread security update
Message-ID: <201006301800.o5UI0Y97018765@int-mx08.intmail.prod.int.phx2.redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: acroread security update
Advisory ID:       RHSA-2010:0503-01
Product:           Red Hat Enterprise Linux Extras
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0503.html
Issue date:        2010-06-30
CVE Names:         CVE-2010-1240 CVE-2010-1285 CVE-2010-1295 
                   CVE-2010-1297 CVE-2010-2168 CVE-2010-2201 
                   CVE-2010-2202 CVE-2010-2203 CVE-2010-2204 
                   CVE-2010-2205 CVE-2010-2206 CVE-2010-2207 
                   CVE-2010-2208 CVE-2010-2209 CVE-2010-2210 
                   CVE-2010-2211 CVE-2010-2212 
=====================================================================

1. Summary:

Updated acroread packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise
Linux 5 Supplementary.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Desktop Supplementary (v. 5 client) - i386, x86_64
RHEL Supplementary (v. 5 server) - i386, x86_64
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64

3. Description:

Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).

This update fixes multiple vulnerabilities in Adobe Reader. These
vulnerabilities are detailed on the Adobe security pages APSA10-01 and
APSB10-15, listed in the References section. A specially-crafted PDF file
could cause Adobe Reader to crash or, potentially, execute arbitrary code
as the user running Adobe Reader when opened. (CVE-2010-1240,
CVE-2010-1285, CVE-2010-1295, CVE-2010-1297, CVE-2010-2168, CVE-2010-2201,
CVE-2010-2202, CVE-2010-2203, CVE-2010-2204, CVE-2010-2205, CVE-2010-2206,
CVE-2010-2207, CVE-2010-2208, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211,
CVE-2010-2212)

All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.3.3, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

600692 - CVE-2010-1297 acroread, flash-plugin: Arbitrary code execution by opening a specially-crafted PDF file with malicious SWF content (APSA10-01)
609203 - acroread: multiple code execution flaws (APSB10-15)

6. Package List:

Red Hat Enterprise Linux AS version 4 Extras:

i386:
acroread-9.3.3-2.el4.i386.rpm
acroread-plugin-9.3.3-2.el4.i386.rpm

x86_64:
acroread-9.3.3-2.el4.i386.rpm

Red Hat Desktop version 4 Extras:

i386:
acroread-9.3.3-2.el4.i386.rpm
acroread-plugin-9.3.3-2.el4.i386.rpm

x86_64:
acroread-9.3.3-2.el4.i386.rpm

Red Hat Enterprise Linux ES version 4 Extras:

i386:
acroread-9.3.3-2.el4.i386.rpm
acroread-plugin-9.3.3-2.el4.i386.rpm

x86_64:
acroread-9.3.3-2.el4.i386.rpm

Red Hat Enterprise Linux WS version 4 Extras:

i386:
acroread-9.3.3-2.el4.i386.rpm
acroread-plugin-9.3.3-2.el4.i386.rpm

x86_64:
acroread-9.3.3-2.el4.i386.rpm

RHEL Desktop Supplementary (v. 5 client):

i386:
acroread-9.3.3-1.el5.i386.rpm
acroread-plugin-9.3.3-1.el5.i386.rpm

x86_64:
acroread-9.3.3-1.el5.i386.rpm
acroread-plugin-9.3.3-1.el5.i386.rpm

RHEL Supplementary (v. 5 server):

i386:
acroread-9.3.3-1.el5.i386.rpm
acroread-plugin-9.3.3-1.el5.i386.rpm

x86_64:
acroread-9.3.3-1.el5.i386.rpm
acroread-plugin-9.3.3-1.el5.i386.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-1240.html
https://www.redhat.com/security/data/cve/CVE-2010-1285.html
https://www.redhat.com/security/data/cve/CVE-2010-1295.html
https://www.redhat.com/security/data/cve/CVE-2010-1297.html
https://www.redhat.com/security/data/cve/CVE-2010-2168.html
https://www.redhat.com/security/data/cve/CVE-2010-2201.html
https://www.redhat.com/security/data/cve/CVE-2010-2202.html
https://www.redhat.com/security/data/cve/CVE-2010-2203.html
https://www.redhat.com/security/data/cve/CVE-2010-2204.html
https://www.redhat.com/security/data/cve/CVE-2010-2205.html
https://www.redhat.com/security/data/cve/CVE-2010-2206.html
https://www.redhat.com/security/data/cve/CVE-2010-2207.html
https://www.redhat.com/security/data/cve/CVE-2010-2208.html
https://www.redhat.com/security/data/cve/CVE-2010-2209.html
https://www.redhat.com/security/data/cve/CVE-2010-2210.html
https://www.redhat.com/security/data/cve/CVE-2010-2211.html
https://www.redhat.com/security/data/cve/CVE-2010-2212.html
http://www.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/advisories/apsa10-01.html
http://www.adobe.com/support/security/bulletins/apsb10-15.html

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMK4YJXlSAg2UNWIIRAsvmAJ0UF+ILoBrbssYfVvNlOpZ3KelLpACeOzN2
DAgZ/L69+IzI62xcffKU9Qg=
=LICV
-----END PGP SIGNATURE-----