From bugzilla at redhat.com Mon May 3 07:35:27 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 3 May 2010 08:35:27 +0100 Subject: [RHSA-2010:0386-01] Low: Red Hat Enterprise Linux 3 - 6-Month End Of Life Notice Message-ID: <201005030736.o437aIqL032762@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux 3 - 6-Month End Of Life Notice Advisory ID: RHSA-2010:0386-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0386.html Issue date: 2010-05-03 ===================================================================== 1. Summary: This is the 6-month notification of the End Of Life plans for Red Hat Enterprise Linux 3. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, the regular 7 year life-cycle of Red Hat Enterprise Linux 3 will end on October 31, 2010. After this date, Red Hat will discontinue the regular subscription services for Red Hat Enterprise Linux 3. Therefore, new bug fix, enhancement, and security errata updates, as well as technical support services will no longer be available for the following products: * Red Hat Enterprise Linux AS 3 * Red Hat Enterprise Linux ES 3 * Red Hat Enterprise Linux WS 3 * Red Hat Enterprise Linux Extras 3 * Red Hat Desktop 3 * Red Hat Global File System 3 * Red Hat Cluster Suite 3 Customers still running production workloads on Red Hat Enterprise Linux 3 are advised to begin planning the upgrade to Red Hat Enterprise Linux 5. Active subscribers of Red Hat Enterprise Linux already have access to all currently maintained versions of Red Hat Enterprise Linux, as part of their subscription without additional fees. For customers who are unable to migrate off Red Hat Enterprise Linux 3 before its end-of-life date, Red Hat may offer a limited, optional extension program. For more information, contact your Red Hat sales representative or channel partner. Details of the Red Hat Enterprise Linux life-cycle can be found on the Red Hat website: http://www.redhat.com/security/updates/errata/ 4. Solution: This erratum contains an updated redhat-release package, that provides a copy of this end of life notice in the "/usr/share/doc/" directory. 5. Bugs fixed (http://bugzilla.redhat.com/): 586512 - Send Out RHEL 3 6-Month EOL Notice 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/redhat-release-3AS-13.9.8.src.rpm i386: redhat-release-3AS-13.9.8.i386.rpm redhat-release-debuginfo-3AS-13.9.8.i386.rpm ia64: redhat-release-3AS-13.9.8.ia64.rpm redhat-release-debuginfo-3AS-13.9.8.ia64.rpm ppc: redhat-release-3AS-13.9.8.ppc.rpm redhat-release-debuginfo-3AS-13.9.8.ppc.rpm s390: redhat-release-3AS-13.9.8.s390.rpm redhat-release-debuginfo-3AS-13.9.8.s390.rpm s390x: redhat-release-3AS-13.9.8.s390x.rpm redhat-release-debuginfo-3AS-13.9.8.s390x.rpm x86_64: redhat-release-3AS-13.9.8.x86_64.rpm redhat-release-debuginfo-3AS-13.9.8.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/redhat-release-3Desktop-13.9.8.src.rpm i386: redhat-release-3Desktop-13.9.8.i386.rpm redhat-release-debuginfo-3Desktop-13.9.8.i386.rpm x86_64: redhat-release-3Desktop-13.9.8.x86_64.rpm redhat-release-debuginfo-3Desktop-13.9.8.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/redhat-release-3ES-13.9.8.src.rpm i386: redhat-release-3ES-13.9.8.i386.rpm redhat-release-debuginfo-3ES-13.9.8.i386.rpm ia64: redhat-release-3ES-13.9.8.ia64.rpm redhat-release-debuginfo-3ES-13.9.8.ia64.rpm x86_64: redhat-release-3ES-13.9.8.x86_64.rpm redhat-release-debuginfo-3ES-13.9.8.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/redhat-release-3WS-13.9.8.src.rpm i386: redhat-release-3WS-13.9.8.i386.rpm redhat-release-debuginfo-3WS-13.9.8.i386.rpm ia64: redhat-release-3WS-13.9.8.ia64.rpm redhat-release-debuginfo-3WS-13.9.8.ia64.rpm x86_64: redhat-release-3WS-13.9.8.x86_64.rpm redhat-release-debuginfo-3WS-13.9.8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.redhat.com/security/updates/classification/#low http://www.redhat.com/security/updates/errata/ 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL3nzbXlSAg2UNWIIRAp1AAJ9Meq3JuwrxhNFjpp9Ghj0x3Y/rGACeKXUv CVPmf1hsQu2VcIR+6AtR1aQ= =f7J6 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 5 13:19:53 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 5 May 2010 09:19:53 -0400 Subject: [RHSA-2010:0394-01] Important: kernel security, bug fix, and enhancement update Message-ID: <201005051319.o45DJr37010214@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2010:0394-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0394.html Issue date: 2010-05-05 CVE Names: CVE-2010-0729 CVE-2010-1083 CVE-2010-1085 CVE-2010-1086 CVE-2010-1188 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues, several bugs, and add three enhancements are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * RHSA-2009:1024 introduced a flaw in the ptrace implementation on Itanium systems. ptrace_check_attach() was not called during certain ptrace() requests. Under certain circumstances, a local, unprivileged user could use this flaw to call ptrace() on a process they do not own, giving them control over that process. (CVE-2010-0729, Important) * a flaw was found in the kernel's Unidirectional Lightweight Encapsulation (ULE) implementation. A remote attacker could send a specially-crafted ISO MPEG-2 Transport Stream (TS) frame to a target system, resulting in a denial of service. (CVE-2010-1086, Important) * a use-after-free flaw was found in tcp_rcv_state_process() in the kernel's TCP/IP protocol suite implementation. If a system using IPv6 had the IPV6_RECVPKTINFO option set on a listening socket, a remote attacker could send an IPv6 packet to that system, causing a kernel panic. (CVE-2010-1188, Important) * a divide-by-zero flaw was found in azx_position_ok() in the Intel High Definition Audio driver, snd-hda-intel. A local, unprivileged user could trigger this flaw to cause a denial of service. (CVE-2010-1085, Moderate) * an information leak flaw was found in the kernel's USB implementation. Certain USB errors could result in an uninitialized kernel buffer being sent to user-space. An attacker with physical access to a target system could use this flaw to cause an information leak. (CVE-2010-1083, Low) Red Hat would like to thank Ang Way Chuang for reporting CVE-2010-1086. Bug fixes: * a regression prevented the Broadcom BCM5761 network device from working when in the first (top) PCI-E slot of Hewlett-Packard (HP) Z600 systems. Note: The card worked in the 2nd or 3rd PCI-E slot. (BZ#567205) * the Xen hypervisor supports 168 GB of RAM for 32-bit guests. The physical address range was set incorrectly, however, causing 32-bit, para-virtualized Red Hat Enterprise Linux 4.8 guests to crash when launched on AMD64 or Intel 64 hosts that have more than 64 GB of RAM. (BZ#574392) * RHSA-2009:1024 introduced a regression, causing diskdump to fail on systems with certain adapters using the qla2xxx driver. (BZ#577234) * a race condition caused TX to stop in a guest using the virtio_net driver. (BZ#580089) * on some systems, using the "arp_validate=3" bonding option caused both links to show as "down" even though the arp_target was responding to ARP requests sent by the bonding driver. (BZ#580842) * in some circumstances, when a Red Hat Enterprise Linux client connected to a re-booted Windows-based NFS server, server-side filehandle-to-inode mapping changes caused a kernel panic. "bad_inode_ops" handling was changed to prevent this. Note: filehandle-to-inode mapping changes may still cause errors, but not panics. (BZ#582908) * when installing a Red Hat Enterprise Linux 4 guest via PXE, hard-coded fixed-size scatterlists could conflict with host requests, causing the guest's kernel to panic. With this update, dynamically allocated scatterlists are used, resolving this issue. (BZ#582911) Enhancements: * kernel support for connlimit. Note: iptables errata update RHBA-2010:0395 is also required for connlimit to work correctly. (BZ#563223) * support for the Intel architectural performance monitoring subsystem (arch_perfmon). On supported CPUs, arch_perfmon offers means to mark performance events and options for configuring and counting these events. (BZ#582913) * kernel support for OProfile sampling of Intel microarchitecture (Nehalem) CPUs. This update alone does not address OProfile support for such CPUs. A future oprofile package update will allow OProfile to work on Intel Nehalem CPUs. (BZ#582241) Users should upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 563223 - [RFE ] Connlimit kernel module support [rhel-4.9] [rhel-4.8.z] 566624 - CVE-2010-1083 kernel: information leak via userspace USB interface 567168 - CVE-2010-1085 kernel: ALSA: hda-intel: Avoid divide by zero crash 567205 - RHEL4.8: Broadcom 5761 NIC does not work [rhel-4.8.z] 569237 - CVE-2010-1086 kernel: dvb-core: DoS bug in ULE decapsulation code 572007 - CVE-2010-0729 kernel: ia64: ptrace: peek_or_poke requests miss ptrace_check_attach() 574392 - [RHEL4 Xen]: i386 Guest crash when host has >= 64G RAM [rhel-4.8.z] 577234 - qla2xxx flash programming changes in 4.8 broke diskdump [rhel-4.8.z] 577711 - CVE-2010-1188 kernel: ipv6: skb is unexpectedly freed 580089 - virtio_net 'eth0' interface in a RHEL 4.8 KVM virtual machine becomes unresponsive due to stopped state [rhel-4.8.z] 580842 - [RHEL 4] bonding option arp_validate=3 does not seem to function properly with vlan tagging [rhel-4.8.z] 582241 - [RHEL 4.7] oprofile doesn't work with Nehalem (kernel support) [rhel-4.8.z] 582908 - RHEL4.8-i686 panic in vfs_getattr64() Bad EIP value. [rhel-4.8.z] 582911 - i386 rhel4.8 kvm guests crashes in virtio during installation [rhel-4.8.z] 582913 - [Intel 4.9] Support arch_perfmon for oprofile (kernel support) [rhel-4.8.z] 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-89.0.25.EL.src.rpm i386: kernel-2.6.9-89.0.25.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.25.EL.i686.rpm kernel-devel-2.6.9-89.0.25.EL.i686.rpm kernel-hugemem-2.6.9-89.0.25.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.25.EL.i686.rpm kernel-smp-2.6.9-89.0.25.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.25.EL.i686.rpm kernel-xenU-2.6.9-89.0.25.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.25.EL.i686.rpm ia64: kernel-2.6.9-89.0.25.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.25.EL.ia64.rpm kernel-devel-2.6.9-89.0.25.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.25.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.25.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.25.EL.noarch.rpm ppc: kernel-2.6.9-89.0.25.EL.ppc64.rpm kernel-2.6.9-89.0.25.EL.ppc64iseries.rpm kernel-debuginfo-2.6.9-89.0.25.EL.ppc64.rpm kernel-debuginfo-2.6.9-89.0.25.EL.ppc64iseries.rpm kernel-devel-2.6.9-89.0.25.EL.ppc64.rpm kernel-devel-2.6.9-89.0.25.EL.ppc64iseries.rpm kernel-largesmp-2.6.9-89.0.25.EL.ppc64.rpm kernel-largesmp-devel-2.6.9-89.0.25.EL.ppc64.rpm s390: kernel-2.6.9-89.0.25.EL.s390.rpm kernel-debuginfo-2.6.9-89.0.25.EL.s390.rpm kernel-devel-2.6.9-89.0.25.EL.s390.rpm s390x: kernel-2.6.9-89.0.25.EL.s390x.rpm kernel-debuginfo-2.6.9-89.0.25.EL.s390x.rpm kernel-devel-2.6.9-89.0.25.EL.s390x.rpm x86_64: kernel-2.6.9-89.0.25.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.25.EL.x86_64.rpm kernel-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.25.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-smp-2.6.9-89.0.25.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.25.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.25.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-89.0.25.EL.src.rpm i386: kernel-2.6.9-89.0.25.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.25.EL.i686.rpm kernel-devel-2.6.9-89.0.25.EL.i686.rpm kernel-hugemem-2.6.9-89.0.25.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.25.EL.i686.rpm kernel-smp-2.6.9-89.0.25.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.25.EL.i686.rpm kernel-xenU-2.6.9-89.0.25.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.25.EL.i686.rpm noarch: kernel-doc-2.6.9-89.0.25.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.25.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.25.EL.x86_64.rpm kernel-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.25.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-smp-2.6.9-89.0.25.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.25.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.25.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-89.0.25.EL.src.rpm i386: kernel-2.6.9-89.0.25.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.25.EL.i686.rpm kernel-devel-2.6.9-89.0.25.EL.i686.rpm kernel-hugemem-2.6.9-89.0.25.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.25.EL.i686.rpm kernel-smp-2.6.9-89.0.25.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.25.EL.i686.rpm kernel-xenU-2.6.9-89.0.25.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.25.EL.i686.rpm ia64: kernel-2.6.9-89.0.25.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.25.EL.ia64.rpm kernel-devel-2.6.9-89.0.25.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.25.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.25.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.25.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.25.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.25.EL.x86_64.rpm kernel-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.25.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-smp-2.6.9-89.0.25.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.25.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.25.EL.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-89.0.25.EL.src.rpm i386: kernel-2.6.9-89.0.25.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.25.EL.i686.rpm kernel-devel-2.6.9-89.0.25.EL.i686.rpm kernel-hugemem-2.6.9-89.0.25.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.25.EL.i686.rpm kernel-smp-2.6.9-89.0.25.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.25.EL.i686.rpm kernel-xenU-2.6.9-89.0.25.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.25.EL.i686.rpm ia64: kernel-2.6.9-89.0.25.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.25.EL.ia64.rpm kernel-devel-2.6.9-89.0.25.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.25.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.25.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.25.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.25.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.25.EL.x86_64.rpm kernel-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.25.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-smp-2.6.9-89.0.25.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.25.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.25.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.25.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0729.html https://www.redhat.com/security/data/cve/CVE-2010-1083.html https://www.redhat.com/security/data/cve/CVE-2010-1085.html https://www.redhat.com/security/data/cve/CVE-2010-1086.html https://www.redhat.com/security/data/cve/CVE-2010-1188.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL4XBuXlSAg2UNWIIRAtx2AJ4r6Jah1Ep+xF8dajeuxCnYpWuDdgCfXuJL l8rui+Lz7Xo0Np3sWW0v9RI= =YmP8 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 6 19:21:50 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 6 May 2010 15:21:50 -0400 Subject: [RHSA-2010:0398-01] Important: kernel security and bug fix update Message-ID: <201005061921.o46JLpTE024654@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2010:0398-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0398.html Issue date: 2010-05-06 CVE Names: CVE-2010-0307 CVE-2010-0410 CVE-2010-0730 CVE-2010-1085 CVE-2010-1086 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * a flaw was found in the Unidirectional Lightweight Encapsulation (ULE) implementation. A remote attacker could send a specially-crafted ISO MPEG-2 Transport Stream (TS) frame to a target system, resulting in an infinite loop (denial of service). (CVE-2010-1086, Important) * on AMD64 systems, it was discovered that the kernel did not ensure the ELF interpreter was available before making a call to the SET_PERSONALITY macro. A local attacker could use this flaw to cause a denial of service by running a 32-bit application that attempts to execute a 64-bit application. (CVE-2010-0307, Moderate) * a flaw was found in the kernel connector implementation. A local, unprivileged user could trigger this flaw by sending an arbitrary number of notification requests using specially-crafted netlink messages, resulting in a denial of service. (CVE-2010-0410, Moderate) * a flaw was found in the Memory-mapped I/O (MMIO) instruction decoder in the Xen hypervisor implementation. An unprivileged guest user could use this flaw to trick the hypervisor into emulating a certain instruction, which could crash the guest (denial of service). (CVE-2010-0730, Moderate) * a divide-by-zero flaw was found in the azx_position_ok() function in the driver for Intel High Definition Audio, snd-hda-intel. A local, unprivileged user could trigger this flaw to cause a kernel crash (denial of service). (CVE-2010-1085, Moderate) This update also fixes the following bugs: * in some cases, booting a system with the "iommu=on" kernel parameter resulted in a Xen hypervisor panic. (BZ#580199) * the fnic driver flushed the Rx queue instead of the Tx queue after fabric login. This caused crashes in some cases. (BZ#580829) * "kernel unaligned access" warnings were logged to the dmesg log on some systems. (BZ#580832) * the "Northbridge Error, node 1, core: -1 K8 ECC error" error occurred on some systems using the amd64_edac driver. (BZ#580836) * in rare circumstances, when using kdump and booting a kernel with "crashkernel=128M at 16M", the kdump kernel did not boot after a crash. (BZ#580838) * TLB page table entry flushing was done incorrectly on IBM System z, possibly causing crashes, subtle data inconsistency, or other issues. (BZ#580839) * iSCSI failover times were slower than in Red Hat Enterprise Linux 5.3. (BZ#580840) * fixed floating point state corruption after signal. (BZ#580841) * in certain circumstances, under heavy load, certain network interface cards using the bnx2 driver and configured to use MSI-X, could stop processing interrupts and then network connectivity would cease. (BZ#587799) * cnic parts resets could cause a deadlock when the bnx2 device was enslaved in a bonding device and that device had an associated VLAN. (BZ#581148) * some BIOS implementations initialized interrupt remapping hardware in a way the Xen hypervisor implementation did not expect. This could have caused a system hang during boot. (BZ#581150) * AMD Magny-Cours systems panicked when booting a 32-bit kernel. (BZ#580846) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 560547 - CVE-2010-0307 kernel: DoS on x86_64 561682 - CVE-2010-0410 kernel: OOM/crash in drivers/connector 567168 - CVE-2010-1085 kernel: ALSA: hda-intel: Avoid divide by zero crash 569237 - CVE-2010-1086 kernel: dvb-core: DoS bug in ULE decapsulation code 572971 - CVE-2010-0730 xen: emulator instruction decoding inconsistency 580199 - xen: clear ioapic registers on boot [rhel-5.5.z] 580829 - [Cisco 5.6 bug] fnic: flush Tx queue bug fix [rhel-5.5.z] 580832 - kernel unaligned messages from mptsas_firmware_event_work [rhel-5.5.z] 580836 - EDAC driver error on system with bad memory [rhel-5.5.z] 580838 - [5.4]System panic occurred during boot sequence with the server which carries 256GMB physical memory. [rhel-5.5.z] 580839 - kernel: correct TLB flush of page table entries concurrently used by another cpu [rhel-5.5.z] 580840 - REGRESSION: Fix iscsi failover time [rhel-5.5.z] 580841 - floating point register state corruption after handling SIGSEGV [rhel-5.5.z] 581148 - Kernel: network: bonding: scheduling while atomic: ifdown-eth/0x00000100/21775 [rhel-5.5.z] 581150 - [Intel 5.6 Virt Bug] [VT-d] Dom0 booting may hang on Westmere-EP with intremap enabled [rhel-5.5.z] 587799 - NIC doesn't register packets [rhel-5.5.z] 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-194.3.1.el5.src.rpm i386: kernel-2.6.18-194.3.1.el5.i686.rpm kernel-PAE-2.6.18-194.3.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-194.3.1.el5.i686.rpm kernel-PAE-devel-2.6.18-194.3.1.el5.i686.rpm kernel-debug-2.6.18-194.3.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-194.3.1.el5.i686.rpm kernel-debug-devel-2.6.18-194.3.1.el5.i686.rpm kernel-debuginfo-2.6.18-194.3.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-194.3.1.el5.i686.rpm kernel-devel-2.6.18-194.3.1.el5.i686.rpm kernel-headers-2.6.18-194.3.1.el5.i386.rpm kernel-xen-2.6.18-194.3.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-194.3.1.el5.i686.rpm kernel-xen-devel-2.6.18-194.3.1.el5.i686.rpm noarch: kernel-doc-2.6.18-194.3.1.el5.noarch.rpm x86_64: kernel-2.6.18-194.3.1.el5.x86_64.rpm kernel-debug-2.6.18-194.3.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-194.3.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-194.3.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-194.3.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-194.3.1.el5.x86_64.rpm kernel-devel-2.6.18-194.3.1.el5.x86_64.rpm kernel-headers-2.6.18-194.3.1.el5.x86_64.rpm kernel-xen-2.6.18-194.3.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-194.3.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-194.3.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-194.3.1.el5.src.rpm i386: kernel-2.6.18-194.3.1.el5.i686.rpm kernel-PAE-2.6.18-194.3.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-194.3.1.el5.i686.rpm kernel-PAE-devel-2.6.18-194.3.1.el5.i686.rpm kernel-debug-2.6.18-194.3.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-194.3.1.el5.i686.rpm kernel-debug-devel-2.6.18-194.3.1.el5.i686.rpm kernel-debuginfo-2.6.18-194.3.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-194.3.1.el5.i686.rpm kernel-devel-2.6.18-194.3.1.el5.i686.rpm kernel-headers-2.6.18-194.3.1.el5.i386.rpm kernel-xen-2.6.18-194.3.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-194.3.1.el5.i686.rpm kernel-xen-devel-2.6.18-194.3.1.el5.i686.rpm ia64: kernel-2.6.18-194.3.1.el5.ia64.rpm kernel-debug-2.6.18-194.3.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-194.3.1.el5.ia64.rpm kernel-debug-devel-2.6.18-194.3.1.el5.ia64.rpm kernel-debuginfo-2.6.18-194.3.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-194.3.1.el5.ia64.rpm kernel-devel-2.6.18-194.3.1.el5.ia64.rpm kernel-headers-2.6.18-194.3.1.el5.ia64.rpm kernel-xen-2.6.18-194.3.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-194.3.1.el5.ia64.rpm kernel-xen-devel-2.6.18-194.3.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-194.3.1.el5.noarch.rpm ppc: kernel-2.6.18-194.3.1.el5.ppc64.rpm kernel-debug-2.6.18-194.3.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-194.3.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-194.3.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-194.3.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-194.3.1.el5.ppc64.rpm kernel-devel-2.6.18-194.3.1.el5.ppc64.rpm kernel-headers-2.6.18-194.3.1.el5.ppc.rpm kernel-headers-2.6.18-194.3.1.el5.ppc64.rpm kernel-kdump-2.6.18-194.3.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-194.3.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-194.3.1.el5.ppc64.rpm s390x: kernel-2.6.18-194.3.1.el5.s390x.rpm kernel-debug-2.6.18-194.3.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-194.3.1.el5.s390x.rpm kernel-debug-devel-2.6.18-194.3.1.el5.s390x.rpm kernel-debuginfo-2.6.18-194.3.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-194.3.1.el5.s390x.rpm kernel-devel-2.6.18-194.3.1.el5.s390x.rpm kernel-headers-2.6.18-194.3.1.el5.s390x.rpm kernel-kdump-2.6.18-194.3.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-194.3.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-194.3.1.el5.s390x.rpm x86_64: kernel-2.6.18-194.3.1.el5.x86_64.rpm kernel-debug-2.6.18-194.3.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-194.3.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-194.3.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-194.3.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-194.3.1.el5.x86_64.rpm kernel-devel-2.6.18-194.3.1.el5.x86_64.rpm kernel-headers-2.6.18-194.3.1.el5.x86_64.rpm kernel-xen-2.6.18-194.3.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-194.3.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-194.3.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-0307.html https://www.redhat.com/security/data/cve/CVE-2010-0410.html https://www.redhat.com/security/data/cve/CVE-2010-0730.html https://www.redhat.com/security/data/cve/CVE-2010-1085.html https://www.redhat.com/security/data/cve/CVE-2010-1086.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL4xXWXlSAg2UNWIIRAjNFAJ4no/FMWsSCS6sAV/NC/AMjk8Q0bwCcCsRR KZA8JXiogM9FFwFCZ3kZ+NY= =Nw6E -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 6 19:22:23 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 6 May 2010 15:22:23 -0400 Subject: [RHSA-2010:0399-01] Moderate: tetex security update Message-ID: <201005061922.o46JMN15012839@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: tetex security update Advisory ID: RHSA-2010:0399-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0399.html Issue date: 2010-05-06 CVE Names: CVE-2007-5935 CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0195 CVE-2009-0791 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-3609 CVE-2010-0739 CVE-2010-0827 CVE-2010-1440 ===================================================================== 1. Summary: Updated tetex packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: teTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent (DVI) file as output. A buffer overflow flaw was found in the way teTeX processed virtual font files when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash or, potentially, execute arbitrary code. (CVE-2010-0827) Multiple integer overflow flaws were found in the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash or, potentially, execute arbitrary code. (CVE-2010-0739, CVE-2010-1440) A stack-based buffer overflow flaw was found in the way teTeX processed DVI files containing HyperTeX references with long titles, when converting them into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash. (CVE-2007-5935) teTeX embeds a copy of Xpdf, an open source Portable Document Format (PDF) file viewer, to allow adding images in PDF format to the generated PDF documents. The following issues affect Xpdf code: Multiple integer overflow flaws were found in Xpdf's JBIG2 decoder. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0147, CVE-2009-1179) Multiple integer overflow flaws were found in Xpdf. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0791, CVE-2009-3609) A heap-based buffer overflow flaw was found in Xpdf's JBIG2 decoder. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0195) Multiple buffer overflow flaws were found in Xpdf's JBIG2 decoder. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0146, CVE-2009-1182) Multiple flaws were found in Xpdf's JBIG2 decoder that could lead to the freeing of arbitrary memory. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0166, CVE-2009-1180) Multiple input validation flaws were found in Xpdf's JBIG2 decoder. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0800) Multiple denial of service flaws were found in Xpdf's JBIG2 decoder. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash. (CVE-2009-0799, CVE-2009-1181, CVE-2009-1183) Red Hat would like to thank Braden Thomas and Drew Yao of the Apple Product Security team, Will Dormann of the CERT/CC, and Alin Rad Pop of Secunia Research, for responsibly reporting the Xpdf flaws. All users of tetex are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 368591 - CVE-2007-5935 dvips -z buffer overflow with long href 490612 - CVE-2009-0146 xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195) 490614 - CVE-2009-0147 xpdf: Multiple integer overflows in JBIG2 decoder 490625 - CVE-2009-0166 xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder 491840 - CVE-2009-0791 xpdf: multiple integer overflows 495886 - CVE-2009-0799 PDF JBIG2 decoder OOB read 495887 - CVE-2009-0800 PDF JBIG2 multiple input validation flaws 495889 - CVE-2009-1179 PDF JBIG2 integer overflow 495892 - CVE-2009-1180 PDF JBIG2 invalid free() 495894 - CVE-2009-1181 PDF JBIG2 NULL dereference 495896 - CVE-2009-1182 PDF JBIG2 MMR decoder buffer overflows 495899 - CVE-2009-1183 PDF JBIG2 MMR infinite loop DoS 526893 - CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow 572914 - CVE-2010-0827 tetex, texlive: Buffer overflow flaw by processing virtual font files 572941 - CVE-2010-0739 tetex, texlive: Integer overflow by processing special commands 586819 - CVE-2010-1440 tetex, texlive: Integer overflow by processing special commands 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/tetex-2.0.2-22.0.1.EL4.16.src.rpm i386: tetex-2.0.2-22.0.1.EL4.16.i386.rpm tetex-afm-2.0.2-22.0.1.EL4.16.i386.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.i386.rpm tetex-doc-2.0.2-22.0.1.EL4.16.i386.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.i386.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.i386.rpm tetex-latex-2.0.2-22.0.1.EL4.16.i386.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.i386.rpm ia64: tetex-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-afm-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-doc-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-latex-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.ia64.rpm ppc: tetex-2.0.2-22.0.1.EL4.16.ppc.rpm tetex-afm-2.0.2-22.0.1.EL4.16.ppc.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.ppc.rpm tetex-doc-2.0.2-22.0.1.EL4.16.ppc.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.ppc.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.ppc.rpm tetex-latex-2.0.2-22.0.1.EL4.16.ppc.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.ppc.rpm s390: tetex-2.0.2-22.0.1.EL4.16.s390.rpm tetex-afm-2.0.2-22.0.1.EL4.16.s390.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.s390.rpm tetex-doc-2.0.2-22.0.1.EL4.16.s390.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.s390.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.s390.rpm tetex-latex-2.0.2-22.0.1.EL4.16.s390.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.s390.rpm s390x: tetex-2.0.2-22.0.1.EL4.16.s390x.rpm tetex-afm-2.0.2-22.0.1.EL4.16.s390x.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.s390x.rpm tetex-doc-2.0.2-22.0.1.EL4.16.s390x.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.s390x.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.s390x.rpm tetex-latex-2.0.2-22.0.1.EL4.16.s390x.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.s390x.rpm x86_64: tetex-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-afm-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-doc-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-latex-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/tetex-2.0.2-22.0.1.EL4.16.src.rpm i386: tetex-2.0.2-22.0.1.EL4.16.i386.rpm tetex-afm-2.0.2-22.0.1.EL4.16.i386.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.i386.rpm tetex-doc-2.0.2-22.0.1.EL4.16.i386.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.i386.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.i386.rpm tetex-latex-2.0.2-22.0.1.EL4.16.i386.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.i386.rpm x86_64: tetex-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-afm-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-doc-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-latex-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/tetex-2.0.2-22.0.1.EL4.16.src.rpm i386: tetex-2.0.2-22.0.1.EL4.16.i386.rpm tetex-afm-2.0.2-22.0.1.EL4.16.i386.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.i386.rpm tetex-doc-2.0.2-22.0.1.EL4.16.i386.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.i386.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.i386.rpm tetex-latex-2.0.2-22.0.1.EL4.16.i386.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.i386.rpm ia64: tetex-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-afm-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-doc-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-latex-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.ia64.rpm x86_64: tetex-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-afm-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-doc-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-latex-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/tetex-2.0.2-22.0.1.EL4.16.src.rpm i386: tetex-2.0.2-22.0.1.EL4.16.i386.rpm tetex-afm-2.0.2-22.0.1.EL4.16.i386.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.i386.rpm tetex-doc-2.0.2-22.0.1.EL4.16.i386.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.i386.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.i386.rpm tetex-latex-2.0.2-22.0.1.EL4.16.i386.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.i386.rpm ia64: tetex-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-afm-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-doc-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-latex-2.0.2-22.0.1.EL4.16.ia64.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.ia64.rpm x86_64: tetex-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-afm-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-debuginfo-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-doc-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-dvips-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-fonts-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-latex-2.0.2-22.0.1.EL4.16.x86_64.rpm tetex-xdvi-2.0.2-22.0.1.EL4.16.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2007-5935.html https://www.redhat.com/security/data/cve/CVE-2009-0146.html https://www.redhat.com/security/data/cve/CVE-2009-0147.html https://www.redhat.com/security/data/cve/CVE-2009-0166.html https://www.redhat.com/security/data/cve/CVE-2009-0195.html https://www.redhat.com/security/data/cve/CVE-2009-0791.html https://www.redhat.com/security/data/cve/CVE-2009-0799.html https://www.redhat.com/security/data/cve/CVE-2009-0800.html https://www.redhat.com/security/data/cve/CVE-2009-1179.html https://www.redhat.com/security/data/cve/CVE-2009-1180.html https://www.redhat.com/security/data/cve/CVE-2009-1181.html https://www.redhat.com/security/data/cve/CVE-2009-1182.html https://www.redhat.com/security/data/cve/CVE-2009-1183.html https://www.redhat.com/security/data/cve/CVE-2009-3609.html https://www.redhat.com/security/data/cve/CVE-2010-0739.html https://www.redhat.com/security/data/cve/CVE-2010-0827.html https://www.redhat.com/security/data/cve/CVE-2010-1440.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL4xbiXlSAg2UNWIIRAnecAJ9rIWNoEaIARWfHnDVw/t36IWY6jACeLdRO 9TbD1E0RfTeU78NwLpSOqf4= =KOfe -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 6 19:25:03 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 6 May 2010 15:25:03 -0400 Subject: [RHSA-2010:0400-01] Moderate: tetex security update Message-ID: <201005061925.o46JP3gN030648@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: tetex security update Advisory ID: RHSA-2010:0400-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0400.html Issue date: 2010-05-06 CVE Names: CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0195 CVE-2009-0791 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-3608 CVE-2009-3609 CVE-2010-0739 CVE-2010-0829 CVE-2010-1440 ===================================================================== 1. Summary: Updated tetex packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: teTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent (DVI) file as output. Multiple integer overflow flaws were found in the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash or, potentially, execute arbitrary code. (CVE-2010-0739, CVE-2010-1440) Multiple array index errors were found in the way teTeX converted DVI files into the Portable Network Graphics (PNG) format. An attacker could create a malicious DVI file that would cause the dvipng executable to crash. (CVE-2010-0829) teTeX embeds a copy of Xpdf, an open source Portable Document Format (PDF) file viewer, to allow adding images in PDF format to the generated PDF documents. The following issues affect Xpdf code: Multiple integer overflow flaws were found in Xpdf's JBIG2 decoder. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0147, CVE-2009-1179) Multiple integer overflow flaws were found in Xpdf. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0791, CVE-2009-3608, CVE-2009-3609) A heap-based buffer overflow flaw was found in Xpdf's JBIG2 decoder. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0195) Multiple buffer overflow flaws were found in Xpdf's JBIG2 decoder. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0146, CVE-2009-1182) Multiple flaws were found in Xpdf's JBIG2 decoder that could lead to the freeing of arbitrary memory. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0166, CVE-2009-1180) Multiple input validation flaws were found in Xpdf's JBIG2 decoder. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0800) Multiple denial of service flaws were found in Xpdf's JBIG2 decoder. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash. (CVE-2009-0799, CVE-2009-1181, CVE-2009-1183) Red Hat would like to thank Braden Thomas and Drew Yao of the Apple Product Security team, Will Dormann of the CERT/CC, Alin Rad Pop of Secunia Research, and Chris Rohlf, for responsibly reporting the Xpdf flaws. All users of tetex are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 490612 - CVE-2009-0146 xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195) 490614 - CVE-2009-0147 xpdf: Multiple integer overflows in JBIG2 decoder 490625 - CVE-2009-0166 xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder 491840 - CVE-2009-0791 xpdf: multiple integer overflows 495886 - CVE-2009-0799 PDF JBIG2 decoder OOB read 495887 - CVE-2009-0800 PDF JBIG2 multiple input validation flaws 495889 - CVE-2009-1179 PDF JBIG2 integer overflow 495892 - CVE-2009-1180 PDF JBIG2 invalid free() 495894 - CVE-2009-1181 PDF JBIG2 NULL dereference 495896 - CVE-2009-1182 PDF JBIG2 MMR decoder buffer overflows 495899 - CVE-2009-1183 PDF JBIG2 MMR infinite loop DoS 526637 - CVE-2009-3608 xpdf/poppler: integer overflow in ObjectStream::ObjectStream (oCERT-2009-016) 526893 - CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow 572941 - CVE-2010-0739 tetex, texlive: Integer overflow by processing special commands 573999 - CVE-2010-0829 tetex, dvipng: Multiple array index errors during DVI-to-PNG translation 586819 - CVE-2010-1440 tetex, texlive: Integer overflow by processing special commands 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/tetex-3.0-33.8.el5_5.5.src.rpm i386: tetex-3.0-33.8.el5_5.5.i386.rpm tetex-afm-3.0-33.8.el5_5.5.i386.rpm tetex-debuginfo-3.0-33.8.el5_5.5.i386.rpm tetex-doc-3.0-33.8.el5_5.5.i386.rpm tetex-dvips-3.0-33.8.el5_5.5.i386.rpm tetex-fonts-3.0-33.8.el5_5.5.i386.rpm tetex-latex-3.0-33.8.el5_5.5.i386.rpm tetex-xdvi-3.0-33.8.el5_5.5.i386.rpm x86_64: tetex-3.0-33.8.el5_5.5.x86_64.rpm tetex-afm-3.0-33.8.el5_5.5.x86_64.rpm tetex-debuginfo-3.0-33.8.el5_5.5.x86_64.rpm tetex-doc-3.0-33.8.el5_5.5.x86_64.rpm tetex-dvips-3.0-33.8.el5_5.5.x86_64.rpm tetex-fonts-3.0-33.8.el5_5.5.x86_64.rpm tetex-latex-3.0-33.8.el5_5.5.x86_64.rpm tetex-xdvi-3.0-33.8.el5_5.5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/tetex-3.0-33.8.el5_5.5.src.rpm i386: tetex-3.0-33.8.el5_5.5.i386.rpm tetex-afm-3.0-33.8.el5_5.5.i386.rpm tetex-debuginfo-3.0-33.8.el5_5.5.i386.rpm tetex-doc-3.0-33.8.el5_5.5.i386.rpm tetex-dvips-3.0-33.8.el5_5.5.i386.rpm tetex-fonts-3.0-33.8.el5_5.5.i386.rpm tetex-latex-3.0-33.8.el5_5.5.i386.rpm tetex-xdvi-3.0-33.8.el5_5.5.i386.rpm ia64: tetex-3.0-33.8.el5_5.5.ia64.rpm tetex-afm-3.0-33.8.el5_5.5.ia64.rpm tetex-debuginfo-3.0-33.8.el5_5.5.ia64.rpm tetex-doc-3.0-33.8.el5_5.5.ia64.rpm tetex-dvips-3.0-33.8.el5_5.5.ia64.rpm tetex-fonts-3.0-33.8.el5_5.5.ia64.rpm tetex-latex-3.0-33.8.el5_5.5.ia64.rpm tetex-xdvi-3.0-33.8.el5_5.5.ia64.rpm ppc: tetex-3.0-33.8.el5_5.5.ppc.rpm tetex-afm-3.0-33.8.el5_5.5.ppc.rpm tetex-debuginfo-3.0-33.8.el5_5.5.ppc.rpm tetex-doc-3.0-33.8.el5_5.5.ppc.rpm tetex-dvips-3.0-33.8.el5_5.5.ppc.rpm tetex-fonts-3.0-33.8.el5_5.5.ppc.rpm tetex-latex-3.0-33.8.el5_5.5.ppc.rpm tetex-xdvi-3.0-33.8.el5_5.5.ppc.rpm s390x: tetex-3.0-33.8.el5_5.5.s390x.rpm tetex-afm-3.0-33.8.el5_5.5.s390x.rpm tetex-debuginfo-3.0-33.8.el5_5.5.s390x.rpm tetex-doc-3.0-33.8.el5_5.5.s390x.rpm tetex-dvips-3.0-33.8.el5_5.5.s390x.rpm tetex-fonts-3.0-33.8.el5_5.5.s390x.rpm tetex-latex-3.0-33.8.el5_5.5.s390x.rpm tetex-xdvi-3.0-33.8.el5_5.5.s390x.rpm x86_64: tetex-3.0-33.8.el5_5.5.x86_64.rpm tetex-afm-3.0-33.8.el5_5.5.x86_64.rpm tetex-debuginfo-3.0-33.8.el5_5.5.x86_64.rpm tetex-doc-3.0-33.8.el5_5.5.x86_64.rpm tetex-dvips-3.0-33.8.el5_5.5.x86_64.rpm tetex-fonts-3.0-33.8.el5_5.5.x86_64.rpm tetex-latex-3.0-33.8.el5_5.5.x86_64.rpm tetex-xdvi-3.0-33.8.el5_5.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-0146.html https://www.redhat.com/security/data/cve/CVE-2009-0147.html https://www.redhat.com/security/data/cve/CVE-2009-0166.html https://www.redhat.com/security/data/cve/CVE-2009-0195.html https://www.redhat.com/security/data/cve/CVE-2009-0791.html https://www.redhat.com/security/data/cve/CVE-2009-0799.html https://www.redhat.com/security/data/cve/CVE-2009-0800.html https://www.redhat.com/security/data/cve/CVE-2009-1179.html https://www.redhat.com/security/data/cve/CVE-2009-1180.html https://www.redhat.com/security/data/cve/CVE-2009-1181.html https://www.redhat.com/security/data/cve/CVE-2009-1182.html https://www.redhat.com/security/data/cve/CVE-2009-1183.html https://www.redhat.com/security/data/cve/CVE-2009-3608.html https://www.redhat.com/security/data/cve/CVE-2009-3609.html https://www.redhat.com/security/data/cve/CVE-2010-0739.html https://www.redhat.com/security/data/cve/CVE-2010-0829.html https://www.redhat.com/security/data/cve/CVE-2010-1440.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL4xcAXlSAg2UNWIIRArpMAKCWHT8ws6Hsmovk7jFwBdaltX0T9gCeJ8TB C0tr7TrImttZu0Al9fjlmoo= =Bb7o -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 6 19:25:39 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 6 May 2010 15:25:39 -0400 Subject: [RHSA-2010:0401-01] Moderate: tetex security update Message-ID: <201005061925.o46JPdW7025589@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: tetex security update Advisory ID: RHSA-2010:0401-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0401.html Issue date: 2010-05-06 CVE Names: CVE-2007-5935 CVE-2009-0791 CVE-2009-3609 CVE-2010-0739 CVE-2010-0827 CVE-2010-1440 ===================================================================== 1. Summary: Updated tetex packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: teTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent (DVI) file as output. A buffer overflow flaw was found in the way teTeX processed virtual font files when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash or, potentially, execute arbitrary code. (CVE-2010-0827) Multiple integer overflow flaws were found in the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash or, potentially, execute arbitrary code. (CVE-2010-0739, CVE-2010-1440) A stack-based buffer overflow flaw was found in the way teTeX processed DVI files containing HyperTeX references with long titles, when converting them into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash. (CVE-2007-5935) teTeX embeds a copy of Xpdf, an open source Portable Document Format (PDF) file viewer, to allow adding images in PDF format to the generated PDF documents. The following issues affect Xpdf code: Multiple integer overflow flaws were found in Xpdf. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0791, CVE-2009-3609) All users of tetex are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 368591 - CVE-2007-5935 dvips -z buffer overflow with long href 491840 - CVE-2009-0791 xpdf: multiple integer overflows 526893 - CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow 572914 - CVE-2010-0827 tetex, texlive: Buffer overflow flaw by processing virtual font files 572941 - CVE-2010-0739 tetex, texlive: Integer overflow by processing special commands 586819 - CVE-2010-1440 tetex, texlive: Integer overflow by processing special commands 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/tetex-1.0.7-67.19.src.rpm i386: tetex-1.0.7-67.19.i386.rpm tetex-afm-1.0.7-67.19.i386.rpm tetex-debuginfo-1.0.7-67.19.i386.rpm tetex-dvips-1.0.7-67.19.i386.rpm tetex-fonts-1.0.7-67.19.i386.rpm tetex-latex-1.0.7-67.19.i386.rpm tetex-xdvi-1.0.7-67.19.i386.rpm ia64: tetex-1.0.7-67.19.ia64.rpm tetex-afm-1.0.7-67.19.ia64.rpm tetex-debuginfo-1.0.7-67.19.ia64.rpm tetex-dvips-1.0.7-67.19.ia64.rpm tetex-fonts-1.0.7-67.19.ia64.rpm tetex-latex-1.0.7-67.19.ia64.rpm tetex-xdvi-1.0.7-67.19.ia64.rpm ppc: tetex-1.0.7-67.19.ppc.rpm tetex-afm-1.0.7-67.19.ppc.rpm tetex-debuginfo-1.0.7-67.19.ppc.rpm tetex-dvips-1.0.7-67.19.ppc.rpm tetex-fonts-1.0.7-67.19.ppc.rpm tetex-latex-1.0.7-67.19.ppc.rpm tetex-xdvi-1.0.7-67.19.ppc.rpm s390: tetex-1.0.7-67.19.s390.rpm tetex-afm-1.0.7-67.19.s390.rpm tetex-debuginfo-1.0.7-67.19.s390.rpm tetex-dvips-1.0.7-67.19.s390.rpm tetex-fonts-1.0.7-67.19.s390.rpm tetex-latex-1.0.7-67.19.s390.rpm tetex-xdvi-1.0.7-67.19.s390.rpm s390x: tetex-1.0.7-67.19.s390x.rpm tetex-afm-1.0.7-67.19.s390x.rpm tetex-debuginfo-1.0.7-67.19.s390x.rpm tetex-dvips-1.0.7-67.19.s390x.rpm tetex-fonts-1.0.7-67.19.s390x.rpm tetex-latex-1.0.7-67.19.s390x.rpm tetex-xdvi-1.0.7-67.19.s390x.rpm x86_64: tetex-1.0.7-67.19.x86_64.rpm tetex-afm-1.0.7-67.19.x86_64.rpm tetex-debuginfo-1.0.7-67.19.x86_64.rpm tetex-dvips-1.0.7-67.19.x86_64.rpm tetex-fonts-1.0.7-67.19.x86_64.rpm tetex-latex-1.0.7-67.19.x86_64.rpm tetex-xdvi-1.0.7-67.19.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/tetex-1.0.7-67.19.src.rpm i386: tetex-1.0.7-67.19.i386.rpm tetex-afm-1.0.7-67.19.i386.rpm tetex-debuginfo-1.0.7-67.19.i386.rpm tetex-dvips-1.0.7-67.19.i386.rpm tetex-fonts-1.0.7-67.19.i386.rpm tetex-latex-1.0.7-67.19.i386.rpm tetex-xdvi-1.0.7-67.19.i386.rpm x86_64: tetex-1.0.7-67.19.x86_64.rpm tetex-afm-1.0.7-67.19.x86_64.rpm tetex-debuginfo-1.0.7-67.19.x86_64.rpm tetex-dvips-1.0.7-67.19.x86_64.rpm tetex-fonts-1.0.7-67.19.x86_64.rpm tetex-latex-1.0.7-67.19.x86_64.rpm tetex-xdvi-1.0.7-67.19.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/tetex-1.0.7-67.19.src.rpm i386: tetex-1.0.7-67.19.i386.rpm tetex-afm-1.0.7-67.19.i386.rpm tetex-debuginfo-1.0.7-67.19.i386.rpm tetex-dvips-1.0.7-67.19.i386.rpm tetex-fonts-1.0.7-67.19.i386.rpm tetex-latex-1.0.7-67.19.i386.rpm tetex-xdvi-1.0.7-67.19.i386.rpm ia64: tetex-1.0.7-67.19.ia64.rpm tetex-afm-1.0.7-67.19.ia64.rpm tetex-debuginfo-1.0.7-67.19.ia64.rpm tetex-dvips-1.0.7-67.19.ia64.rpm tetex-fonts-1.0.7-67.19.ia64.rpm tetex-latex-1.0.7-67.19.ia64.rpm tetex-xdvi-1.0.7-67.19.ia64.rpm x86_64: tetex-1.0.7-67.19.x86_64.rpm tetex-afm-1.0.7-67.19.x86_64.rpm tetex-debuginfo-1.0.7-67.19.x86_64.rpm tetex-dvips-1.0.7-67.19.x86_64.rpm tetex-fonts-1.0.7-67.19.x86_64.rpm tetex-latex-1.0.7-67.19.x86_64.rpm tetex-xdvi-1.0.7-67.19.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/tetex-1.0.7-67.19.src.rpm i386: tetex-1.0.7-67.19.i386.rpm tetex-afm-1.0.7-67.19.i386.rpm tetex-debuginfo-1.0.7-67.19.i386.rpm tetex-dvips-1.0.7-67.19.i386.rpm tetex-fonts-1.0.7-67.19.i386.rpm tetex-latex-1.0.7-67.19.i386.rpm tetex-xdvi-1.0.7-67.19.i386.rpm ia64: tetex-1.0.7-67.19.ia64.rpm tetex-afm-1.0.7-67.19.ia64.rpm tetex-debuginfo-1.0.7-67.19.ia64.rpm tetex-dvips-1.0.7-67.19.ia64.rpm tetex-fonts-1.0.7-67.19.ia64.rpm tetex-latex-1.0.7-67.19.ia64.rpm tetex-xdvi-1.0.7-67.19.ia64.rpm x86_64: tetex-1.0.7-67.19.x86_64.rpm tetex-afm-1.0.7-67.19.x86_64.rpm tetex-debuginfo-1.0.7-67.19.x86_64.rpm tetex-dvips-1.0.7-67.19.x86_64.rpm tetex-fonts-1.0.7-67.19.x86_64.rpm tetex-latex-1.0.7-67.19.x86_64.rpm tetex-xdvi-1.0.7-67.19.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2007-5935.html https://www.redhat.com/security/data/cve/CVE-2009-0791.html https://www.redhat.com/security/data/cve/CVE-2009-3609.html https://www.redhat.com/security/data/cve/CVE-2010-0739.html https://www.redhat.com/security/data/cve/CVE-2010-0827.html https://www.redhat.com/security/data/cve/CVE-2010-1440.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL4xekXlSAg2UNWIIRAoOLAKCarFY04Vu2ulQuDYmRbcDHaCxbbwCeMBfq am/qdTPIlF5MslvCLmCr2Ls= =B2O9 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 18 20:58:57 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 May 2010 14:58:57 -0600 Subject: [RHSA-2010:0423-01] Important: krb5 security update Message-ID: <201005182058.o4IKwvbi026976@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: krb5 security update Advisory ID: RHSA-2010:0423-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0423.html Issue date: 2010-05-18 CVE Names: CVE-2010-1321 ===================================================================== 1. Summary: Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third party, the Key Distribution Center (KDC). A NULL pointer dereference flaw was discovered in the MIT Kerberos Generic Security Service Application Program Interface (GSS-API) library. A remote, authenticated attacker could use this flaw to crash any server application using the GSS-API authentication mechanism, by sending a specially-crafted GSS-API token with a missing checksum field. (CVE-2010-1321) Red Hat would like to thank the MIT Kerberos Team for responsibly reporting this issue. Upstream acknowledges Shawn Emery of Oracle as the original reporter. All krb5 users should upgrade to these updated packages, which contain a backported patch to correct this issue. All running services using the MIT Kerberos libraries must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 582466 - CVE-2010-1321 krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005) 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/krb5-1.2.7-72.src.rpm i386: krb5-debuginfo-1.2.7-72.i386.rpm krb5-devel-1.2.7-72.i386.rpm krb5-libs-1.2.7-72.i386.rpm krb5-server-1.2.7-72.i386.rpm krb5-workstation-1.2.7-72.i386.rpm ia64: krb5-debuginfo-1.2.7-72.i386.rpm krb5-debuginfo-1.2.7-72.ia64.rpm krb5-devel-1.2.7-72.ia64.rpm krb5-libs-1.2.7-72.i386.rpm krb5-libs-1.2.7-72.ia64.rpm krb5-server-1.2.7-72.ia64.rpm krb5-workstation-1.2.7-72.ia64.rpm ppc: krb5-debuginfo-1.2.7-72.ppc.rpm krb5-debuginfo-1.2.7-72.ppc64.rpm krb5-devel-1.2.7-72.ppc.rpm krb5-libs-1.2.7-72.ppc.rpm krb5-libs-1.2.7-72.ppc64.rpm krb5-server-1.2.7-72.ppc.rpm krb5-workstation-1.2.7-72.ppc.rpm s390: krb5-debuginfo-1.2.7-72.s390.rpm krb5-devel-1.2.7-72.s390.rpm krb5-libs-1.2.7-72.s390.rpm krb5-server-1.2.7-72.s390.rpm krb5-workstation-1.2.7-72.s390.rpm s390x: krb5-debuginfo-1.2.7-72.s390.rpm krb5-debuginfo-1.2.7-72.s390x.rpm krb5-devel-1.2.7-72.s390x.rpm krb5-libs-1.2.7-72.s390.rpm krb5-libs-1.2.7-72.s390x.rpm krb5-server-1.2.7-72.s390x.rpm krb5-workstation-1.2.7-72.s390x.rpm x86_64: krb5-debuginfo-1.2.7-72.i386.rpm krb5-debuginfo-1.2.7-72.x86_64.rpm krb5-devel-1.2.7-72.x86_64.rpm krb5-libs-1.2.7-72.i386.rpm krb5-libs-1.2.7-72.x86_64.rpm krb5-server-1.2.7-72.x86_64.rpm krb5-workstation-1.2.7-72.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/krb5-1.2.7-72.src.rpm i386: krb5-debuginfo-1.2.7-72.i386.rpm krb5-devel-1.2.7-72.i386.rpm krb5-libs-1.2.7-72.i386.rpm krb5-server-1.2.7-72.i386.rpm krb5-workstation-1.2.7-72.i386.rpm x86_64: krb5-debuginfo-1.2.7-72.i386.rpm krb5-debuginfo-1.2.7-72.x86_64.rpm krb5-devel-1.2.7-72.x86_64.rpm krb5-libs-1.2.7-72.i386.rpm krb5-libs-1.2.7-72.x86_64.rpm krb5-server-1.2.7-72.x86_64.rpm krb5-workstation-1.2.7-72.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/krb5-1.2.7-72.src.rpm i386: krb5-debuginfo-1.2.7-72.i386.rpm krb5-devel-1.2.7-72.i386.rpm krb5-libs-1.2.7-72.i386.rpm krb5-server-1.2.7-72.i386.rpm krb5-workstation-1.2.7-72.i386.rpm ia64: krb5-debuginfo-1.2.7-72.i386.rpm krb5-debuginfo-1.2.7-72.ia64.rpm krb5-devel-1.2.7-72.ia64.rpm krb5-libs-1.2.7-72.i386.rpm krb5-libs-1.2.7-72.ia64.rpm krb5-server-1.2.7-72.ia64.rpm krb5-workstation-1.2.7-72.ia64.rpm x86_64: krb5-debuginfo-1.2.7-72.i386.rpm krb5-debuginfo-1.2.7-72.x86_64.rpm krb5-devel-1.2.7-72.x86_64.rpm krb5-libs-1.2.7-72.i386.rpm krb5-libs-1.2.7-72.x86_64.rpm krb5-server-1.2.7-72.x86_64.rpm krb5-workstation-1.2.7-72.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/krb5-1.2.7-72.src.rpm i386: krb5-debuginfo-1.2.7-72.i386.rpm krb5-devel-1.2.7-72.i386.rpm krb5-libs-1.2.7-72.i386.rpm krb5-server-1.2.7-72.i386.rpm krb5-workstation-1.2.7-72.i386.rpm ia64: krb5-debuginfo-1.2.7-72.i386.rpm krb5-debuginfo-1.2.7-72.ia64.rpm krb5-devel-1.2.7-72.ia64.rpm krb5-libs-1.2.7-72.i386.rpm krb5-libs-1.2.7-72.ia64.rpm krb5-server-1.2.7-72.ia64.rpm krb5-workstation-1.2.7-72.ia64.rpm x86_64: krb5-debuginfo-1.2.7-72.i386.rpm krb5-debuginfo-1.2.7-72.x86_64.rpm krb5-devel-1.2.7-72.x86_64.rpm krb5-libs-1.2.7-72.i386.rpm krb5-libs-1.2.7-72.x86_64.rpm krb5-server-1.2.7-72.x86_64.rpm krb5-workstation-1.2.7-72.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/krb5-1.3.4-62.el4_8.2.src.rpm i386: krb5-debuginfo-1.3.4-62.el4_8.2.i386.rpm krb5-devel-1.3.4-62.el4_8.2.i386.rpm krb5-libs-1.3.4-62.el4_8.2.i386.rpm krb5-server-1.3.4-62.el4_8.2.i386.rpm krb5-workstation-1.3.4-62.el4_8.2.i386.rpm ia64: krb5-debuginfo-1.3.4-62.el4_8.2.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.2.ia64.rpm krb5-devel-1.3.4-62.el4_8.2.ia64.rpm krb5-libs-1.3.4-62.el4_8.2.i386.rpm krb5-libs-1.3.4-62.el4_8.2.ia64.rpm krb5-server-1.3.4-62.el4_8.2.ia64.rpm krb5-workstation-1.3.4-62.el4_8.2.ia64.rpm ppc: krb5-debuginfo-1.3.4-62.el4_8.2.ppc.rpm krb5-debuginfo-1.3.4-62.el4_8.2.ppc64.rpm krb5-devel-1.3.4-62.el4_8.2.ppc.rpm krb5-libs-1.3.4-62.el4_8.2.ppc.rpm krb5-libs-1.3.4-62.el4_8.2.ppc64.rpm krb5-server-1.3.4-62.el4_8.2.ppc.rpm krb5-workstation-1.3.4-62.el4_8.2.ppc.rpm s390: krb5-debuginfo-1.3.4-62.el4_8.2.s390.rpm krb5-devel-1.3.4-62.el4_8.2.s390.rpm krb5-libs-1.3.4-62.el4_8.2.s390.rpm krb5-server-1.3.4-62.el4_8.2.s390.rpm krb5-workstation-1.3.4-62.el4_8.2.s390.rpm s390x: krb5-debuginfo-1.3.4-62.el4_8.2.s390.rpm krb5-debuginfo-1.3.4-62.el4_8.2.s390x.rpm krb5-devel-1.3.4-62.el4_8.2.s390x.rpm krb5-libs-1.3.4-62.el4_8.2.s390.rpm krb5-libs-1.3.4-62.el4_8.2.s390x.rpm krb5-server-1.3.4-62.el4_8.2.s390x.rpm krb5-workstation-1.3.4-62.el4_8.2.s390x.rpm x86_64: krb5-debuginfo-1.3.4-62.el4_8.2.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.2.x86_64.rpm krb5-devel-1.3.4-62.el4_8.2.x86_64.rpm krb5-libs-1.3.4-62.el4_8.2.i386.rpm krb5-libs-1.3.4-62.el4_8.2.x86_64.rpm krb5-server-1.3.4-62.el4_8.2.x86_64.rpm krb5-workstation-1.3.4-62.el4_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/krb5-1.3.4-62.el4_8.2.src.rpm i386: krb5-debuginfo-1.3.4-62.el4_8.2.i386.rpm krb5-devel-1.3.4-62.el4_8.2.i386.rpm krb5-libs-1.3.4-62.el4_8.2.i386.rpm krb5-server-1.3.4-62.el4_8.2.i386.rpm krb5-workstation-1.3.4-62.el4_8.2.i386.rpm x86_64: krb5-debuginfo-1.3.4-62.el4_8.2.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.2.x86_64.rpm krb5-devel-1.3.4-62.el4_8.2.x86_64.rpm krb5-libs-1.3.4-62.el4_8.2.i386.rpm krb5-libs-1.3.4-62.el4_8.2.x86_64.rpm krb5-server-1.3.4-62.el4_8.2.x86_64.rpm krb5-workstation-1.3.4-62.el4_8.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/krb5-1.3.4-62.el4_8.2.src.rpm i386: krb5-debuginfo-1.3.4-62.el4_8.2.i386.rpm krb5-devel-1.3.4-62.el4_8.2.i386.rpm krb5-libs-1.3.4-62.el4_8.2.i386.rpm krb5-server-1.3.4-62.el4_8.2.i386.rpm krb5-workstation-1.3.4-62.el4_8.2.i386.rpm ia64: krb5-debuginfo-1.3.4-62.el4_8.2.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.2.ia64.rpm krb5-devel-1.3.4-62.el4_8.2.ia64.rpm krb5-libs-1.3.4-62.el4_8.2.i386.rpm krb5-libs-1.3.4-62.el4_8.2.ia64.rpm krb5-server-1.3.4-62.el4_8.2.ia64.rpm krb5-workstation-1.3.4-62.el4_8.2.ia64.rpm x86_64: krb5-debuginfo-1.3.4-62.el4_8.2.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.2.x86_64.rpm krb5-devel-1.3.4-62.el4_8.2.x86_64.rpm krb5-libs-1.3.4-62.el4_8.2.i386.rpm krb5-libs-1.3.4-62.el4_8.2.x86_64.rpm krb5-server-1.3.4-62.el4_8.2.x86_64.rpm krb5-workstation-1.3.4-62.el4_8.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/krb5-1.3.4-62.el4_8.2.src.rpm i386: krb5-debuginfo-1.3.4-62.el4_8.2.i386.rpm krb5-devel-1.3.4-62.el4_8.2.i386.rpm krb5-libs-1.3.4-62.el4_8.2.i386.rpm krb5-server-1.3.4-62.el4_8.2.i386.rpm krb5-workstation-1.3.4-62.el4_8.2.i386.rpm ia64: krb5-debuginfo-1.3.4-62.el4_8.2.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.2.ia64.rpm krb5-devel-1.3.4-62.el4_8.2.ia64.rpm krb5-libs-1.3.4-62.el4_8.2.i386.rpm krb5-libs-1.3.4-62.el4_8.2.ia64.rpm krb5-server-1.3.4-62.el4_8.2.ia64.rpm krb5-workstation-1.3.4-62.el4_8.2.ia64.rpm x86_64: krb5-debuginfo-1.3.4-62.el4_8.2.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.2.x86_64.rpm krb5-devel-1.3.4-62.el4_8.2.x86_64.rpm krb5-libs-1.3.4-62.el4_8.2.i386.rpm krb5-libs-1.3.4-62.el4_8.2.x86_64.rpm krb5-server-1.3.4-62.el4_8.2.x86_64.rpm krb5-workstation-1.3.4-62.el4_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/krb5-1.6.1-36.el5_5.4.src.rpm i386: krb5-debuginfo-1.6.1-36.el5_5.4.i386.rpm krb5-devel-1.6.1-36.el5_5.4.i386.rpm krb5-libs-1.6.1-36.el5_5.4.i386.rpm krb5-server-1.6.1-36.el5_5.4.i386.rpm krb5-workstation-1.6.1-36.el5_5.4.i386.rpm x86_64: krb5-debuginfo-1.6.1-36.el5_5.4.i386.rpm krb5-debuginfo-1.6.1-36.el5_5.4.x86_64.rpm krb5-libs-1.6.1-36.el5_5.4.i386.rpm krb5-libs-1.6.1-36.el5_5.4.x86_64.rpm krb5-workstation-1.6.1-36.el5_5.4.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/krb5-1.6.1-36.el5_5.4.src.rpm i386: krb5-debuginfo-1.6.1-36.el5_5.4.i386.rpm krb5-devel-1.6.1-36.el5_5.4.i386.rpm krb5-server-1.6.1-36.el5_5.4.i386.rpm x86_64: krb5-debuginfo-1.6.1-36.el5_5.4.i386.rpm krb5-debuginfo-1.6.1-36.el5_5.4.x86_64.rpm krb5-devel-1.6.1-36.el5_5.4.i386.rpm krb5-devel-1.6.1-36.el5_5.4.x86_64.rpm krb5-server-1.6.1-36.el5_5.4.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/krb5-1.6.1-36.el5_5.4.src.rpm i386: krb5-debuginfo-1.6.1-36.el5_5.4.i386.rpm krb5-devel-1.6.1-36.el5_5.4.i386.rpm krb5-libs-1.6.1-36.el5_5.4.i386.rpm krb5-server-1.6.1-36.el5_5.4.i386.rpm krb5-workstation-1.6.1-36.el5_5.4.i386.rpm ia64: krb5-debuginfo-1.6.1-36.el5_5.4.i386.rpm krb5-debuginfo-1.6.1-36.el5_5.4.ia64.rpm krb5-devel-1.6.1-36.el5_5.4.ia64.rpm krb5-libs-1.6.1-36.el5_5.4.i386.rpm krb5-libs-1.6.1-36.el5_5.4.ia64.rpm krb5-server-1.6.1-36.el5_5.4.ia64.rpm krb5-workstation-1.6.1-36.el5_5.4.ia64.rpm ppc: krb5-debuginfo-1.6.1-36.el5_5.4.ppc.rpm krb5-debuginfo-1.6.1-36.el5_5.4.ppc64.rpm krb5-devel-1.6.1-36.el5_5.4.ppc.rpm krb5-devel-1.6.1-36.el5_5.4.ppc64.rpm krb5-libs-1.6.1-36.el5_5.4.ppc.rpm krb5-libs-1.6.1-36.el5_5.4.ppc64.rpm krb5-server-1.6.1-36.el5_5.4.ppc.rpm krb5-workstation-1.6.1-36.el5_5.4.ppc.rpm s390x: krb5-debuginfo-1.6.1-36.el5_5.4.s390.rpm krb5-debuginfo-1.6.1-36.el5_5.4.s390x.rpm krb5-devel-1.6.1-36.el5_5.4.s390.rpm krb5-devel-1.6.1-36.el5_5.4.s390x.rpm krb5-libs-1.6.1-36.el5_5.4.s390.rpm krb5-libs-1.6.1-36.el5_5.4.s390x.rpm krb5-server-1.6.1-36.el5_5.4.s390x.rpm krb5-workstation-1.6.1-36.el5_5.4.s390x.rpm x86_64: krb5-debuginfo-1.6.1-36.el5_5.4.i386.rpm krb5-debuginfo-1.6.1-36.el5_5.4.x86_64.rpm krb5-devel-1.6.1-36.el5_5.4.i386.rpm krb5-devel-1.6.1-36.el5_5.4.x86_64.rpm krb5-libs-1.6.1-36.el5_5.4.i386.rpm krb5-libs-1.6.1-36.el5_5.4.x86_64.rpm krb5-server-1.6.1-36.el5_5.4.x86_64.rpm krb5-workstation-1.6.1-36.el5_5.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-1321.html http://www.redhat.com/security/updates/classification/#important http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2010-005.txt 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL8v9lXlSAg2UNWIIRAkrXAKCubVu/CvvAT1/Q4+D4/cMLCQO2nwCeI252 WgWq+4Q39ABg/s4lS80OxsA= =5FZX -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 19 00:10:29 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 May 2010 20:10:29 -0400 Subject: [RHSA-2010:0424-01] Important: kernel security and enhancement update Message-ID: <201005190010.o4J0AUCl029669@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and enhancement update Advisory ID: RHSA-2010:0424-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0424.html Issue date: 2010-05-18 CVE Names: CVE-2010-1188 ===================================================================== 1. Summary: Updated kernel packages that fix one security issue and add one enhancement are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4.7.z - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 4.7.z - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * a use-after-free flaw was found in the tcp_rcv_state_process() function in the Linux kernel TCP/IP protocol suite implementation. If a system using IPv6 had the IPV6_RECVPKTINFO option set on a listening socket, a remote attacker could send an IPv6 packet to that system, causing a kernel panic (denial of service). (CVE-2010-1188, Important) This update also adds the following enhancement: * kernel support for the iptables connlimit module. This module can be used to help mitigate some types of denial of service attacks. Note: This update alone does not address connlimit support. A future iptables package update will allow connlimit to work correctly. (BZ#563222) Users should upgrade to these updated packages, which contain backported patches to correct this issue and add this enhancement. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 563222 - [RFE ] Connlimit kernel module support [rhel-4.9] [rhel-4.7.z] 577711 - CVE-2010-1188 kernel: ipv6: skb is unexpectedly freed 6. Package List: Red Hat Enterprise Linux AS version 4.7.z: Source: kernel-2.6.9-78.0.31.EL.src.rpm i386: kernel-2.6.9-78.0.31.EL.i686.rpm kernel-debuginfo-2.6.9-78.0.31.EL.i686.rpm kernel-devel-2.6.9-78.0.31.EL.i686.rpm kernel-hugemem-2.6.9-78.0.31.EL.i686.rpm kernel-hugemem-devel-2.6.9-78.0.31.EL.i686.rpm kernel-smp-2.6.9-78.0.31.EL.i686.rpm kernel-smp-devel-2.6.9-78.0.31.EL.i686.rpm kernel-xenU-2.6.9-78.0.31.EL.i686.rpm kernel-xenU-devel-2.6.9-78.0.31.EL.i686.rpm ia64: kernel-2.6.9-78.0.31.EL.ia64.rpm kernel-debuginfo-2.6.9-78.0.31.EL.ia64.rpm kernel-devel-2.6.9-78.0.31.EL.ia64.rpm kernel-largesmp-2.6.9-78.0.31.EL.ia64.rpm kernel-largesmp-devel-2.6.9-78.0.31.EL.ia64.rpm noarch: kernel-doc-2.6.9-78.0.31.EL.noarch.rpm ppc: kernel-2.6.9-78.0.31.EL.ppc64.rpm kernel-2.6.9-78.0.31.EL.ppc64iseries.rpm kernel-debuginfo-2.6.9-78.0.31.EL.ppc64.rpm kernel-debuginfo-2.6.9-78.0.31.EL.ppc64iseries.rpm kernel-devel-2.6.9-78.0.31.EL.ppc64.rpm kernel-devel-2.6.9-78.0.31.EL.ppc64iseries.rpm kernel-largesmp-2.6.9-78.0.31.EL.ppc64.rpm kernel-largesmp-devel-2.6.9-78.0.31.EL.ppc64.rpm s390: kernel-2.6.9-78.0.31.EL.s390.rpm kernel-debuginfo-2.6.9-78.0.31.EL.s390.rpm kernel-devel-2.6.9-78.0.31.EL.s390.rpm s390x: kernel-2.6.9-78.0.31.EL.s390x.rpm kernel-debuginfo-2.6.9-78.0.31.EL.s390x.rpm kernel-devel-2.6.9-78.0.31.EL.s390x.rpm x86_64: kernel-2.6.9-78.0.31.EL.x86_64.rpm kernel-debuginfo-2.6.9-78.0.31.EL.x86_64.rpm kernel-devel-2.6.9-78.0.31.EL.x86_64.rpm kernel-largesmp-2.6.9-78.0.31.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-78.0.31.EL.x86_64.rpm kernel-smp-2.6.9-78.0.31.EL.x86_64.rpm kernel-smp-devel-2.6.9-78.0.31.EL.x86_64.rpm kernel-xenU-2.6.9-78.0.31.EL.x86_64.rpm kernel-xenU-devel-2.6.9-78.0.31.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4.7.z: Source: kernel-2.6.9-78.0.31.EL.src.rpm i386: kernel-2.6.9-78.0.31.EL.i686.rpm kernel-debuginfo-2.6.9-78.0.31.EL.i686.rpm kernel-devel-2.6.9-78.0.31.EL.i686.rpm kernel-hugemem-2.6.9-78.0.31.EL.i686.rpm kernel-hugemem-devel-2.6.9-78.0.31.EL.i686.rpm kernel-smp-2.6.9-78.0.31.EL.i686.rpm kernel-smp-devel-2.6.9-78.0.31.EL.i686.rpm kernel-xenU-2.6.9-78.0.31.EL.i686.rpm kernel-xenU-devel-2.6.9-78.0.31.EL.i686.rpm ia64: kernel-2.6.9-78.0.31.EL.ia64.rpm kernel-debuginfo-2.6.9-78.0.31.EL.ia64.rpm kernel-devel-2.6.9-78.0.31.EL.ia64.rpm kernel-largesmp-2.6.9-78.0.31.EL.ia64.rpm kernel-largesmp-devel-2.6.9-78.0.31.EL.ia64.rpm noarch: kernel-doc-2.6.9-78.0.31.EL.noarch.rpm x86_64: kernel-2.6.9-78.0.31.EL.x86_64.rpm kernel-debuginfo-2.6.9-78.0.31.EL.x86_64.rpm kernel-devel-2.6.9-78.0.31.EL.x86_64.rpm kernel-largesmp-2.6.9-78.0.31.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-78.0.31.EL.x86_64.rpm kernel-smp-2.6.9-78.0.31.EL.x86_64.rpm kernel-smp-devel-2.6.9-78.0.31.EL.x86_64.rpm kernel-xenU-2.6.9-78.0.31.EL.x86_64.rpm kernel-xenU-devel-2.6.9-78.0.31.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-1188.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL8yxBXlSAg2UNWIIRAuwFAJ0aFoLC2cagg5vALcmmpq74l0oXFACfZ46x NBOFPUaOdXTGLXW43GqM5sY= =d1Hv -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 19 17:02:30 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 19 May 2010 11:02:30 -0600 Subject: [RHSA-2010:0427-01] Moderate: postgresql security update Message-ID: <201005191702.o4JH2UIl026068@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: postgresql security update Advisory ID: RHSA-2010:0427-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0427.html Issue date: 2010-05-19 CVE Names: CVE-2009-4136 CVE-2010-0442 CVE-2010-0733 CVE-2010-1169 CVE-2010-1170 ===================================================================== 1. Summary: Updated postgresql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). PL/Perl and PL/Tcl allow users to write PostgreSQL functions in the Perl and Tcl languages, and are installed in trusted mode by default. In trusted mode, certain operations, such as operating system level access, are restricted. A flaw was found in the way PostgreSQL enforced permission checks on scripts written in PL/Perl. If the PL/Perl procedural language was registered on a particular database, an authenticated database user running a specially-crafted PL/Perl script could use this flaw to bypass intended PL/Perl trusted mode restrictions, allowing them to run arbitrary Perl scripts with the privileges of the database server. (CVE-2010-1169) Red Hat would like to thank Tim Bunce for responsibly reporting the CVE-2010-1169 flaw. A flaw was found in the way PostgreSQL enforced permission checks on scripts written in PL/Tcl. If the PL/Tcl procedural language was registered on a particular database, an authenticated database user running a specially-crafted PL/Tcl script could use this flaw to bypass intended PL/Tcl trusted mode restrictions, allowing them to run arbitrary Tcl scripts with the privileges of the database server. (CVE-2010-1170) A buffer overflow flaw was found in the way PostgreSQL retrieved a substring from the bit string for BIT() and BIT VARYING() SQL data types. An authenticated database user running a specially-crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-0442) An integer overflow flaw was found in the way PostgreSQL used to calculate the size of the hash table for joined relations. An authenticated database user could create a specially-crafted SQL query which could cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-0733) PostgreSQL improperly protected session-local state during the execution of an index function by a database superuser during the database maintenance operations. An authenticated database user could use this flaw to elevate their privileges via specially-crafted index functions. (CVE-2009-4136) All PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Running PostgreSQL instances must be restarted ("service rhdb restart") for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 546321 - CVE-2009-4136 postgresql: SQL privilege escalation via modifications to session-local state 546621 - CVE-2010-0733 postgresql: Integer overflow in hash table size calculation 559259 - CVE-2010-0442 postgresql: substring() negative length argument buffer overflow 582615 - CVE-2010-1169 PostgreSQL: PL/Perl Intended restriction bypass 583072 - CVE-2010-1170 PostgreSQL: PL/Tcl Intended restriction bypass 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/rh-postgresql-7.3.21-3.src.rpm i386: rh-postgresql-7.3.21-3.i386.rpm rh-postgresql-contrib-7.3.21-3.i386.rpm rh-postgresql-debuginfo-7.3.21-3.i386.rpm rh-postgresql-devel-7.3.21-3.i386.rpm rh-postgresql-docs-7.3.21-3.i386.rpm rh-postgresql-jdbc-7.3.21-3.i386.rpm rh-postgresql-libs-7.3.21-3.i386.rpm rh-postgresql-pl-7.3.21-3.i386.rpm rh-postgresql-python-7.3.21-3.i386.rpm rh-postgresql-server-7.3.21-3.i386.rpm rh-postgresql-tcl-7.3.21-3.i386.rpm rh-postgresql-test-7.3.21-3.i386.rpm ia64: rh-postgresql-7.3.21-3.ia64.rpm rh-postgresql-contrib-7.3.21-3.ia64.rpm rh-postgresql-debuginfo-7.3.21-3.i386.rpm rh-postgresql-debuginfo-7.3.21-3.ia64.rpm rh-postgresql-devel-7.3.21-3.ia64.rpm rh-postgresql-docs-7.3.21-3.ia64.rpm rh-postgresql-jdbc-7.3.21-3.ia64.rpm rh-postgresql-libs-7.3.21-3.i386.rpm rh-postgresql-libs-7.3.21-3.ia64.rpm rh-postgresql-pl-7.3.21-3.ia64.rpm rh-postgresql-python-7.3.21-3.ia64.rpm rh-postgresql-server-7.3.21-3.ia64.rpm rh-postgresql-tcl-7.3.21-3.ia64.rpm rh-postgresql-test-7.3.21-3.ia64.rpm ppc: rh-postgresql-7.3.21-3.ppc.rpm rh-postgresql-contrib-7.3.21-3.ppc.rpm rh-postgresql-debuginfo-7.3.21-3.ppc.rpm rh-postgresql-debuginfo-7.3.21-3.ppc64.rpm rh-postgresql-devel-7.3.21-3.ppc.rpm rh-postgresql-docs-7.3.21-3.ppc.rpm rh-postgresql-jdbc-7.3.21-3.ppc.rpm rh-postgresql-libs-7.3.21-3.ppc.rpm rh-postgresql-libs-7.3.21-3.ppc64.rpm rh-postgresql-pl-7.3.21-3.ppc.rpm rh-postgresql-python-7.3.21-3.ppc.rpm rh-postgresql-server-7.3.21-3.ppc.rpm rh-postgresql-tcl-7.3.21-3.ppc.rpm rh-postgresql-test-7.3.21-3.ppc.rpm s390: rh-postgresql-7.3.21-3.s390.rpm rh-postgresql-contrib-7.3.21-3.s390.rpm rh-postgresql-debuginfo-7.3.21-3.s390.rpm rh-postgresql-devel-7.3.21-3.s390.rpm rh-postgresql-docs-7.3.21-3.s390.rpm rh-postgresql-jdbc-7.3.21-3.s390.rpm rh-postgresql-libs-7.3.21-3.s390.rpm rh-postgresql-pl-7.3.21-3.s390.rpm rh-postgresql-python-7.3.21-3.s390.rpm rh-postgresql-server-7.3.21-3.s390.rpm rh-postgresql-tcl-7.3.21-3.s390.rpm rh-postgresql-test-7.3.21-3.s390.rpm s390x: rh-postgresql-7.3.21-3.s390x.rpm rh-postgresql-contrib-7.3.21-3.s390x.rpm rh-postgresql-debuginfo-7.3.21-3.s390.rpm rh-postgresql-debuginfo-7.3.21-3.s390x.rpm rh-postgresql-devel-7.3.21-3.s390x.rpm rh-postgresql-docs-7.3.21-3.s390x.rpm rh-postgresql-jdbc-7.3.21-3.s390x.rpm rh-postgresql-libs-7.3.21-3.s390.rpm rh-postgresql-libs-7.3.21-3.s390x.rpm rh-postgresql-pl-7.3.21-3.s390x.rpm rh-postgresql-python-7.3.21-3.s390x.rpm rh-postgresql-server-7.3.21-3.s390x.rpm rh-postgresql-tcl-7.3.21-3.s390x.rpm rh-postgresql-test-7.3.21-3.s390x.rpm x86_64: rh-postgresql-7.3.21-3.x86_64.rpm rh-postgresql-contrib-7.3.21-3.x86_64.rpm rh-postgresql-debuginfo-7.3.21-3.i386.rpm rh-postgresql-debuginfo-7.3.21-3.x86_64.rpm rh-postgresql-devel-7.3.21-3.x86_64.rpm rh-postgresql-docs-7.3.21-3.x86_64.rpm rh-postgresql-jdbc-7.3.21-3.x86_64.rpm rh-postgresql-libs-7.3.21-3.i386.rpm rh-postgresql-libs-7.3.21-3.x86_64.rpm rh-postgresql-pl-7.3.21-3.x86_64.rpm rh-postgresql-python-7.3.21-3.x86_64.rpm rh-postgresql-server-7.3.21-3.x86_64.rpm rh-postgresql-tcl-7.3.21-3.x86_64.rpm rh-postgresql-test-7.3.21-3.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/rh-postgresql-7.3.21-3.src.rpm i386: rh-postgresql-7.3.21-3.i386.rpm rh-postgresql-contrib-7.3.21-3.i386.rpm rh-postgresql-debuginfo-7.3.21-3.i386.rpm rh-postgresql-devel-7.3.21-3.i386.rpm rh-postgresql-docs-7.3.21-3.i386.rpm rh-postgresql-jdbc-7.3.21-3.i386.rpm rh-postgresql-libs-7.3.21-3.i386.rpm rh-postgresql-pl-7.3.21-3.i386.rpm rh-postgresql-python-7.3.21-3.i386.rpm rh-postgresql-server-7.3.21-3.i386.rpm rh-postgresql-tcl-7.3.21-3.i386.rpm rh-postgresql-test-7.3.21-3.i386.rpm x86_64: rh-postgresql-7.3.21-3.x86_64.rpm rh-postgresql-contrib-7.3.21-3.x86_64.rpm rh-postgresql-debuginfo-7.3.21-3.i386.rpm rh-postgresql-debuginfo-7.3.21-3.x86_64.rpm rh-postgresql-devel-7.3.21-3.x86_64.rpm rh-postgresql-docs-7.3.21-3.x86_64.rpm rh-postgresql-jdbc-7.3.21-3.x86_64.rpm rh-postgresql-libs-7.3.21-3.i386.rpm rh-postgresql-libs-7.3.21-3.x86_64.rpm rh-postgresql-pl-7.3.21-3.x86_64.rpm rh-postgresql-python-7.3.21-3.x86_64.rpm rh-postgresql-server-7.3.21-3.x86_64.rpm rh-postgresql-tcl-7.3.21-3.x86_64.rpm rh-postgresql-test-7.3.21-3.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/rh-postgresql-7.3.21-3.src.rpm i386: rh-postgresql-7.3.21-3.i386.rpm rh-postgresql-contrib-7.3.21-3.i386.rpm rh-postgresql-debuginfo-7.3.21-3.i386.rpm rh-postgresql-devel-7.3.21-3.i386.rpm rh-postgresql-docs-7.3.21-3.i386.rpm rh-postgresql-jdbc-7.3.21-3.i386.rpm rh-postgresql-libs-7.3.21-3.i386.rpm rh-postgresql-pl-7.3.21-3.i386.rpm rh-postgresql-python-7.3.21-3.i386.rpm rh-postgresql-server-7.3.21-3.i386.rpm rh-postgresql-tcl-7.3.21-3.i386.rpm rh-postgresql-test-7.3.21-3.i386.rpm ia64: rh-postgresql-7.3.21-3.ia64.rpm rh-postgresql-contrib-7.3.21-3.ia64.rpm rh-postgresql-debuginfo-7.3.21-3.i386.rpm rh-postgresql-debuginfo-7.3.21-3.ia64.rpm rh-postgresql-devel-7.3.21-3.ia64.rpm rh-postgresql-docs-7.3.21-3.ia64.rpm rh-postgresql-jdbc-7.3.21-3.ia64.rpm rh-postgresql-libs-7.3.21-3.i386.rpm rh-postgresql-libs-7.3.21-3.ia64.rpm rh-postgresql-pl-7.3.21-3.ia64.rpm rh-postgresql-python-7.3.21-3.ia64.rpm rh-postgresql-server-7.3.21-3.ia64.rpm rh-postgresql-tcl-7.3.21-3.ia64.rpm rh-postgresql-test-7.3.21-3.ia64.rpm x86_64: rh-postgresql-7.3.21-3.x86_64.rpm rh-postgresql-contrib-7.3.21-3.x86_64.rpm rh-postgresql-debuginfo-7.3.21-3.i386.rpm rh-postgresql-debuginfo-7.3.21-3.x86_64.rpm rh-postgresql-devel-7.3.21-3.x86_64.rpm rh-postgresql-docs-7.3.21-3.x86_64.rpm rh-postgresql-jdbc-7.3.21-3.x86_64.rpm rh-postgresql-libs-7.3.21-3.i386.rpm rh-postgresql-libs-7.3.21-3.x86_64.rpm rh-postgresql-pl-7.3.21-3.x86_64.rpm rh-postgresql-python-7.3.21-3.x86_64.rpm rh-postgresql-server-7.3.21-3.x86_64.rpm rh-postgresql-tcl-7.3.21-3.x86_64.rpm rh-postgresql-test-7.3.21-3.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/rh-postgresql-7.3.21-3.src.rpm i386: rh-postgresql-7.3.21-3.i386.rpm rh-postgresql-contrib-7.3.21-3.i386.rpm rh-postgresql-debuginfo-7.3.21-3.i386.rpm rh-postgresql-devel-7.3.21-3.i386.rpm rh-postgresql-docs-7.3.21-3.i386.rpm rh-postgresql-jdbc-7.3.21-3.i386.rpm rh-postgresql-libs-7.3.21-3.i386.rpm rh-postgresql-pl-7.3.21-3.i386.rpm rh-postgresql-python-7.3.21-3.i386.rpm rh-postgresql-server-7.3.21-3.i386.rpm rh-postgresql-tcl-7.3.21-3.i386.rpm rh-postgresql-test-7.3.21-3.i386.rpm ia64: rh-postgresql-7.3.21-3.ia64.rpm rh-postgresql-contrib-7.3.21-3.ia64.rpm rh-postgresql-debuginfo-7.3.21-3.i386.rpm rh-postgresql-debuginfo-7.3.21-3.ia64.rpm rh-postgresql-devel-7.3.21-3.ia64.rpm rh-postgresql-docs-7.3.21-3.ia64.rpm rh-postgresql-jdbc-7.3.21-3.ia64.rpm rh-postgresql-libs-7.3.21-3.i386.rpm rh-postgresql-libs-7.3.21-3.ia64.rpm rh-postgresql-pl-7.3.21-3.ia64.rpm rh-postgresql-python-7.3.21-3.ia64.rpm rh-postgresql-server-7.3.21-3.ia64.rpm rh-postgresql-tcl-7.3.21-3.ia64.rpm rh-postgresql-test-7.3.21-3.ia64.rpm x86_64: rh-postgresql-7.3.21-3.x86_64.rpm rh-postgresql-contrib-7.3.21-3.x86_64.rpm rh-postgresql-debuginfo-7.3.21-3.i386.rpm rh-postgresql-debuginfo-7.3.21-3.x86_64.rpm rh-postgresql-devel-7.3.21-3.x86_64.rpm rh-postgresql-docs-7.3.21-3.x86_64.rpm rh-postgresql-jdbc-7.3.21-3.x86_64.rpm rh-postgresql-libs-7.3.21-3.i386.rpm rh-postgresql-libs-7.3.21-3.x86_64.rpm rh-postgresql-pl-7.3.21-3.x86_64.rpm rh-postgresql-python-7.3.21-3.x86_64.rpm rh-postgresql-server-7.3.21-3.x86_64.rpm rh-postgresql-tcl-7.3.21-3.x86_64.rpm rh-postgresql-test-7.3.21-3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-4136.html https://www.redhat.com/security/data/cve/CVE-2010-0442.html https://www.redhat.com/security/data/cve/CVE-2010-0733.html https://www.redhat.com/security/data/cve/CVE-2010-1169.html https://www.redhat.com/security/data/cve/CVE-2010-1170.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL9BmSXlSAg2UNWIIRApYpAJ4pVbgOZCF3JfwnusgzotUQrSqshQCfWvH+ iueusYINpQ2fIejHu6GXFrQ= =Ecx2 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 19 17:03:08 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 19 May 2010 11:03:08 -0600 Subject: [RHSA-2010:0428-01] Moderate: postgresql security update Message-ID: <201005191703.o4JH38RE024194@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: postgresql security update Advisory ID: RHSA-2010:0428-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0428.html Issue date: 2010-05-19 CVE Names: CVE-2009-4136 CVE-2010-0442 CVE-2010-0733 CVE-2010-1169 CVE-2010-1170 ===================================================================== 1. Summary: Updated postgresql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). PL/Perl and PL/Tcl allow users to write PostgreSQL functions in the Perl and Tcl languages, and are installed in trusted mode by default. In trusted mode, certain operations, such as operating system level access, are restricted. A flaw was found in the way PostgreSQL enforced permission checks on scripts written in PL/Perl. If the PL/Perl procedural language was registered on a particular database, an authenticated database user running a specially-crafted PL/Perl script could use this flaw to bypass intended PL/Perl trusted mode restrictions, allowing them to run arbitrary Perl scripts with the privileges of the database server. (CVE-2010-1169) Red Hat would like to thank Tim Bunce for responsibly reporting the CVE-2010-1169 flaw. A flaw was found in the way PostgreSQL enforced permission checks on scripts written in PL/Tcl. If the PL/Tcl procedural language was registered on a particular database, an authenticated database user running a specially-crafted PL/Tcl script could use this flaw to bypass intended PL/Tcl trusted mode restrictions, allowing them to run arbitrary Tcl scripts with the privileges of the database server. (CVE-2010-1170) A buffer overflow flaw was found in the way PostgreSQL retrieved a substring from the bit string for BIT() and BIT VARYING() SQL data types. An authenticated database user running a specially-crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-0442) An integer overflow flaw was found in the way PostgreSQL used to calculate the size of the hash table for joined relations. An authenticated database user could create a specially-crafted SQL query which could cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-0733) PostgreSQL improperly protected session-local state during the execution of an index function by a database superuser during the database maintenance operations. An authenticated database user could use this flaw to elevate their privileges via specially-crafted index functions. (CVE-2009-4136) These packages upgrade PostgreSQL to version 7.4.29. Refer to the PostgreSQL Release Notes for a list of changes: http://www.postgresql.org/docs/7.4/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 546321 - CVE-2009-4136 postgresql: SQL privilege escalation via modifications to session-local state 546621 - CVE-2010-0733 postgresql: Integer overflow in hash table size calculation 559259 - CVE-2010-0442 postgresql: substring() negative length argument buffer overflow 582615 - CVE-2010-1169 PostgreSQL: PL/Perl Intended restriction bypass 583072 - CVE-2010-1170 PostgreSQL: PL/Tcl Intended restriction bypass 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/postgresql-7.4.29-1.el4_8.1.src.rpm i386: postgresql-7.4.29-1.el4_8.1.i386.rpm postgresql-contrib-7.4.29-1.el4_8.1.i386.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.i386.rpm postgresql-devel-7.4.29-1.el4_8.1.i386.rpm postgresql-docs-7.4.29-1.el4_8.1.i386.rpm postgresql-jdbc-7.4.29-1.el4_8.1.i386.rpm postgresql-libs-7.4.29-1.el4_8.1.i386.rpm postgresql-pl-7.4.29-1.el4_8.1.i386.rpm postgresql-python-7.4.29-1.el4_8.1.i386.rpm postgresql-server-7.4.29-1.el4_8.1.i386.rpm postgresql-tcl-7.4.29-1.el4_8.1.i386.rpm postgresql-test-7.4.29-1.el4_8.1.i386.rpm ia64: postgresql-7.4.29-1.el4_8.1.ia64.rpm postgresql-contrib-7.4.29-1.el4_8.1.ia64.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.i386.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.ia64.rpm postgresql-devel-7.4.29-1.el4_8.1.ia64.rpm postgresql-docs-7.4.29-1.el4_8.1.ia64.rpm postgresql-jdbc-7.4.29-1.el4_8.1.ia64.rpm postgresql-libs-7.4.29-1.el4_8.1.i386.rpm postgresql-libs-7.4.29-1.el4_8.1.ia64.rpm postgresql-pl-7.4.29-1.el4_8.1.ia64.rpm postgresql-python-7.4.29-1.el4_8.1.ia64.rpm postgresql-server-7.4.29-1.el4_8.1.ia64.rpm postgresql-tcl-7.4.29-1.el4_8.1.ia64.rpm postgresql-test-7.4.29-1.el4_8.1.ia64.rpm ppc: postgresql-7.4.29-1.el4_8.1.ppc.rpm postgresql-contrib-7.4.29-1.el4_8.1.ppc.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.ppc.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.ppc64.rpm postgresql-devel-7.4.29-1.el4_8.1.ppc.rpm postgresql-docs-7.4.29-1.el4_8.1.ppc.rpm postgresql-jdbc-7.4.29-1.el4_8.1.ppc.rpm postgresql-libs-7.4.29-1.el4_8.1.ppc.rpm postgresql-libs-7.4.29-1.el4_8.1.ppc64.rpm postgresql-pl-7.4.29-1.el4_8.1.ppc.rpm postgresql-python-7.4.29-1.el4_8.1.ppc.rpm postgresql-server-7.4.29-1.el4_8.1.ppc.rpm postgresql-tcl-7.4.29-1.el4_8.1.ppc.rpm postgresql-test-7.4.29-1.el4_8.1.ppc.rpm s390: postgresql-7.4.29-1.el4_8.1.s390.rpm postgresql-contrib-7.4.29-1.el4_8.1.s390.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.s390.rpm postgresql-devel-7.4.29-1.el4_8.1.s390.rpm postgresql-docs-7.4.29-1.el4_8.1.s390.rpm postgresql-jdbc-7.4.29-1.el4_8.1.s390.rpm postgresql-libs-7.4.29-1.el4_8.1.s390.rpm postgresql-pl-7.4.29-1.el4_8.1.s390.rpm postgresql-python-7.4.29-1.el4_8.1.s390.rpm postgresql-server-7.4.29-1.el4_8.1.s390.rpm postgresql-tcl-7.4.29-1.el4_8.1.s390.rpm postgresql-test-7.4.29-1.el4_8.1.s390.rpm s390x: postgresql-7.4.29-1.el4_8.1.s390x.rpm postgresql-contrib-7.4.29-1.el4_8.1.s390x.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.s390.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.s390x.rpm postgresql-devel-7.4.29-1.el4_8.1.s390x.rpm postgresql-docs-7.4.29-1.el4_8.1.s390x.rpm postgresql-jdbc-7.4.29-1.el4_8.1.s390x.rpm postgresql-libs-7.4.29-1.el4_8.1.s390.rpm postgresql-libs-7.4.29-1.el4_8.1.s390x.rpm postgresql-pl-7.4.29-1.el4_8.1.s390x.rpm postgresql-python-7.4.29-1.el4_8.1.s390x.rpm postgresql-server-7.4.29-1.el4_8.1.s390x.rpm postgresql-tcl-7.4.29-1.el4_8.1.s390x.rpm postgresql-test-7.4.29-1.el4_8.1.s390x.rpm x86_64: postgresql-7.4.29-1.el4_8.1.x86_64.rpm postgresql-contrib-7.4.29-1.el4_8.1.x86_64.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.i386.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.x86_64.rpm postgresql-devel-7.4.29-1.el4_8.1.x86_64.rpm postgresql-docs-7.4.29-1.el4_8.1.x86_64.rpm postgresql-jdbc-7.4.29-1.el4_8.1.x86_64.rpm postgresql-libs-7.4.29-1.el4_8.1.i386.rpm postgresql-libs-7.4.29-1.el4_8.1.x86_64.rpm postgresql-pl-7.4.29-1.el4_8.1.x86_64.rpm postgresql-python-7.4.29-1.el4_8.1.x86_64.rpm postgresql-server-7.4.29-1.el4_8.1.x86_64.rpm postgresql-tcl-7.4.29-1.el4_8.1.x86_64.rpm postgresql-test-7.4.29-1.el4_8.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/postgresql-7.4.29-1.el4_8.1.src.rpm i386: postgresql-7.4.29-1.el4_8.1.i386.rpm postgresql-contrib-7.4.29-1.el4_8.1.i386.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.i386.rpm postgresql-devel-7.4.29-1.el4_8.1.i386.rpm postgresql-docs-7.4.29-1.el4_8.1.i386.rpm postgresql-jdbc-7.4.29-1.el4_8.1.i386.rpm postgresql-libs-7.4.29-1.el4_8.1.i386.rpm postgresql-pl-7.4.29-1.el4_8.1.i386.rpm postgresql-python-7.4.29-1.el4_8.1.i386.rpm postgresql-server-7.4.29-1.el4_8.1.i386.rpm postgresql-tcl-7.4.29-1.el4_8.1.i386.rpm postgresql-test-7.4.29-1.el4_8.1.i386.rpm x86_64: postgresql-7.4.29-1.el4_8.1.x86_64.rpm postgresql-contrib-7.4.29-1.el4_8.1.x86_64.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.i386.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.x86_64.rpm postgresql-devel-7.4.29-1.el4_8.1.x86_64.rpm postgresql-docs-7.4.29-1.el4_8.1.x86_64.rpm postgresql-jdbc-7.4.29-1.el4_8.1.x86_64.rpm postgresql-libs-7.4.29-1.el4_8.1.i386.rpm postgresql-libs-7.4.29-1.el4_8.1.x86_64.rpm postgresql-pl-7.4.29-1.el4_8.1.x86_64.rpm postgresql-python-7.4.29-1.el4_8.1.x86_64.rpm postgresql-server-7.4.29-1.el4_8.1.x86_64.rpm postgresql-tcl-7.4.29-1.el4_8.1.x86_64.rpm postgresql-test-7.4.29-1.el4_8.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/postgresql-7.4.29-1.el4_8.1.src.rpm i386: postgresql-7.4.29-1.el4_8.1.i386.rpm postgresql-contrib-7.4.29-1.el4_8.1.i386.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.i386.rpm postgresql-devel-7.4.29-1.el4_8.1.i386.rpm postgresql-docs-7.4.29-1.el4_8.1.i386.rpm postgresql-jdbc-7.4.29-1.el4_8.1.i386.rpm postgresql-libs-7.4.29-1.el4_8.1.i386.rpm postgresql-pl-7.4.29-1.el4_8.1.i386.rpm postgresql-python-7.4.29-1.el4_8.1.i386.rpm postgresql-server-7.4.29-1.el4_8.1.i386.rpm postgresql-tcl-7.4.29-1.el4_8.1.i386.rpm postgresql-test-7.4.29-1.el4_8.1.i386.rpm ia64: postgresql-7.4.29-1.el4_8.1.ia64.rpm postgresql-contrib-7.4.29-1.el4_8.1.ia64.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.i386.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.ia64.rpm postgresql-devel-7.4.29-1.el4_8.1.ia64.rpm postgresql-docs-7.4.29-1.el4_8.1.ia64.rpm postgresql-jdbc-7.4.29-1.el4_8.1.ia64.rpm postgresql-libs-7.4.29-1.el4_8.1.i386.rpm postgresql-libs-7.4.29-1.el4_8.1.ia64.rpm postgresql-pl-7.4.29-1.el4_8.1.ia64.rpm postgresql-python-7.4.29-1.el4_8.1.ia64.rpm postgresql-server-7.4.29-1.el4_8.1.ia64.rpm postgresql-tcl-7.4.29-1.el4_8.1.ia64.rpm postgresql-test-7.4.29-1.el4_8.1.ia64.rpm x86_64: postgresql-7.4.29-1.el4_8.1.x86_64.rpm postgresql-contrib-7.4.29-1.el4_8.1.x86_64.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.i386.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.x86_64.rpm postgresql-devel-7.4.29-1.el4_8.1.x86_64.rpm postgresql-docs-7.4.29-1.el4_8.1.x86_64.rpm postgresql-jdbc-7.4.29-1.el4_8.1.x86_64.rpm postgresql-libs-7.4.29-1.el4_8.1.i386.rpm postgresql-libs-7.4.29-1.el4_8.1.x86_64.rpm postgresql-pl-7.4.29-1.el4_8.1.x86_64.rpm postgresql-python-7.4.29-1.el4_8.1.x86_64.rpm postgresql-server-7.4.29-1.el4_8.1.x86_64.rpm postgresql-tcl-7.4.29-1.el4_8.1.x86_64.rpm postgresql-test-7.4.29-1.el4_8.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/postgresql-7.4.29-1.el4_8.1.src.rpm i386: postgresql-7.4.29-1.el4_8.1.i386.rpm postgresql-contrib-7.4.29-1.el4_8.1.i386.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.i386.rpm postgresql-devel-7.4.29-1.el4_8.1.i386.rpm postgresql-docs-7.4.29-1.el4_8.1.i386.rpm postgresql-jdbc-7.4.29-1.el4_8.1.i386.rpm postgresql-libs-7.4.29-1.el4_8.1.i386.rpm postgresql-pl-7.4.29-1.el4_8.1.i386.rpm postgresql-python-7.4.29-1.el4_8.1.i386.rpm postgresql-server-7.4.29-1.el4_8.1.i386.rpm postgresql-tcl-7.4.29-1.el4_8.1.i386.rpm postgresql-test-7.4.29-1.el4_8.1.i386.rpm ia64: postgresql-7.4.29-1.el4_8.1.ia64.rpm postgresql-contrib-7.4.29-1.el4_8.1.ia64.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.i386.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.ia64.rpm postgresql-devel-7.4.29-1.el4_8.1.ia64.rpm postgresql-docs-7.4.29-1.el4_8.1.ia64.rpm postgresql-jdbc-7.4.29-1.el4_8.1.ia64.rpm postgresql-libs-7.4.29-1.el4_8.1.i386.rpm postgresql-libs-7.4.29-1.el4_8.1.ia64.rpm postgresql-pl-7.4.29-1.el4_8.1.ia64.rpm postgresql-python-7.4.29-1.el4_8.1.ia64.rpm postgresql-server-7.4.29-1.el4_8.1.ia64.rpm postgresql-tcl-7.4.29-1.el4_8.1.ia64.rpm postgresql-test-7.4.29-1.el4_8.1.ia64.rpm x86_64: postgresql-7.4.29-1.el4_8.1.x86_64.rpm postgresql-contrib-7.4.29-1.el4_8.1.x86_64.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.i386.rpm postgresql-debuginfo-7.4.29-1.el4_8.1.x86_64.rpm postgresql-devel-7.4.29-1.el4_8.1.x86_64.rpm postgresql-docs-7.4.29-1.el4_8.1.x86_64.rpm postgresql-jdbc-7.4.29-1.el4_8.1.x86_64.rpm postgresql-libs-7.4.29-1.el4_8.1.i386.rpm postgresql-libs-7.4.29-1.el4_8.1.x86_64.rpm postgresql-pl-7.4.29-1.el4_8.1.x86_64.rpm postgresql-python-7.4.29-1.el4_8.1.x86_64.rpm postgresql-server-7.4.29-1.el4_8.1.x86_64.rpm postgresql-tcl-7.4.29-1.el4_8.1.x86_64.rpm postgresql-test-7.4.29-1.el4_8.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-4136.html https://www.redhat.com/security/data/cve/CVE-2010-0442.html https://www.redhat.com/security/data/cve/CVE-2010-0733.html https://www.redhat.com/security/data/cve/CVE-2010-1169.html https://www.redhat.com/security/data/cve/CVE-2010-1170.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL9Bm/XlSAg2UNWIIRAp2SAJ0Vnye/JJIPde8oMvhKG7Evi9/uhgCdEk/o ioksfWFitLkjGT8EgbzDxm0= =koSS -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 19 17:03:44 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 19 May 2010 11:03:44 -0600 Subject: [RHSA-2010:0429-01] Moderate: postgresql security update Message-ID: <201005191703.o4JH3jDI026458@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: postgresql security update Advisory ID: RHSA-2010:0429-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0429.html Issue date: 2010-05-19 CVE Names: CVE-2009-4136 CVE-2010-0442 CVE-2010-0733 CVE-2010-1169 CVE-2010-1170 ===================================================================== 1. Summary: Updated postgresql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). PL/Perl and PL/Tcl allow users to write PostgreSQL functions in the Perl and Tcl languages, and are installed in trusted mode by default. In trusted mode, certain operations, such as operating system level access, are restricted. A flaw was found in the way PostgreSQL enforced permission checks on scripts written in PL/Perl. If the PL/Perl procedural language was registered on a particular database, an authenticated database user running a specially-crafted PL/Perl script could use this flaw to bypass intended PL/Perl trusted mode restrictions, allowing them to run arbitrary Perl scripts with the privileges of the database server. (CVE-2010-1169) Red Hat would like to thank Tim Bunce for responsibly reporting the CVE-2010-1169 flaw. A flaw was found in the way PostgreSQL enforced permission checks on scripts written in PL/Tcl. If the PL/Tcl procedural language was registered on a particular database, an authenticated database user running a specially-crafted PL/Tcl script could use this flaw to bypass intended PL/Tcl trusted mode restrictions, allowing them to run arbitrary Tcl scripts with the privileges of the database server. (CVE-2010-1170) A buffer overflow flaw was found in the way PostgreSQL retrieved a substring from the bit string for BIT() and BIT VARYING() SQL data types. An authenticated database user running a specially-crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-0442) An integer overflow flaw was found in the way PostgreSQL used to calculate the size of the hash table for joined relations. An authenticated database user could create a specially-crafted SQL query which could cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-0733) PostgreSQL improperly protected session-local state during the execution of an index function by a database superuser during the database maintenance operations. An authenticated database user could use this flaw to elevate their privileges via specially-crafted index functions. (CVE-2009-4136) These packages upgrade PostgreSQL to version 8.1.21. Refer to the PostgreSQL Release Notes for a list of changes: http://www.postgresql.org/docs/8.1/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 546321 - CVE-2009-4136 postgresql: SQL privilege escalation via modifications to session-local state 546621 - CVE-2010-0733 postgresql: Integer overflow in hash table size calculation 559259 - CVE-2010-0442 postgresql: substring() negative length argument buffer overflow 582615 - CVE-2010-1169 PostgreSQL: PL/Perl Intended restriction bypass 583072 - CVE-2010-1170 PostgreSQL: PL/Tcl Intended restriction bypass 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql-8.1.21-1.el5_5.1.src.rpm i386: postgresql-8.1.21-1.el5_5.1.i386.rpm postgresql-contrib-8.1.21-1.el5_5.1.i386.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.i386.rpm postgresql-devel-8.1.21-1.el5_5.1.i386.rpm postgresql-docs-8.1.21-1.el5_5.1.i386.rpm postgresql-libs-8.1.21-1.el5_5.1.i386.rpm postgresql-pl-8.1.21-1.el5_5.1.i386.rpm postgresql-python-8.1.21-1.el5_5.1.i386.rpm postgresql-server-8.1.21-1.el5_5.1.i386.rpm postgresql-tcl-8.1.21-1.el5_5.1.i386.rpm postgresql-test-8.1.21-1.el5_5.1.i386.rpm x86_64: postgresql-8.1.21-1.el5_5.1.x86_64.rpm postgresql-contrib-8.1.21-1.el5_5.1.x86_64.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.i386.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.x86_64.rpm postgresql-docs-8.1.21-1.el5_5.1.x86_64.rpm postgresql-libs-8.1.21-1.el5_5.1.i386.rpm postgresql-libs-8.1.21-1.el5_5.1.x86_64.rpm postgresql-python-8.1.21-1.el5_5.1.x86_64.rpm postgresql-tcl-8.1.21-1.el5_5.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql-8.1.21-1.el5_5.1.src.rpm i386: postgresql-debuginfo-8.1.21-1.el5_5.1.i386.rpm postgresql-devel-8.1.21-1.el5_5.1.i386.rpm postgresql-pl-8.1.21-1.el5_5.1.i386.rpm postgresql-server-8.1.21-1.el5_5.1.i386.rpm postgresql-test-8.1.21-1.el5_5.1.i386.rpm x86_64: postgresql-debuginfo-8.1.21-1.el5_5.1.i386.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.x86_64.rpm postgresql-devel-8.1.21-1.el5_5.1.i386.rpm postgresql-devel-8.1.21-1.el5_5.1.x86_64.rpm postgresql-pl-8.1.21-1.el5_5.1.x86_64.rpm postgresql-server-8.1.21-1.el5_5.1.x86_64.rpm postgresql-test-8.1.21-1.el5_5.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/postgresql-8.1.21-1.el5_5.1.src.rpm i386: postgresql-8.1.21-1.el5_5.1.i386.rpm postgresql-contrib-8.1.21-1.el5_5.1.i386.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.i386.rpm postgresql-devel-8.1.21-1.el5_5.1.i386.rpm postgresql-docs-8.1.21-1.el5_5.1.i386.rpm postgresql-libs-8.1.21-1.el5_5.1.i386.rpm postgresql-pl-8.1.21-1.el5_5.1.i386.rpm postgresql-python-8.1.21-1.el5_5.1.i386.rpm postgresql-server-8.1.21-1.el5_5.1.i386.rpm postgresql-tcl-8.1.21-1.el5_5.1.i386.rpm postgresql-test-8.1.21-1.el5_5.1.i386.rpm ia64: postgresql-8.1.21-1.el5_5.1.ia64.rpm postgresql-contrib-8.1.21-1.el5_5.1.ia64.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.i386.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.ia64.rpm postgresql-devel-8.1.21-1.el5_5.1.ia64.rpm postgresql-docs-8.1.21-1.el5_5.1.ia64.rpm postgresql-libs-8.1.21-1.el5_5.1.i386.rpm postgresql-libs-8.1.21-1.el5_5.1.ia64.rpm postgresql-pl-8.1.21-1.el5_5.1.ia64.rpm postgresql-python-8.1.21-1.el5_5.1.ia64.rpm postgresql-server-8.1.21-1.el5_5.1.ia64.rpm postgresql-tcl-8.1.21-1.el5_5.1.ia64.rpm postgresql-test-8.1.21-1.el5_5.1.ia64.rpm ppc: postgresql-8.1.21-1.el5_5.1.ppc.rpm postgresql-8.1.21-1.el5_5.1.ppc64.rpm postgresql-contrib-8.1.21-1.el5_5.1.ppc.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.ppc.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.ppc64.rpm postgresql-devel-8.1.21-1.el5_5.1.ppc.rpm postgresql-devel-8.1.21-1.el5_5.1.ppc64.rpm postgresql-docs-8.1.21-1.el5_5.1.ppc.rpm postgresql-libs-8.1.21-1.el5_5.1.ppc.rpm postgresql-libs-8.1.21-1.el5_5.1.ppc64.rpm postgresql-pl-8.1.21-1.el5_5.1.ppc.rpm postgresql-python-8.1.21-1.el5_5.1.ppc.rpm postgresql-server-8.1.21-1.el5_5.1.ppc.rpm postgresql-tcl-8.1.21-1.el5_5.1.ppc.rpm postgresql-test-8.1.21-1.el5_5.1.ppc.rpm s390x: postgresql-8.1.21-1.el5_5.1.s390x.rpm postgresql-contrib-8.1.21-1.el5_5.1.s390x.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.s390.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.s390x.rpm postgresql-devel-8.1.21-1.el5_5.1.s390.rpm postgresql-devel-8.1.21-1.el5_5.1.s390x.rpm postgresql-docs-8.1.21-1.el5_5.1.s390x.rpm postgresql-libs-8.1.21-1.el5_5.1.s390.rpm postgresql-libs-8.1.21-1.el5_5.1.s390x.rpm postgresql-pl-8.1.21-1.el5_5.1.s390x.rpm postgresql-python-8.1.21-1.el5_5.1.s390x.rpm postgresql-server-8.1.21-1.el5_5.1.s390x.rpm postgresql-tcl-8.1.21-1.el5_5.1.s390x.rpm postgresql-test-8.1.21-1.el5_5.1.s390x.rpm x86_64: postgresql-8.1.21-1.el5_5.1.x86_64.rpm postgresql-contrib-8.1.21-1.el5_5.1.x86_64.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.i386.rpm postgresql-debuginfo-8.1.21-1.el5_5.1.x86_64.rpm postgresql-devel-8.1.21-1.el5_5.1.i386.rpm postgresql-devel-8.1.21-1.el5_5.1.x86_64.rpm postgresql-docs-8.1.21-1.el5_5.1.x86_64.rpm postgresql-libs-8.1.21-1.el5_5.1.i386.rpm postgresql-libs-8.1.21-1.el5_5.1.x86_64.rpm postgresql-pl-8.1.21-1.el5_5.1.x86_64.rpm postgresql-python-8.1.21-1.el5_5.1.x86_64.rpm postgresql-server-8.1.21-1.el5_5.1.x86_64.rpm postgresql-tcl-8.1.21-1.el5_5.1.x86_64.rpm postgresql-test-8.1.21-1.el5_5.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-4136.html https://www.redhat.com/security/data/cve/CVE-2010-0442.html https://www.redhat.com/security/data/cve/CVE-2010-0733.html https://www.redhat.com/security/data/cve/CVE-2010-1169.html https://www.redhat.com/security/data/cve/CVE-2010-1170.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL9BnkXlSAg2UNWIIRApkAAKCTejGjiJwe3CTX9PvjqpdxSuuN0gCfTFt8 61yYeEGIQxyQ/szm4ksZRH4= =AQnw -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 19 17:04:36 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 19 May 2010 11:04:36 -0600 Subject: [RHSA-2010:0430-01] Moderate: postgresql84 security update Message-ID: <201005191704.o4JH4bOc003186@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: postgresql84 security update Advisory ID: RHSA-2010:0430-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0430.html Issue date: 2010-05-19 CVE Names: CVE-2010-1169 CVE-2010-1170 ===================================================================== 1. Summary: Updated postgresql84 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). PL/Perl and PL/Tcl allow users to write PostgreSQL functions in the Perl and Tcl languages, and are installed in trusted mode by default. In trusted mode, certain operations, such as operating system level access, are restricted. A flaw was found in the way PostgreSQL enforced permission checks on scripts written in PL/Perl. If the PL/Perl procedural language was registered on a particular database, an authenticated database user running a specially-crafted PL/Perl script could use this flaw to bypass intended PL/Perl trusted mode restrictions, allowing them to run arbitrary Perl scripts with the privileges of the database server. (CVE-2010-1169) Red Hat would like to thank Tim Bunce for responsibly reporting the CVE-2010-1169 flaw. A flaw was found in the way PostgreSQL enforced permission checks on scripts written in PL/Tcl. If the PL/Tcl procedural language was registered on a particular database, an authenticated database user running a specially-crafted PL/Tcl script could use this flaw to bypass intended PL/Tcl trusted mode restrictions, allowing them to run arbitrary Tcl scripts with the privileges of the database server. (CVE-2010-1170) These packages upgrade PostgreSQL to version 8.4.4. Refer to the PostgreSQL Release Notes for a list of changes: http://www.postgresql.org/docs/8.4/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 582615 - CVE-2010-1169 PostgreSQL: PL/Perl Intended restriction bypass 583072 - CVE-2010-1170 PostgreSQL: PL/Tcl Intended restriction bypass 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql84-8.4.4-1.el5_5.1.src.rpm i386: postgresql84-8.4.4-1.el5_5.1.i386.rpm postgresql84-contrib-8.4.4-1.el5_5.1.i386.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.i386.rpm postgresql84-devel-8.4.4-1.el5_5.1.i386.rpm postgresql84-docs-8.4.4-1.el5_5.1.i386.rpm postgresql84-libs-8.4.4-1.el5_5.1.i386.rpm postgresql84-plperl-8.4.4-1.el5_5.1.i386.rpm postgresql84-plpython-8.4.4-1.el5_5.1.i386.rpm postgresql84-pltcl-8.4.4-1.el5_5.1.i386.rpm postgresql84-python-8.4.4-1.el5_5.1.i386.rpm postgresql84-server-8.4.4-1.el5_5.1.i386.rpm postgresql84-tcl-8.4.4-1.el5_5.1.i386.rpm postgresql84-test-8.4.4-1.el5_5.1.i386.rpm x86_64: postgresql84-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-contrib-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.i386.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-docs-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-libs-8.4.4-1.el5_5.1.i386.rpm postgresql84-libs-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-python-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-tcl-8.4.4-1.el5_5.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql84-8.4.4-1.el5_5.1.src.rpm i386: postgresql84-debuginfo-8.4.4-1.el5_5.1.i386.rpm postgresql84-devel-8.4.4-1.el5_5.1.i386.rpm postgresql84-plperl-8.4.4-1.el5_5.1.i386.rpm postgresql84-plpython-8.4.4-1.el5_5.1.i386.rpm postgresql84-pltcl-8.4.4-1.el5_5.1.i386.rpm postgresql84-server-8.4.4-1.el5_5.1.i386.rpm postgresql84-test-8.4.4-1.el5_5.1.i386.rpm x86_64: postgresql84-debuginfo-8.4.4-1.el5_5.1.i386.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-devel-8.4.4-1.el5_5.1.i386.rpm postgresql84-devel-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-plperl-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-plpython-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-pltcl-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-server-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-test-8.4.4-1.el5_5.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/postgresql84-8.4.4-1.el5_5.1.src.rpm i386: postgresql84-8.4.4-1.el5_5.1.i386.rpm postgresql84-contrib-8.4.4-1.el5_5.1.i386.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.i386.rpm postgresql84-devel-8.4.4-1.el5_5.1.i386.rpm postgresql84-docs-8.4.4-1.el5_5.1.i386.rpm postgresql84-libs-8.4.4-1.el5_5.1.i386.rpm postgresql84-plperl-8.4.4-1.el5_5.1.i386.rpm postgresql84-plpython-8.4.4-1.el5_5.1.i386.rpm postgresql84-pltcl-8.4.4-1.el5_5.1.i386.rpm postgresql84-python-8.4.4-1.el5_5.1.i386.rpm postgresql84-server-8.4.4-1.el5_5.1.i386.rpm postgresql84-tcl-8.4.4-1.el5_5.1.i386.rpm postgresql84-test-8.4.4-1.el5_5.1.i386.rpm ia64: postgresql84-8.4.4-1.el5_5.1.ia64.rpm postgresql84-contrib-8.4.4-1.el5_5.1.ia64.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.ia64.rpm postgresql84-devel-8.4.4-1.el5_5.1.ia64.rpm postgresql84-docs-8.4.4-1.el5_5.1.ia64.rpm postgresql84-libs-8.4.4-1.el5_5.1.ia64.rpm postgresql84-plperl-8.4.4-1.el5_5.1.ia64.rpm postgresql84-plpython-8.4.4-1.el5_5.1.ia64.rpm postgresql84-pltcl-8.4.4-1.el5_5.1.ia64.rpm postgresql84-python-8.4.4-1.el5_5.1.ia64.rpm postgresql84-server-8.4.4-1.el5_5.1.ia64.rpm postgresql84-tcl-8.4.4-1.el5_5.1.ia64.rpm postgresql84-test-8.4.4-1.el5_5.1.ia64.rpm ppc: postgresql84-8.4.4-1.el5_5.1.ppc.rpm postgresql84-8.4.4-1.el5_5.1.ppc64.rpm postgresql84-contrib-8.4.4-1.el5_5.1.ppc.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.ppc.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.ppc64.rpm postgresql84-devel-8.4.4-1.el5_5.1.ppc.rpm postgresql84-devel-8.4.4-1.el5_5.1.ppc64.rpm postgresql84-docs-8.4.4-1.el5_5.1.ppc.rpm postgresql84-libs-8.4.4-1.el5_5.1.ppc.rpm postgresql84-libs-8.4.4-1.el5_5.1.ppc64.rpm postgresql84-plperl-8.4.4-1.el5_5.1.ppc.rpm postgresql84-plpython-8.4.4-1.el5_5.1.ppc.rpm postgresql84-pltcl-8.4.4-1.el5_5.1.ppc.rpm postgresql84-python-8.4.4-1.el5_5.1.ppc.rpm postgresql84-server-8.4.4-1.el5_5.1.ppc.rpm postgresql84-tcl-8.4.4-1.el5_5.1.ppc.rpm postgresql84-test-8.4.4-1.el5_5.1.ppc.rpm s390x: postgresql84-8.4.4-1.el5_5.1.s390x.rpm postgresql84-contrib-8.4.4-1.el5_5.1.s390x.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.s390.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.s390x.rpm postgresql84-devel-8.4.4-1.el5_5.1.s390.rpm postgresql84-devel-8.4.4-1.el5_5.1.s390x.rpm postgresql84-docs-8.4.4-1.el5_5.1.s390x.rpm postgresql84-libs-8.4.4-1.el5_5.1.s390.rpm postgresql84-libs-8.4.4-1.el5_5.1.s390x.rpm postgresql84-plperl-8.4.4-1.el5_5.1.s390x.rpm postgresql84-plpython-8.4.4-1.el5_5.1.s390x.rpm postgresql84-pltcl-8.4.4-1.el5_5.1.s390x.rpm postgresql84-python-8.4.4-1.el5_5.1.s390x.rpm postgresql84-server-8.4.4-1.el5_5.1.s390x.rpm postgresql84-tcl-8.4.4-1.el5_5.1.s390x.rpm postgresql84-test-8.4.4-1.el5_5.1.s390x.rpm x86_64: postgresql84-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-contrib-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.i386.rpm postgresql84-debuginfo-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-devel-8.4.4-1.el5_5.1.i386.rpm postgresql84-devel-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-docs-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-libs-8.4.4-1.el5_5.1.i386.rpm postgresql84-libs-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-plperl-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-plpython-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-pltcl-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-python-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-server-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-tcl-8.4.4-1.el5_5.1.x86_64.rpm postgresql84-test-8.4.4-1.el5_5.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-1169.html https://www.redhat.com/security/data/cve/CVE-2010-1170.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL9BoCXlSAg2UNWIIRAk2EAJsHDNO2GnkjADyfHXwKdCVVX4LAxQCfXZIQ RXa9XxPsjuaD7YfYl9+X2iU= =9A/T -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 25 16:06:47 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 25 May 2010 12:06:47 -0400 Subject: [RHSA-2010:0439-01] Important: kernel security and bug fix update Message-ID: <201005251606.o4PG6lfN013520@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2010:0439-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0439.html Issue date: 2010-05-25 CVE Names: CVE-2010-1188 ===================================================================== 1. Summary: Updated kernel packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 5.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5.3.z server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * a use-after-free flaw was found in the tcp_rcv_state_process() function in the Linux kernel TCP/IP protocol suite implementation. If a system using IPv6 had the IPV6_RECVPKTINFO option set on a listening socket, a remote attacker could send an IPv6 packet to that system, causing a kernel panic (denial of service). (CVE-2010-1188, Important) This update also fixes the following bugs: * a memory leak occurred when reading files on an NFS file system that was mounted with the "noac" option, causing memory to slowly be consumed. Unmounting the file system did not free the memory. With this update, the memory is correctly freed, which resolves this issue. (BZ#588221) * the RHSA-2009:0225 update fixed a bug where, in some cases, on systems with the kdump service enabled, pressing Alt+SysRq+C to trigger a crash resulted in a system hang; therefore, the system did not restart and boot the dump-capture kernel as expected; no vmcore file was logged; and the following message was displayed on the console: BUG: warning at arch/[arch]/kernel/crash.c:[xxx]/nmi_shootdown_cpus() (Not tainted) The RHSA-2009:0225 update resolved this issue by not calling printk() during a crash. It was later discovered that this fix did not resolve the issue in all cases, since there was one condition where printk() was still being called: at a warning condition inside the mdelay() call. This update replaces mdelay() calls with udelay(), where such a warning condition does not exist, which fully resolves this issue, allowing Alt+SysRq+C to work as expected. (BZ#588211) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 577711 - CVE-2010-1188 kernel: ipv6: skb is unexpectedly freed 588211 - [RHEL5.3 GA] The kernel stalls before starting second kernel when pressing Alt+SysRq+c in graphical console [rhel-5.3.z] 588221 - memory leak when reading from files mounted with nfs mount option 'noac' [rhel-5.3.z] 6. Package List: Red Hat Enterprise Linux (v. 5.3.z server): Source: kernel-2.6.18-128.17.1.el5.src.rpm i386: kernel-2.6.18-128.17.1.el5.i686.rpm kernel-PAE-2.6.18-128.17.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-128.17.1.el5.i686.rpm kernel-PAE-devel-2.6.18-128.17.1.el5.i686.rpm kernel-debug-2.6.18-128.17.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-128.17.1.el5.i686.rpm kernel-debug-devel-2.6.18-128.17.1.el5.i686.rpm kernel-debuginfo-2.6.18-128.17.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-128.17.1.el5.i686.rpm kernel-devel-2.6.18-128.17.1.el5.i686.rpm kernel-headers-2.6.18-128.17.1.el5.i386.rpm kernel-xen-2.6.18-128.17.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-128.17.1.el5.i686.rpm kernel-xen-devel-2.6.18-128.17.1.el5.i686.rpm ia64: kernel-2.6.18-128.17.1.el5.ia64.rpm kernel-debug-2.6.18-128.17.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-128.17.1.el5.ia64.rpm kernel-debug-devel-2.6.18-128.17.1.el5.ia64.rpm kernel-debuginfo-2.6.18-128.17.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-128.17.1.el5.ia64.rpm kernel-devel-2.6.18-128.17.1.el5.ia64.rpm kernel-headers-2.6.18-128.17.1.el5.ia64.rpm kernel-xen-2.6.18-128.17.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-128.17.1.el5.ia64.rpm kernel-xen-devel-2.6.18-128.17.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-128.17.1.el5.noarch.rpm ppc: kernel-2.6.18-128.17.1.el5.ppc64.rpm kernel-debug-2.6.18-128.17.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-128.17.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-128.17.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-128.17.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-128.17.1.el5.ppc64.rpm kernel-devel-2.6.18-128.17.1.el5.ppc64.rpm kernel-headers-2.6.18-128.17.1.el5.ppc.rpm kernel-headers-2.6.18-128.17.1.el5.ppc64.rpm kernel-kdump-2.6.18-128.17.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-128.17.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-128.17.1.el5.ppc64.rpm s390x: kernel-2.6.18-128.17.1.el5.s390x.rpm kernel-debug-2.6.18-128.17.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-128.17.1.el5.s390x.rpm kernel-debug-devel-2.6.18-128.17.1.el5.s390x.rpm kernel-debuginfo-2.6.18-128.17.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-128.17.1.el5.s390x.rpm kernel-devel-2.6.18-128.17.1.el5.s390x.rpm kernel-headers-2.6.18-128.17.1.el5.s390x.rpm kernel-kdump-2.6.18-128.17.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-128.17.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-128.17.1.el5.s390x.rpm x86_64: kernel-2.6.18-128.17.1.el5.x86_64.rpm kernel-debug-2.6.18-128.17.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-128.17.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-128.17.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-128.17.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-128.17.1.el5.x86_64.rpm kernel-devel-2.6.18-128.17.1.el5.x86_64.rpm kernel-headers-2.6.18-128.17.1.el5.x86_64.rpm kernel-xen-2.6.18-128.17.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-128.17.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-128.17.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-1188.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL+/VqXlSAg2UNWIIRAi1eAKCPkipRuh1h8MWA+H8iBvY9nJHXygCeOw9M JzCXowQgCxQ9JyvPcDV1ejo= =W8Ik -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 26 15:10:06 2010 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 26 May 2010 11:10:06 -0400 Subject: [RHSA-2010:0442-01] Important: mysql security update Message-ID: <201005261510.o4QFA6S5028575@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: mysql security update Advisory ID: RHSA-2010:0442-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0442.html Issue date: 2010-05-26 CVE Names: CVE-2010-1626 CVE-2010-1848 CVE-2010-1850 ===================================================================== 1. Summary: Updated mysql packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. A buffer overflow flaw was found in the way MySQL handled the parameters of the MySQL COM_FIELD_LIST network protocol command (this command is sent when a client uses the MySQL mysql_list_fields() client library function). An authenticated database user could send a request with an excessively long table name to cause a temporary denial of service (mysqld crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-1850) A directory traversal flaw was found in the way MySQL handled the parameters of the MySQL COM_FIELD_LIST network protocol command. An authenticated database user could use this flaw to obtain descriptions of the fields of an arbitrary table using a request with a specially-crafted table name. (CVE-2010-1848) A flaw was discovered in the way MySQL handled symbolic links to tables created using the DATA DIRECTORY and INDEX DIRECTORY directives in CREATE TABLE statements. An attacker with CREATE and DROP table privileges, and shell access to the database server, could use this flaw to remove data and index files of tables created by other database users using the MyISAM storage engine. (CVE-2010-1626) All MySQL users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 553648 - CVE-2010-1626 mysql: table destruction via DATA/INDEX DIRECTORY directives using symlinks 592079 - CVE-2010-1848 mysql: multiple insufficient table name checks 592091 - CVE-2010-1850 mysql: COM_FIELD_LIST table name buffer overflow 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/mysql-5.0.77-4.el5_5.3.src.rpm i386: mysql-5.0.77-4.el5_5.3.i386.rpm mysql-bench-5.0.77-4.el5_5.3.i386.rpm mysql-debuginfo-5.0.77-4.el5_5.3.i386.rpm mysql-devel-5.0.77-4.el5_5.3.i386.rpm mysql-server-5.0.77-4.el5_5.3.i386.rpm mysql-test-5.0.77-4.el5_5.3.i386.rpm x86_64: mysql-5.0.77-4.el5_5.3.i386.rpm mysql-5.0.77-4.el5_5.3.x86_64.rpm mysql-debuginfo-5.0.77-4.el5_5.3.i386.rpm mysql-debuginfo-5.0.77-4.el5_5.3.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/mysql-5.0.77-4.el5_5.3.src.rpm i386: mysql-bench-5.0.77-4.el5_5.3.i386.rpm mysql-debuginfo-5.0.77-4.el5_5.3.i386.rpm mysql-devel-5.0.77-4.el5_5.3.i386.rpm mysql-server-5.0.77-4.el5_5.3.i386.rpm mysql-test-5.0.77-4.el5_5.3.i386.rpm x86_64: mysql-bench-5.0.77-4.el5_5.3.x86_64.rpm mysql-debuginfo-5.0.77-4.el5_5.3.i386.rpm mysql-debuginfo-5.0.77-4.el5_5.3.x86_64.rpm mysql-devel-5.0.77-4.el5_5.3.i386.rpm mysql-devel-5.0.77-4.el5_5.3.x86_64.rpm mysql-server-5.0.77-4.el5_5.3.x86_64.rpm mysql-test-5.0.77-4.el5_5.3.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/mysql-5.0.77-4.el5_5.3.src.rpm i386: mysql-5.0.77-4.el5_5.3.i386.rpm mysql-bench-5.0.77-4.el5_5.3.i386.rpm mysql-debuginfo-5.0.77-4.el5_5.3.i386.rpm mysql-devel-5.0.77-4.el5_5.3.i386.rpm mysql-server-5.0.77-4.el5_5.3.i386.rpm mysql-test-5.0.77-4.el5_5.3.i386.rpm ia64: mysql-5.0.77-4.el5_5.3.i386.rpm mysql-5.0.77-4.el5_5.3.ia64.rpm mysql-bench-5.0.77-4.el5_5.3.ia64.rpm mysql-debuginfo-5.0.77-4.el5_5.3.i386.rpm mysql-debuginfo-5.0.77-4.el5_5.3.ia64.rpm mysql-devel-5.0.77-4.el5_5.3.ia64.rpm mysql-server-5.0.77-4.el5_5.3.ia64.rpm mysql-test-5.0.77-4.el5_5.3.ia64.rpm ppc: mysql-5.0.77-4.el5_5.3.ppc.rpm mysql-5.0.77-4.el5_5.3.ppc64.rpm mysql-bench-5.0.77-4.el5_5.3.ppc.rpm mysql-debuginfo-5.0.77-4.el5_5.3.ppc.rpm mysql-debuginfo-5.0.77-4.el5_5.3.ppc64.rpm mysql-devel-5.0.77-4.el5_5.3.ppc.rpm mysql-devel-5.0.77-4.el5_5.3.ppc64.rpm mysql-server-5.0.77-4.el5_5.3.ppc.rpm mysql-server-5.0.77-4.el5_5.3.ppc64.rpm mysql-test-5.0.77-4.el5_5.3.ppc.rpm s390x: mysql-5.0.77-4.el5_5.3.s390.rpm mysql-5.0.77-4.el5_5.3.s390x.rpm mysql-bench-5.0.77-4.el5_5.3.s390x.rpm mysql-debuginfo-5.0.77-4.el5_5.3.s390.rpm mysql-debuginfo-5.0.77-4.el5_5.3.s390x.rpm mysql-devel-5.0.77-4.el5_5.3.s390.rpm mysql-devel-5.0.77-4.el5_5.3.s390x.rpm mysql-server-5.0.77-4.el5_5.3.s390x.rpm mysql-test-5.0.77-4.el5_5.3.s390x.rpm x86_64: mysql-5.0.77-4.el5_5.3.i386.rpm mysql-5.0.77-4.el5_5.3.x86_64.rpm mysql-bench-5.0.77-4.el5_5.3.x86_64.rpm mysql-debuginfo-5.0.77-4.el5_5.3.i386.rpm mysql-debuginfo-5.0.77-4.el5_5.3.x86_64.rpm mysql-devel-5.0.77-4.el5_5.3.i386.rpm mysql-devel-5.0.77-4.el5_5.3.x86_64.rpm mysql-server-5.0.77-4.el5_5.3.x86_64.rpm mysql-test-5.0.77-4.el5_5.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-1626.html https://www.redhat.com/security/data/cve/CVE-2010-1848.html https://www.redhat.com/security/data/cve/CVE-2010-1850.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFL/TmuXlSAg2UNWIIRArO0AJ9ITzrhEtMl5u7YBKL/YMDxIZ2dbwCgr2bV 55FJS3/Zy53vuuMueYVW7bc= =TkyF -----END PGP SIGNATURE-----