From bugzilla at redhat.com Thu Feb 3 20:21:26 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 3 Feb 2011 13:21:26 -0700 Subject: [RHSA-2011:0195-01] Moderate: php security update Message-ID: <201102032021.p13KLQbu023351@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: php security update Advisory ID: RHSA-2011:0195-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0195.html Issue date: 2011-02-03 CVE Names: CVE-2009-5016 CVE-2010-3709 CVE-2010-3870 CVE-2010-4645 ===================================================================== 1. Summary: Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems. (CVE-2010-4645) A numeric truncation error and an input validation flaw were found in the way the PHP utf8_decode() function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escaped. An attacker could use these flaws to perform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870) A NULL pointer dereference flaw was found in the PHP ZipArchive::getArchiveComment function. If a script used this function to inspect a specially-crafted ZIP archive file, it could cause the PHP interpreter to crash. (CVE-2010-3709) All php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 649056 - CVE-2010-3870 php: XSS mitigation bypass via utf8_decode() 651206 - CVE-2010-3709 php: NULL pointer dereference in ZipArchive::getArchiveComment 652836 - CVE-2009-5016 php: XSS and SQL injection bypass via crafted overlong UTF-8 encoded string 667806 - CVE-2010-4645 php: hang on numeric value 2.2250738585072011e-308 with x87 fpu 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/php-5.3.2-6.el6_0.1.src.rpm i386: php-5.3.2-6.el6_0.1.i686.rpm php-bcmath-5.3.2-6.el6_0.1.i686.rpm php-cli-5.3.2-6.el6_0.1.i686.rpm php-common-5.3.2-6.el6_0.1.i686.rpm php-dba-5.3.2-6.el6_0.1.i686.rpm php-debuginfo-5.3.2-6.el6_0.1.i686.rpm php-devel-5.3.2-6.el6_0.1.i686.rpm php-embedded-5.3.2-6.el6_0.1.i686.rpm php-enchant-5.3.2-6.el6_0.1.i686.rpm php-gd-5.3.2-6.el6_0.1.i686.rpm php-imap-5.3.2-6.el6_0.1.i686.rpm php-intl-5.3.2-6.el6_0.1.i686.rpm php-ldap-5.3.2-6.el6_0.1.i686.rpm php-mbstring-5.3.2-6.el6_0.1.i686.rpm php-mysql-5.3.2-6.el6_0.1.i686.rpm php-odbc-5.3.2-6.el6_0.1.i686.rpm php-pdo-5.3.2-6.el6_0.1.i686.rpm php-pgsql-5.3.2-6.el6_0.1.i686.rpm php-process-5.3.2-6.el6_0.1.i686.rpm php-pspell-5.3.2-6.el6_0.1.i686.rpm php-recode-5.3.2-6.el6_0.1.i686.rpm php-snmp-5.3.2-6.el6_0.1.i686.rpm php-soap-5.3.2-6.el6_0.1.i686.rpm php-tidy-5.3.2-6.el6_0.1.i686.rpm php-xml-5.3.2-6.el6_0.1.i686.rpm php-xmlrpc-5.3.2-6.el6_0.1.i686.rpm php-zts-5.3.2-6.el6_0.1.i686.rpm x86_64: php-5.3.2-6.el6_0.1.x86_64.rpm php-bcmath-5.3.2-6.el6_0.1.x86_64.rpm php-cli-5.3.2-6.el6_0.1.x86_64.rpm php-common-5.3.2-6.el6_0.1.x86_64.rpm php-dba-5.3.2-6.el6_0.1.x86_64.rpm php-debuginfo-5.3.2-6.el6_0.1.x86_64.rpm php-devel-5.3.2-6.el6_0.1.x86_64.rpm php-embedded-5.3.2-6.el6_0.1.x86_64.rpm php-enchant-5.3.2-6.el6_0.1.x86_64.rpm php-gd-5.3.2-6.el6_0.1.x86_64.rpm php-imap-5.3.2-6.el6_0.1.x86_64.rpm php-intl-5.3.2-6.el6_0.1.x86_64.rpm php-ldap-5.3.2-6.el6_0.1.x86_64.rpm php-mbstring-5.3.2-6.el6_0.1.x86_64.rpm php-mysql-5.3.2-6.el6_0.1.x86_64.rpm php-odbc-5.3.2-6.el6_0.1.x86_64.rpm php-pdo-5.3.2-6.el6_0.1.x86_64.rpm php-pgsql-5.3.2-6.el6_0.1.x86_64.rpm php-process-5.3.2-6.el6_0.1.x86_64.rpm php-pspell-5.3.2-6.el6_0.1.x86_64.rpm php-recode-5.3.2-6.el6_0.1.x86_64.rpm php-snmp-5.3.2-6.el6_0.1.x86_64.rpm php-soap-5.3.2-6.el6_0.1.x86_64.rpm php-tidy-5.3.2-6.el6_0.1.x86_64.rpm php-xml-5.3.2-6.el6_0.1.x86_64.rpm php-xmlrpc-5.3.2-6.el6_0.1.x86_64.rpm php-zts-5.3.2-6.el6_0.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/php-5.3.2-6.el6_0.1.src.rpm x86_64: php-5.3.2-6.el6_0.1.x86_64.rpm php-bcmath-5.3.2-6.el6_0.1.x86_64.rpm php-cli-5.3.2-6.el6_0.1.x86_64.rpm php-common-5.3.2-6.el6_0.1.x86_64.rpm php-dba-5.3.2-6.el6_0.1.x86_64.rpm php-debuginfo-5.3.2-6.el6_0.1.x86_64.rpm php-devel-5.3.2-6.el6_0.1.x86_64.rpm php-embedded-5.3.2-6.el6_0.1.x86_64.rpm php-enchant-5.3.2-6.el6_0.1.x86_64.rpm php-gd-5.3.2-6.el6_0.1.x86_64.rpm php-imap-5.3.2-6.el6_0.1.x86_64.rpm php-intl-5.3.2-6.el6_0.1.x86_64.rpm php-ldap-5.3.2-6.el6_0.1.x86_64.rpm php-mbstring-5.3.2-6.el6_0.1.x86_64.rpm php-mysql-5.3.2-6.el6_0.1.x86_64.rpm php-odbc-5.3.2-6.el6_0.1.x86_64.rpm php-pdo-5.3.2-6.el6_0.1.x86_64.rpm php-pgsql-5.3.2-6.el6_0.1.x86_64.rpm php-process-5.3.2-6.el6_0.1.x86_64.rpm php-pspell-5.3.2-6.el6_0.1.x86_64.rpm php-recode-5.3.2-6.el6_0.1.x86_64.rpm php-snmp-5.3.2-6.el6_0.1.x86_64.rpm php-soap-5.3.2-6.el6_0.1.x86_64.rpm php-tidy-5.3.2-6.el6_0.1.x86_64.rpm php-xml-5.3.2-6.el6_0.1.x86_64.rpm php-xmlrpc-5.3.2-6.el6_0.1.x86_64.rpm php-zts-5.3.2-6.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/php-5.3.2-6.el6_0.1.src.rpm i386: php-5.3.2-6.el6_0.1.i686.rpm php-cli-5.3.2-6.el6_0.1.i686.rpm php-common-5.3.2-6.el6_0.1.i686.rpm php-debuginfo-5.3.2-6.el6_0.1.i686.rpm php-gd-5.3.2-6.el6_0.1.i686.rpm php-ldap-5.3.2-6.el6_0.1.i686.rpm php-mysql-5.3.2-6.el6_0.1.i686.rpm php-odbc-5.3.2-6.el6_0.1.i686.rpm php-pdo-5.3.2-6.el6_0.1.i686.rpm php-pgsql-5.3.2-6.el6_0.1.i686.rpm php-soap-5.3.2-6.el6_0.1.i686.rpm php-xml-5.3.2-6.el6_0.1.i686.rpm php-xmlrpc-5.3.2-6.el6_0.1.i686.rpm ppc64: php-5.3.2-6.el6_0.1.ppc64.rpm php-cli-5.3.2-6.el6_0.1.ppc64.rpm php-common-5.3.2-6.el6_0.1.ppc64.rpm php-debuginfo-5.3.2-6.el6_0.1.ppc64.rpm php-gd-5.3.2-6.el6_0.1.ppc64.rpm php-ldap-5.3.2-6.el6_0.1.ppc64.rpm php-mysql-5.3.2-6.el6_0.1.ppc64.rpm php-odbc-5.3.2-6.el6_0.1.ppc64.rpm php-pdo-5.3.2-6.el6_0.1.ppc64.rpm php-pgsql-5.3.2-6.el6_0.1.ppc64.rpm php-soap-5.3.2-6.el6_0.1.ppc64.rpm php-xml-5.3.2-6.el6_0.1.ppc64.rpm php-xmlrpc-5.3.2-6.el6_0.1.ppc64.rpm s390x: php-5.3.2-6.el6_0.1.s390x.rpm php-cli-5.3.2-6.el6_0.1.s390x.rpm php-common-5.3.2-6.el6_0.1.s390x.rpm php-debuginfo-5.3.2-6.el6_0.1.s390x.rpm php-gd-5.3.2-6.el6_0.1.s390x.rpm php-ldap-5.3.2-6.el6_0.1.s390x.rpm php-mysql-5.3.2-6.el6_0.1.s390x.rpm php-odbc-5.3.2-6.el6_0.1.s390x.rpm php-pdo-5.3.2-6.el6_0.1.s390x.rpm php-pgsql-5.3.2-6.el6_0.1.s390x.rpm php-soap-5.3.2-6.el6_0.1.s390x.rpm php-xml-5.3.2-6.el6_0.1.s390x.rpm php-xmlrpc-5.3.2-6.el6_0.1.s390x.rpm x86_64: php-5.3.2-6.el6_0.1.x86_64.rpm php-cli-5.3.2-6.el6_0.1.x86_64.rpm php-common-5.3.2-6.el6_0.1.x86_64.rpm php-debuginfo-5.3.2-6.el6_0.1.x86_64.rpm php-gd-5.3.2-6.el6_0.1.x86_64.rpm php-ldap-5.3.2-6.el6_0.1.x86_64.rpm php-mysql-5.3.2-6.el6_0.1.x86_64.rpm php-odbc-5.3.2-6.el6_0.1.x86_64.rpm php-pdo-5.3.2-6.el6_0.1.x86_64.rpm php-pgsql-5.3.2-6.el6_0.1.x86_64.rpm php-soap-5.3.2-6.el6_0.1.x86_64.rpm php-xml-5.3.2-6.el6_0.1.x86_64.rpm php-xmlrpc-5.3.2-6.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/php-5.3.2-6.el6_0.1.src.rpm i386: php-bcmath-5.3.2-6.el6_0.1.i686.rpm php-dba-5.3.2-6.el6_0.1.i686.rpm php-debuginfo-5.3.2-6.el6_0.1.i686.rpm php-devel-5.3.2-6.el6_0.1.i686.rpm php-embedded-5.3.2-6.el6_0.1.i686.rpm php-enchant-5.3.2-6.el6_0.1.i686.rpm php-imap-5.3.2-6.el6_0.1.i686.rpm php-intl-5.3.2-6.el6_0.1.i686.rpm php-mbstring-5.3.2-6.el6_0.1.i686.rpm php-process-5.3.2-6.el6_0.1.i686.rpm php-pspell-5.3.2-6.el6_0.1.i686.rpm php-recode-5.3.2-6.el6_0.1.i686.rpm php-snmp-5.3.2-6.el6_0.1.i686.rpm php-tidy-5.3.2-6.el6_0.1.i686.rpm php-zts-5.3.2-6.el6_0.1.i686.rpm ppc64: php-bcmath-5.3.2-6.el6_0.1.ppc64.rpm php-dba-5.3.2-6.el6_0.1.ppc64.rpm php-debuginfo-5.3.2-6.el6_0.1.ppc64.rpm php-devel-5.3.2-6.el6_0.1.ppc64.rpm php-embedded-5.3.2-6.el6_0.1.ppc64.rpm php-enchant-5.3.2-6.el6_0.1.ppc64.rpm php-imap-5.3.2-6.el6_0.1.ppc64.rpm php-intl-5.3.2-6.el6_0.1.ppc64.rpm php-mbstring-5.3.2-6.el6_0.1.ppc64.rpm php-process-5.3.2-6.el6_0.1.ppc64.rpm php-pspell-5.3.2-6.el6_0.1.ppc64.rpm php-recode-5.3.2-6.el6_0.1.ppc64.rpm php-snmp-5.3.2-6.el6_0.1.ppc64.rpm php-tidy-5.3.2-6.el6_0.1.ppc64.rpm php-zts-5.3.2-6.el6_0.1.ppc64.rpm s390x: php-bcmath-5.3.2-6.el6_0.1.s390x.rpm php-dba-5.3.2-6.el6_0.1.s390x.rpm php-debuginfo-5.3.2-6.el6_0.1.s390x.rpm php-devel-5.3.2-6.el6_0.1.s390x.rpm php-embedded-5.3.2-6.el6_0.1.s390x.rpm php-enchant-5.3.2-6.el6_0.1.s390x.rpm php-imap-5.3.2-6.el6_0.1.s390x.rpm php-intl-5.3.2-6.el6_0.1.s390x.rpm php-mbstring-5.3.2-6.el6_0.1.s390x.rpm php-process-5.3.2-6.el6_0.1.s390x.rpm php-pspell-5.3.2-6.el6_0.1.s390x.rpm php-recode-5.3.2-6.el6_0.1.s390x.rpm php-snmp-5.3.2-6.el6_0.1.s390x.rpm php-tidy-5.3.2-6.el6_0.1.s390x.rpm php-zts-5.3.2-6.el6_0.1.s390x.rpm x86_64: php-bcmath-5.3.2-6.el6_0.1.x86_64.rpm php-dba-5.3.2-6.el6_0.1.x86_64.rpm php-debuginfo-5.3.2-6.el6_0.1.x86_64.rpm php-devel-5.3.2-6.el6_0.1.x86_64.rpm php-embedded-5.3.2-6.el6_0.1.x86_64.rpm php-enchant-5.3.2-6.el6_0.1.x86_64.rpm php-imap-5.3.2-6.el6_0.1.x86_64.rpm php-intl-5.3.2-6.el6_0.1.x86_64.rpm php-mbstring-5.3.2-6.el6_0.1.x86_64.rpm php-process-5.3.2-6.el6_0.1.x86_64.rpm php-pspell-5.3.2-6.el6_0.1.x86_64.rpm php-recode-5.3.2-6.el6_0.1.x86_64.rpm php-snmp-5.3.2-6.el6_0.1.x86_64.rpm php-tidy-5.3.2-6.el6_0.1.x86_64.rpm php-zts-5.3.2-6.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/php-5.3.2-6.el6_0.1.src.rpm i386: php-5.3.2-6.el6_0.1.i686.rpm php-cli-5.3.2-6.el6_0.1.i686.rpm php-common-5.3.2-6.el6_0.1.i686.rpm php-debuginfo-5.3.2-6.el6_0.1.i686.rpm php-gd-5.3.2-6.el6_0.1.i686.rpm php-ldap-5.3.2-6.el6_0.1.i686.rpm php-mysql-5.3.2-6.el6_0.1.i686.rpm php-odbc-5.3.2-6.el6_0.1.i686.rpm php-pdo-5.3.2-6.el6_0.1.i686.rpm php-pgsql-5.3.2-6.el6_0.1.i686.rpm php-soap-5.3.2-6.el6_0.1.i686.rpm php-xml-5.3.2-6.el6_0.1.i686.rpm php-xmlrpc-5.3.2-6.el6_0.1.i686.rpm x86_64: php-5.3.2-6.el6_0.1.x86_64.rpm php-cli-5.3.2-6.el6_0.1.x86_64.rpm php-common-5.3.2-6.el6_0.1.x86_64.rpm php-debuginfo-5.3.2-6.el6_0.1.x86_64.rpm php-gd-5.3.2-6.el6_0.1.x86_64.rpm php-ldap-5.3.2-6.el6_0.1.x86_64.rpm php-mysql-5.3.2-6.el6_0.1.x86_64.rpm php-odbc-5.3.2-6.el6_0.1.x86_64.rpm php-pdo-5.3.2-6.el6_0.1.x86_64.rpm php-pgsql-5.3.2-6.el6_0.1.x86_64.rpm php-soap-5.3.2-6.el6_0.1.x86_64.rpm php-xml-5.3.2-6.el6_0.1.x86_64.rpm php-xmlrpc-5.3.2-6.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/php-5.3.2-6.el6_0.1.src.rpm i386: php-bcmath-5.3.2-6.el6_0.1.i686.rpm php-dba-5.3.2-6.el6_0.1.i686.rpm php-debuginfo-5.3.2-6.el6_0.1.i686.rpm php-devel-5.3.2-6.el6_0.1.i686.rpm php-embedded-5.3.2-6.el6_0.1.i686.rpm php-enchant-5.3.2-6.el6_0.1.i686.rpm php-imap-5.3.2-6.el6_0.1.i686.rpm php-intl-5.3.2-6.el6_0.1.i686.rpm php-mbstring-5.3.2-6.el6_0.1.i686.rpm php-process-5.3.2-6.el6_0.1.i686.rpm php-pspell-5.3.2-6.el6_0.1.i686.rpm php-recode-5.3.2-6.el6_0.1.i686.rpm php-snmp-5.3.2-6.el6_0.1.i686.rpm php-tidy-5.3.2-6.el6_0.1.i686.rpm php-zts-5.3.2-6.el6_0.1.i686.rpm x86_64: php-bcmath-5.3.2-6.el6_0.1.x86_64.rpm php-dba-5.3.2-6.el6_0.1.x86_64.rpm php-debuginfo-5.3.2-6.el6_0.1.x86_64.rpm php-devel-5.3.2-6.el6_0.1.x86_64.rpm php-embedded-5.3.2-6.el6_0.1.x86_64.rpm php-enchant-5.3.2-6.el6_0.1.x86_64.rpm php-imap-5.3.2-6.el6_0.1.x86_64.rpm php-intl-5.3.2-6.el6_0.1.x86_64.rpm php-mbstring-5.3.2-6.el6_0.1.x86_64.rpm php-process-5.3.2-6.el6_0.1.x86_64.rpm php-pspell-5.3.2-6.el6_0.1.x86_64.rpm php-recode-5.3.2-6.el6_0.1.x86_64.rpm php-snmp-5.3.2-6.el6_0.1.x86_64.rpm php-tidy-5.3.2-6.el6_0.1.x86_64.rpm php-zts-5.3.2-6.el6_0.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-5016.html https://www.redhat.com/security/data/cve/CVE-2010-3709.html https://www.redhat.com/security/data/cve/CVE-2010-3870.html https://www.redhat.com/security/data/cve/CVE-2010-4645.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNSw29XlSAg2UNWIIRAmCCAJkB3Vf97HutC5Ycexu/RHyfvfHV4gCgmXMN 7juA/Ff8Xn39OYOVj0rRTEg= =lYgc -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 3 20:22:24 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 3 Feb 2011 13:22:24 -0700 Subject: [RHSA-2011:0196-01] Moderate: php53 security update Message-ID: <201102032022.p13KMOhH003888@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: php53 security update Advisory ID: RHSA-2011:0196-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0196.html Issue date: 2011-02-03 CVE Names: CVE-2010-3710 CVE-2010-4156 CVE-2010-4645 ===================================================================== 1. Summary: Updated php53 packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems. (CVE-2010-4645) A stack memory exhaustion flaw was found in the way the PHP filter_var() function validated email addresses. An attacker could use this flaw to crash the PHP interpreter by providing excessively long input to be validated as an email address. (CVE-2010-3710) A memory disclosure flaw was found in the PHP multi-byte string extension. If the mb_strcut() function was called with a length argument exceeding the input string size, the function could disclose a portion of the PHP interpreter's memory. (CVE-2010-4156) All php53 users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 646684 - CVE-2010-3710 php: DoS in filter_var() via long email string 651682 - CVE-2010-4156 php information disclosure via mb_strcut() 667806 - CVE-2010-4645 php: hang on numeric value 2.2250738585072011e-308 with x87 fpu 6. Package List: RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/php53-5.3.3-1.el5_6.1.src.rpm i386: php53-5.3.3-1.el5_6.1.i386.rpm php53-bcmath-5.3.3-1.el5_6.1.i386.rpm php53-cli-5.3.3-1.el5_6.1.i386.rpm php53-common-5.3.3-1.el5_6.1.i386.rpm php53-dba-5.3.3-1.el5_6.1.i386.rpm php53-debuginfo-5.3.3-1.el5_6.1.i386.rpm php53-devel-5.3.3-1.el5_6.1.i386.rpm php53-gd-5.3.3-1.el5_6.1.i386.rpm php53-imap-5.3.3-1.el5_6.1.i386.rpm php53-intl-5.3.3-1.el5_6.1.i386.rpm php53-ldap-5.3.3-1.el5_6.1.i386.rpm php53-mbstring-5.3.3-1.el5_6.1.i386.rpm php53-mysql-5.3.3-1.el5_6.1.i386.rpm php53-odbc-5.3.3-1.el5_6.1.i386.rpm php53-pdo-5.3.3-1.el5_6.1.i386.rpm php53-pgsql-5.3.3-1.el5_6.1.i386.rpm php53-process-5.3.3-1.el5_6.1.i386.rpm php53-pspell-5.3.3-1.el5_6.1.i386.rpm php53-snmp-5.3.3-1.el5_6.1.i386.rpm php53-soap-5.3.3-1.el5_6.1.i386.rpm php53-xml-5.3.3-1.el5_6.1.i386.rpm php53-xmlrpc-5.3.3-1.el5_6.1.i386.rpm x86_64: php53-5.3.3-1.el5_6.1.x86_64.rpm php53-bcmath-5.3.3-1.el5_6.1.x86_64.rpm php53-cli-5.3.3-1.el5_6.1.x86_64.rpm php53-common-5.3.3-1.el5_6.1.x86_64.rpm php53-dba-5.3.3-1.el5_6.1.x86_64.rpm php53-debuginfo-5.3.3-1.el5_6.1.x86_64.rpm php53-devel-5.3.3-1.el5_6.1.x86_64.rpm php53-gd-5.3.3-1.el5_6.1.x86_64.rpm php53-imap-5.3.3-1.el5_6.1.x86_64.rpm php53-intl-5.3.3-1.el5_6.1.x86_64.rpm php53-ldap-5.3.3-1.el5_6.1.x86_64.rpm php53-mbstring-5.3.3-1.el5_6.1.x86_64.rpm php53-mysql-5.3.3-1.el5_6.1.x86_64.rpm php53-odbc-5.3.3-1.el5_6.1.x86_64.rpm php53-pdo-5.3.3-1.el5_6.1.x86_64.rpm php53-pgsql-5.3.3-1.el5_6.1.x86_64.rpm php53-process-5.3.3-1.el5_6.1.x86_64.rpm php53-pspell-5.3.3-1.el5_6.1.x86_64.rpm php53-snmp-5.3.3-1.el5_6.1.x86_64.rpm php53-soap-5.3.3-1.el5_6.1.x86_64.rpm php53-xml-5.3.3-1.el5_6.1.x86_64.rpm php53-xmlrpc-5.3.3-1.el5_6.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/php53-5.3.3-1.el5_6.1.src.rpm i386: php53-5.3.3-1.el5_6.1.i386.rpm php53-bcmath-5.3.3-1.el5_6.1.i386.rpm php53-cli-5.3.3-1.el5_6.1.i386.rpm php53-common-5.3.3-1.el5_6.1.i386.rpm php53-dba-5.3.3-1.el5_6.1.i386.rpm php53-debuginfo-5.3.3-1.el5_6.1.i386.rpm php53-devel-5.3.3-1.el5_6.1.i386.rpm php53-gd-5.3.3-1.el5_6.1.i386.rpm php53-imap-5.3.3-1.el5_6.1.i386.rpm php53-intl-5.3.3-1.el5_6.1.i386.rpm php53-ldap-5.3.3-1.el5_6.1.i386.rpm php53-mbstring-5.3.3-1.el5_6.1.i386.rpm php53-mysql-5.3.3-1.el5_6.1.i386.rpm php53-odbc-5.3.3-1.el5_6.1.i386.rpm php53-pdo-5.3.3-1.el5_6.1.i386.rpm php53-pgsql-5.3.3-1.el5_6.1.i386.rpm php53-process-5.3.3-1.el5_6.1.i386.rpm php53-pspell-5.3.3-1.el5_6.1.i386.rpm php53-snmp-5.3.3-1.el5_6.1.i386.rpm php53-soap-5.3.3-1.el5_6.1.i386.rpm php53-xml-5.3.3-1.el5_6.1.i386.rpm php53-xmlrpc-5.3.3-1.el5_6.1.i386.rpm ia64: php53-5.3.3-1.el5_6.1.ia64.rpm php53-bcmath-5.3.3-1.el5_6.1.ia64.rpm php53-cli-5.3.3-1.el5_6.1.ia64.rpm php53-common-5.3.3-1.el5_6.1.ia64.rpm php53-dba-5.3.3-1.el5_6.1.ia64.rpm php53-debuginfo-5.3.3-1.el5_6.1.ia64.rpm php53-devel-5.3.3-1.el5_6.1.ia64.rpm php53-gd-5.3.3-1.el5_6.1.ia64.rpm php53-imap-5.3.3-1.el5_6.1.ia64.rpm php53-intl-5.3.3-1.el5_6.1.ia64.rpm php53-ldap-5.3.3-1.el5_6.1.ia64.rpm php53-mbstring-5.3.3-1.el5_6.1.ia64.rpm php53-mysql-5.3.3-1.el5_6.1.ia64.rpm php53-odbc-5.3.3-1.el5_6.1.ia64.rpm php53-pdo-5.3.3-1.el5_6.1.ia64.rpm php53-pgsql-5.3.3-1.el5_6.1.ia64.rpm php53-process-5.3.3-1.el5_6.1.ia64.rpm php53-pspell-5.3.3-1.el5_6.1.ia64.rpm php53-snmp-5.3.3-1.el5_6.1.ia64.rpm php53-soap-5.3.3-1.el5_6.1.ia64.rpm php53-xml-5.3.3-1.el5_6.1.ia64.rpm php53-xmlrpc-5.3.3-1.el5_6.1.ia64.rpm ppc: php53-5.3.3-1.el5_6.1.ppc.rpm php53-bcmath-5.3.3-1.el5_6.1.ppc.rpm php53-cli-5.3.3-1.el5_6.1.ppc.rpm php53-common-5.3.3-1.el5_6.1.ppc.rpm php53-dba-5.3.3-1.el5_6.1.ppc.rpm php53-debuginfo-5.3.3-1.el5_6.1.ppc.rpm php53-devel-5.3.3-1.el5_6.1.ppc.rpm php53-gd-5.3.3-1.el5_6.1.ppc.rpm php53-imap-5.3.3-1.el5_6.1.ppc.rpm php53-intl-5.3.3-1.el5_6.1.ppc.rpm php53-ldap-5.3.3-1.el5_6.1.ppc.rpm php53-mbstring-5.3.3-1.el5_6.1.ppc.rpm php53-mysql-5.3.3-1.el5_6.1.ppc.rpm php53-odbc-5.3.3-1.el5_6.1.ppc.rpm php53-pdo-5.3.3-1.el5_6.1.ppc.rpm php53-pgsql-5.3.3-1.el5_6.1.ppc.rpm php53-process-5.3.3-1.el5_6.1.ppc.rpm php53-pspell-5.3.3-1.el5_6.1.ppc.rpm php53-snmp-5.3.3-1.el5_6.1.ppc.rpm php53-soap-5.3.3-1.el5_6.1.ppc.rpm php53-xml-5.3.3-1.el5_6.1.ppc.rpm php53-xmlrpc-5.3.3-1.el5_6.1.ppc.rpm s390x: php53-5.3.3-1.el5_6.1.s390x.rpm php53-bcmath-5.3.3-1.el5_6.1.s390x.rpm php53-cli-5.3.3-1.el5_6.1.s390x.rpm php53-common-5.3.3-1.el5_6.1.s390x.rpm php53-dba-5.3.3-1.el5_6.1.s390x.rpm php53-debuginfo-5.3.3-1.el5_6.1.s390x.rpm php53-devel-5.3.3-1.el5_6.1.s390x.rpm php53-gd-5.3.3-1.el5_6.1.s390x.rpm php53-imap-5.3.3-1.el5_6.1.s390x.rpm php53-intl-5.3.3-1.el5_6.1.s390x.rpm php53-ldap-5.3.3-1.el5_6.1.s390x.rpm php53-mbstring-5.3.3-1.el5_6.1.s390x.rpm php53-mysql-5.3.3-1.el5_6.1.s390x.rpm php53-odbc-5.3.3-1.el5_6.1.s390x.rpm php53-pdo-5.3.3-1.el5_6.1.s390x.rpm php53-pgsql-5.3.3-1.el5_6.1.s390x.rpm php53-process-5.3.3-1.el5_6.1.s390x.rpm php53-pspell-5.3.3-1.el5_6.1.s390x.rpm php53-snmp-5.3.3-1.el5_6.1.s390x.rpm php53-soap-5.3.3-1.el5_6.1.s390x.rpm php53-xml-5.3.3-1.el5_6.1.s390x.rpm php53-xmlrpc-5.3.3-1.el5_6.1.s390x.rpm x86_64: php53-5.3.3-1.el5_6.1.x86_64.rpm php53-bcmath-5.3.3-1.el5_6.1.x86_64.rpm php53-cli-5.3.3-1.el5_6.1.x86_64.rpm php53-common-5.3.3-1.el5_6.1.x86_64.rpm php53-dba-5.3.3-1.el5_6.1.x86_64.rpm php53-debuginfo-5.3.3-1.el5_6.1.x86_64.rpm php53-devel-5.3.3-1.el5_6.1.x86_64.rpm php53-gd-5.3.3-1.el5_6.1.x86_64.rpm php53-imap-5.3.3-1.el5_6.1.x86_64.rpm php53-intl-5.3.3-1.el5_6.1.x86_64.rpm php53-ldap-5.3.3-1.el5_6.1.x86_64.rpm php53-mbstring-5.3.3-1.el5_6.1.x86_64.rpm php53-mysql-5.3.3-1.el5_6.1.x86_64.rpm php53-odbc-5.3.3-1.el5_6.1.x86_64.rpm php53-pdo-5.3.3-1.el5_6.1.x86_64.rpm php53-pgsql-5.3.3-1.el5_6.1.x86_64.rpm php53-process-5.3.3-1.el5_6.1.x86_64.rpm php53-pspell-5.3.3-1.el5_6.1.x86_64.rpm php53-snmp-5.3.3-1.el5_6.1.x86_64.rpm php53-soap-5.3.3-1.el5_6.1.x86_64.rpm php53-xml-5.3.3-1.el5_6.1.x86_64.rpm php53-xmlrpc-5.3.3-1.el5_6.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-3710.html https://www.redhat.com/security/data/cve/CVE-2010-4156.html https://www.redhat.com/security/data/cve/CVE-2010-4645.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNSw3eXlSAg2UNWIIRAiaJAJoDxOP6+/QDpb6MOo0kklJGpjwrUQCeIMbf vOY2vd1ygsJDkxXZ8CY8IC0= =APx1 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 3 20:28:32 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 3 Feb 2011 13:28:32 -0700 Subject: [RHSA-2011:0197-01] Moderate: postgresql security update Message-ID: <201102032028.p13KSWJF024891@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: postgresql security update Advisory ID: RHSA-2011:0197-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0197.html Issue date: 2011-02-03 CVE Names: CVE-2010-4015 ===================================================================== 1. Summary: Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from an SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially-crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015) Red Hat would like to thank Geoff Keating of the Apple Product Security team for reporting this issue. For Red Hat Enterprise Linux 4, the updated postgresql packages contain a backported patch for this issue; there are no other changes. For Red Hat Enterprise Linux 5, the updated postgresql packages upgrade PostgreSQL to version 8.1.23, and contain a backported patch for this issue. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.1/static/release.html For Red Hat Enterprise Linux 6, the updated postgresql packages upgrade PostgreSQL to version 8.4.7, which includes a fix for this issue. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.4/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 664402 - CVE-2010-4015 PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/postgresql-7.4.30-1.el4_8.2.src.rpm i386: postgresql-7.4.30-1.el4_8.2.i386.rpm postgresql-contrib-7.4.30-1.el4_8.2.i386.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.i386.rpm postgresql-devel-7.4.30-1.el4_8.2.i386.rpm postgresql-docs-7.4.30-1.el4_8.2.i386.rpm postgresql-jdbc-7.4.30-1.el4_8.2.i386.rpm postgresql-libs-7.4.30-1.el4_8.2.i386.rpm postgresql-pl-7.4.30-1.el4_8.2.i386.rpm postgresql-python-7.4.30-1.el4_8.2.i386.rpm postgresql-server-7.4.30-1.el4_8.2.i386.rpm postgresql-tcl-7.4.30-1.el4_8.2.i386.rpm postgresql-test-7.4.30-1.el4_8.2.i386.rpm ia64: postgresql-7.4.30-1.el4_8.2.ia64.rpm postgresql-contrib-7.4.30-1.el4_8.2.ia64.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.i386.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.ia64.rpm postgresql-devel-7.4.30-1.el4_8.2.ia64.rpm postgresql-docs-7.4.30-1.el4_8.2.ia64.rpm postgresql-jdbc-7.4.30-1.el4_8.2.ia64.rpm postgresql-libs-7.4.30-1.el4_8.2.i386.rpm postgresql-libs-7.4.30-1.el4_8.2.ia64.rpm postgresql-pl-7.4.30-1.el4_8.2.ia64.rpm postgresql-python-7.4.30-1.el4_8.2.ia64.rpm postgresql-server-7.4.30-1.el4_8.2.ia64.rpm postgresql-tcl-7.4.30-1.el4_8.2.ia64.rpm postgresql-test-7.4.30-1.el4_8.2.ia64.rpm ppc: postgresql-7.4.30-1.el4_8.2.ppc.rpm postgresql-contrib-7.4.30-1.el4_8.2.ppc.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.ppc.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.ppc64.rpm postgresql-devel-7.4.30-1.el4_8.2.ppc.rpm postgresql-docs-7.4.30-1.el4_8.2.ppc.rpm postgresql-jdbc-7.4.30-1.el4_8.2.ppc.rpm postgresql-libs-7.4.30-1.el4_8.2.ppc.rpm postgresql-libs-7.4.30-1.el4_8.2.ppc64.rpm postgresql-pl-7.4.30-1.el4_8.2.ppc.rpm postgresql-python-7.4.30-1.el4_8.2.ppc.rpm postgresql-server-7.4.30-1.el4_8.2.ppc.rpm postgresql-tcl-7.4.30-1.el4_8.2.ppc.rpm postgresql-test-7.4.30-1.el4_8.2.ppc.rpm s390: postgresql-7.4.30-1.el4_8.2.s390.rpm postgresql-contrib-7.4.30-1.el4_8.2.s390.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.s390.rpm postgresql-devel-7.4.30-1.el4_8.2.s390.rpm postgresql-docs-7.4.30-1.el4_8.2.s390.rpm postgresql-jdbc-7.4.30-1.el4_8.2.s390.rpm postgresql-libs-7.4.30-1.el4_8.2.s390.rpm postgresql-pl-7.4.30-1.el4_8.2.s390.rpm postgresql-python-7.4.30-1.el4_8.2.s390.rpm postgresql-server-7.4.30-1.el4_8.2.s390.rpm postgresql-tcl-7.4.30-1.el4_8.2.s390.rpm postgresql-test-7.4.30-1.el4_8.2.s390.rpm s390x: postgresql-7.4.30-1.el4_8.2.s390x.rpm postgresql-contrib-7.4.30-1.el4_8.2.s390x.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.s390.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.s390x.rpm postgresql-devel-7.4.30-1.el4_8.2.s390x.rpm postgresql-docs-7.4.30-1.el4_8.2.s390x.rpm postgresql-jdbc-7.4.30-1.el4_8.2.s390x.rpm postgresql-libs-7.4.30-1.el4_8.2.s390.rpm postgresql-libs-7.4.30-1.el4_8.2.s390x.rpm postgresql-pl-7.4.30-1.el4_8.2.s390x.rpm postgresql-python-7.4.30-1.el4_8.2.s390x.rpm postgresql-server-7.4.30-1.el4_8.2.s390x.rpm postgresql-tcl-7.4.30-1.el4_8.2.s390x.rpm postgresql-test-7.4.30-1.el4_8.2.s390x.rpm x86_64: postgresql-7.4.30-1.el4_8.2.x86_64.rpm postgresql-contrib-7.4.30-1.el4_8.2.x86_64.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.i386.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.x86_64.rpm postgresql-devel-7.4.30-1.el4_8.2.x86_64.rpm postgresql-docs-7.4.30-1.el4_8.2.x86_64.rpm postgresql-jdbc-7.4.30-1.el4_8.2.x86_64.rpm postgresql-libs-7.4.30-1.el4_8.2.i386.rpm postgresql-libs-7.4.30-1.el4_8.2.x86_64.rpm postgresql-pl-7.4.30-1.el4_8.2.x86_64.rpm postgresql-python-7.4.30-1.el4_8.2.x86_64.rpm postgresql-server-7.4.30-1.el4_8.2.x86_64.rpm postgresql-tcl-7.4.30-1.el4_8.2.x86_64.rpm postgresql-test-7.4.30-1.el4_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/postgresql-7.4.30-1.el4_8.2.src.rpm i386: postgresql-7.4.30-1.el4_8.2.i386.rpm postgresql-contrib-7.4.30-1.el4_8.2.i386.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.i386.rpm postgresql-devel-7.4.30-1.el4_8.2.i386.rpm postgresql-docs-7.4.30-1.el4_8.2.i386.rpm postgresql-jdbc-7.4.30-1.el4_8.2.i386.rpm postgresql-libs-7.4.30-1.el4_8.2.i386.rpm postgresql-pl-7.4.30-1.el4_8.2.i386.rpm postgresql-python-7.4.30-1.el4_8.2.i386.rpm postgresql-server-7.4.30-1.el4_8.2.i386.rpm postgresql-tcl-7.4.30-1.el4_8.2.i386.rpm postgresql-test-7.4.30-1.el4_8.2.i386.rpm x86_64: postgresql-7.4.30-1.el4_8.2.x86_64.rpm postgresql-contrib-7.4.30-1.el4_8.2.x86_64.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.i386.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.x86_64.rpm postgresql-devel-7.4.30-1.el4_8.2.x86_64.rpm postgresql-docs-7.4.30-1.el4_8.2.x86_64.rpm postgresql-jdbc-7.4.30-1.el4_8.2.x86_64.rpm postgresql-libs-7.4.30-1.el4_8.2.i386.rpm postgresql-libs-7.4.30-1.el4_8.2.x86_64.rpm postgresql-pl-7.4.30-1.el4_8.2.x86_64.rpm postgresql-python-7.4.30-1.el4_8.2.x86_64.rpm postgresql-server-7.4.30-1.el4_8.2.x86_64.rpm postgresql-tcl-7.4.30-1.el4_8.2.x86_64.rpm postgresql-test-7.4.30-1.el4_8.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/postgresql-7.4.30-1.el4_8.2.src.rpm i386: postgresql-7.4.30-1.el4_8.2.i386.rpm postgresql-contrib-7.4.30-1.el4_8.2.i386.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.i386.rpm postgresql-devel-7.4.30-1.el4_8.2.i386.rpm postgresql-docs-7.4.30-1.el4_8.2.i386.rpm postgresql-jdbc-7.4.30-1.el4_8.2.i386.rpm postgresql-libs-7.4.30-1.el4_8.2.i386.rpm postgresql-pl-7.4.30-1.el4_8.2.i386.rpm postgresql-python-7.4.30-1.el4_8.2.i386.rpm postgresql-server-7.4.30-1.el4_8.2.i386.rpm postgresql-tcl-7.4.30-1.el4_8.2.i386.rpm postgresql-test-7.4.30-1.el4_8.2.i386.rpm ia64: postgresql-7.4.30-1.el4_8.2.ia64.rpm postgresql-contrib-7.4.30-1.el4_8.2.ia64.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.i386.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.ia64.rpm postgresql-devel-7.4.30-1.el4_8.2.ia64.rpm postgresql-docs-7.4.30-1.el4_8.2.ia64.rpm postgresql-jdbc-7.4.30-1.el4_8.2.ia64.rpm postgresql-libs-7.4.30-1.el4_8.2.i386.rpm postgresql-libs-7.4.30-1.el4_8.2.ia64.rpm postgresql-pl-7.4.30-1.el4_8.2.ia64.rpm postgresql-python-7.4.30-1.el4_8.2.ia64.rpm postgresql-server-7.4.30-1.el4_8.2.ia64.rpm postgresql-tcl-7.4.30-1.el4_8.2.ia64.rpm postgresql-test-7.4.30-1.el4_8.2.ia64.rpm x86_64: postgresql-7.4.30-1.el4_8.2.x86_64.rpm postgresql-contrib-7.4.30-1.el4_8.2.x86_64.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.i386.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.x86_64.rpm postgresql-devel-7.4.30-1.el4_8.2.x86_64.rpm postgresql-docs-7.4.30-1.el4_8.2.x86_64.rpm postgresql-jdbc-7.4.30-1.el4_8.2.x86_64.rpm postgresql-libs-7.4.30-1.el4_8.2.i386.rpm postgresql-libs-7.4.30-1.el4_8.2.x86_64.rpm postgresql-pl-7.4.30-1.el4_8.2.x86_64.rpm postgresql-python-7.4.30-1.el4_8.2.x86_64.rpm postgresql-server-7.4.30-1.el4_8.2.x86_64.rpm postgresql-tcl-7.4.30-1.el4_8.2.x86_64.rpm postgresql-test-7.4.30-1.el4_8.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/postgresql-7.4.30-1.el4_8.2.src.rpm i386: postgresql-7.4.30-1.el4_8.2.i386.rpm postgresql-contrib-7.4.30-1.el4_8.2.i386.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.i386.rpm postgresql-devel-7.4.30-1.el4_8.2.i386.rpm postgresql-docs-7.4.30-1.el4_8.2.i386.rpm postgresql-jdbc-7.4.30-1.el4_8.2.i386.rpm postgresql-libs-7.4.30-1.el4_8.2.i386.rpm postgresql-pl-7.4.30-1.el4_8.2.i386.rpm postgresql-python-7.4.30-1.el4_8.2.i386.rpm postgresql-server-7.4.30-1.el4_8.2.i386.rpm postgresql-tcl-7.4.30-1.el4_8.2.i386.rpm postgresql-test-7.4.30-1.el4_8.2.i386.rpm ia64: postgresql-7.4.30-1.el4_8.2.ia64.rpm postgresql-contrib-7.4.30-1.el4_8.2.ia64.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.i386.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.ia64.rpm postgresql-devel-7.4.30-1.el4_8.2.ia64.rpm postgresql-docs-7.4.30-1.el4_8.2.ia64.rpm postgresql-jdbc-7.4.30-1.el4_8.2.ia64.rpm postgresql-libs-7.4.30-1.el4_8.2.i386.rpm postgresql-libs-7.4.30-1.el4_8.2.ia64.rpm postgresql-pl-7.4.30-1.el4_8.2.ia64.rpm postgresql-python-7.4.30-1.el4_8.2.ia64.rpm postgresql-server-7.4.30-1.el4_8.2.ia64.rpm postgresql-tcl-7.4.30-1.el4_8.2.ia64.rpm postgresql-test-7.4.30-1.el4_8.2.ia64.rpm x86_64: postgresql-7.4.30-1.el4_8.2.x86_64.rpm postgresql-contrib-7.4.30-1.el4_8.2.x86_64.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.i386.rpm postgresql-debuginfo-7.4.30-1.el4_8.2.x86_64.rpm postgresql-devel-7.4.30-1.el4_8.2.x86_64.rpm postgresql-docs-7.4.30-1.el4_8.2.x86_64.rpm postgresql-jdbc-7.4.30-1.el4_8.2.x86_64.rpm postgresql-libs-7.4.30-1.el4_8.2.i386.rpm postgresql-libs-7.4.30-1.el4_8.2.x86_64.rpm postgresql-pl-7.4.30-1.el4_8.2.x86_64.rpm postgresql-python-7.4.30-1.el4_8.2.x86_64.rpm postgresql-server-7.4.30-1.el4_8.2.x86_64.rpm postgresql-tcl-7.4.30-1.el4_8.2.x86_64.rpm postgresql-test-7.4.30-1.el4_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql-8.1.23-1.el5_6.1.src.rpm i386: postgresql-8.1.23-1.el5_6.1.i386.rpm postgresql-contrib-8.1.23-1.el5_6.1.i386.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.i386.rpm postgresql-docs-8.1.23-1.el5_6.1.i386.rpm postgresql-libs-8.1.23-1.el5_6.1.i386.rpm postgresql-python-8.1.23-1.el5_6.1.i386.rpm postgresql-tcl-8.1.23-1.el5_6.1.i386.rpm x86_64: postgresql-8.1.23-1.el5_6.1.x86_64.rpm postgresql-contrib-8.1.23-1.el5_6.1.x86_64.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.i386.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.x86_64.rpm postgresql-docs-8.1.23-1.el5_6.1.x86_64.rpm postgresql-libs-8.1.23-1.el5_6.1.i386.rpm postgresql-libs-8.1.23-1.el5_6.1.x86_64.rpm postgresql-python-8.1.23-1.el5_6.1.x86_64.rpm postgresql-tcl-8.1.23-1.el5_6.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql-8.1.23-1.el5_6.1.src.rpm i386: postgresql-debuginfo-8.1.23-1.el5_6.1.i386.rpm postgresql-devel-8.1.23-1.el5_6.1.i386.rpm postgresql-pl-8.1.23-1.el5_6.1.i386.rpm postgresql-server-8.1.23-1.el5_6.1.i386.rpm postgresql-test-8.1.23-1.el5_6.1.i386.rpm x86_64: postgresql-debuginfo-8.1.23-1.el5_6.1.i386.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.x86_64.rpm postgresql-devel-8.1.23-1.el5_6.1.i386.rpm postgresql-devel-8.1.23-1.el5_6.1.x86_64.rpm postgresql-pl-8.1.23-1.el5_6.1.x86_64.rpm postgresql-server-8.1.23-1.el5_6.1.x86_64.rpm postgresql-test-8.1.23-1.el5_6.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/postgresql-8.1.23-1.el5_6.1.src.rpm i386: postgresql-8.1.23-1.el5_6.1.i386.rpm postgresql-contrib-8.1.23-1.el5_6.1.i386.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.i386.rpm postgresql-devel-8.1.23-1.el5_6.1.i386.rpm postgresql-docs-8.1.23-1.el5_6.1.i386.rpm postgresql-libs-8.1.23-1.el5_6.1.i386.rpm postgresql-pl-8.1.23-1.el5_6.1.i386.rpm postgresql-python-8.1.23-1.el5_6.1.i386.rpm postgresql-server-8.1.23-1.el5_6.1.i386.rpm postgresql-tcl-8.1.23-1.el5_6.1.i386.rpm postgresql-test-8.1.23-1.el5_6.1.i386.rpm ia64: postgresql-8.1.23-1.el5_6.1.ia64.rpm postgresql-contrib-8.1.23-1.el5_6.1.ia64.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.i386.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.ia64.rpm postgresql-devel-8.1.23-1.el5_6.1.ia64.rpm postgresql-docs-8.1.23-1.el5_6.1.ia64.rpm postgresql-libs-8.1.23-1.el5_6.1.i386.rpm postgresql-libs-8.1.23-1.el5_6.1.ia64.rpm postgresql-pl-8.1.23-1.el5_6.1.ia64.rpm postgresql-python-8.1.23-1.el5_6.1.ia64.rpm postgresql-server-8.1.23-1.el5_6.1.ia64.rpm postgresql-tcl-8.1.23-1.el5_6.1.ia64.rpm postgresql-test-8.1.23-1.el5_6.1.ia64.rpm ppc: postgresql-8.1.23-1.el5_6.1.ppc.rpm postgresql-8.1.23-1.el5_6.1.ppc64.rpm postgresql-contrib-8.1.23-1.el5_6.1.ppc.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.ppc.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.ppc64.rpm postgresql-devel-8.1.23-1.el5_6.1.ppc.rpm postgresql-devel-8.1.23-1.el5_6.1.ppc64.rpm postgresql-docs-8.1.23-1.el5_6.1.ppc.rpm postgresql-libs-8.1.23-1.el5_6.1.ppc.rpm postgresql-libs-8.1.23-1.el5_6.1.ppc64.rpm postgresql-pl-8.1.23-1.el5_6.1.ppc.rpm postgresql-python-8.1.23-1.el5_6.1.ppc.rpm postgresql-server-8.1.23-1.el5_6.1.ppc.rpm postgresql-tcl-8.1.23-1.el5_6.1.ppc.rpm postgresql-test-8.1.23-1.el5_6.1.ppc.rpm s390x: postgresql-8.1.23-1.el5_6.1.s390x.rpm postgresql-contrib-8.1.23-1.el5_6.1.s390x.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.s390.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.s390x.rpm postgresql-devel-8.1.23-1.el5_6.1.s390.rpm postgresql-devel-8.1.23-1.el5_6.1.s390x.rpm postgresql-docs-8.1.23-1.el5_6.1.s390x.rpm postgresql-libs-8.1.23-1.el5_6.1.s390.rpm postgresql-libs-8.1.23-1.el5_6.1.s390x.rpm postgresql-pl-8.1.23-1.el5_6.1.s390x.rpm postgresql-python-8.1.23-1.el5_6.1.s390x.rpm postgresql-server-8.1.23-1.el5_6.1.s390x.rpm postgresql-tcl-8.1.23-1.el5_6.1.s390x.rpm postgresql-test-8.1.23-1.el5_6.1.s390x.rpm x86_64: postgresql-8.1.23-1.el5_6.1.x86_64.rpm postgresql-contrib-8.1.23-1.el5_6.1.x86_64.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.i386.rpm postgresql-debuginfo-8.1.23-1.el5_6.1.x86_64.rpm postgresql-devel-8.1.23-1.el5_6.1.i386.rpm postgresql-devel-8.1.23-1.el5_6.1.x86_64.rpm postgresql-docs-8.1.23-1.el5_6.1.x86_64.rpm postgresql-libs-8.1.23-1.el5_6.1.i386.rpm postgresql-libs-8.1.23-1.el5_6.1.x86_64.rpm postgresql-pl-8.1.23-1.el5_6.1.x86_64.rpm postgresql-python-8.1.23-1.el5_6.1.x86_64.rpm postgresql-server-8.1.23-1.el5_6.1.x86_64.rpm postgresql-tcl-8.1.23-1.el5_6.1.x86_64.rpm postgresql-test-8.1.23-1.el5_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/postgresql-8.4.7-1.el6_0.1.src.rpm i386: postgresql-debuginfo-8.4.7-1.el6_0.1.i686.rpm postgresql-libs-8.4.7-1.el6_0.1.i686.rpm x86_64: postgresql-debuginfo-8.4.7-1.el6_0.1.i686.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.x86_64.rpm postgresql-libs-8.4.7-1.el6_0.1.i686.rpm postgresql-libs-8.4.7-1.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/postgresql-8.4.7-1.el6_0.1.src.rpm i386: postgresql-8.4.7-1.el6_0.1.i686.rpm postgresql-contrib-8.4.7-1.el6_0.1.i686.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.i686.rpm postgresql-devel-8.4.7-1.el6_0.1.i686.rpm postgresql-docs-8.4.7-1.el6_0.1.i686.rpm postgresql-plperl-8.4.7-1.el6_0.1.i686.rpm postgresql-plpython-8.4.7-1.el6_0.1.i686.rpm postgresql-pltcl-8.4.7-1.el6_0.1.i686.rpm postgresql-server-8.4.7-1.el6_0.1.i686.rpm postgresql-test-8.4.7-1.el6_0.1.i686.rpm x86_64: postgresql-8.4.7-1.el6_0.1.x86_64.rpm postgresql-contrib-8.4.7-1.el6_0.1.x86_64.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.i686.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.x86_64.rpm postgresql-devel-8.4.7-1.el6_0.1.i686.rpm postgresql-devel-8.4.7-1.el6_0.1.x86_64.rpm postgresql-docs-8.4.7-1.el6_0.1.x86_64.rpm postgresql-plperl-8.4.7-1.el6_0.1.x86_64.rpm postgresql-plpython-8.4.7-1.el6_0.1.x86_64.rpm postgresql-pltcl-8.4.7-1.el6_0.1.x86_64.rpm postgresql-server-8.4.7-1.el6_0.1.x86_64.rpm postgresql-test-8.4.7-1.el6_0.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/postgresql-8.4.7-1.el6_0.1.src.rpm x86_64: postgresql-8.4.7-1.el6_0.1.x86_64.rpm postgresql-contrib-8.4.7-1.el6_0.1.x86_64.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.i686.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.x86_64.rpm postgresql-devel-8.4.7-1.el6_0.1.i686.rpm postgresql-devel-8.4.7-1.el6_0.1.x86_64.rpm postgresql-docs-8.4.7-1.el6_0.1.x86_64.rpm postgresql-libs-8.4.7-1.el6_0.1.i686.rpm postgresql-libs-8.4.7-1.el6_0.1.x86_64.rpm postgresql-plperl-8.4.7-1.el6_0.1.x86_64.rpm postgresql-plpython-8.4.7-1.el6_0.1.x86_64.rpm postgresql-pltcl-8.4.7-1.el6_0.1.x86_64.rpm postgresql-server-8.4.7-1.el6_0.1.x86_64.rpm postgresql-test-8.4.7-1.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/postgresql-8.4.7-1.el6_0.1.src.rpm i386: postgresql-8.4.7-1.el6_0.1.i686.rpm postgresql-contrib-8.4.7-1.el6_0.1.i686.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.i686.rpm postgresql-devel-8.4.7-1.el6_0.1.i686.rpm postgresql-docs-8.4.7-1.el6_0.1.i686.rpm postgresql-libs-8.4.7-1.el6_0.1.i686.rpm postgresql-plperl-8.4.7-1.el6_0.1.i686.rpm postgresql-plpython-8.4.7-1.el6_0.1.i686.rpm postgresql-pltcl-8.4.7-1.el6_0.1.i686.rpm postgresql-server-8.4.7-1.el6_0.1.i686.rpm postgresql-test-8.4.7-1.el6_0.1.i686.rpm ppc64: postgresql-8.4.7-1.el6_0.1.ppc64.rpm postgresql-contrib-8.4.7-1.el6_0.1.ppc64.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.ppc.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.ppc64.rpm postgresql-devel-8.4.7-1.el6_0.1.ppc.rpm postgresql-devel-8.4.7-1.el6_0.1.ppc64.rpm postgresql-docs-8.4.7-1.el6_0.1.ppc64.rpm postgresql-libs-8.4.7-1.el6_0.1.ppc.rpm postgresql-libs-8.4.7-1.el6_0.1.ppc64.rpm postgresql-plperl-8.4.7-1.el6_0.1.ppc64.rpm postgresql-plpython-8.4.7-1.el6_0.1.ppc64.rpm postgresql-pltcl-8.4.7-1.el6_0.1.ppc64.rpm postgresql-server-8.4.7-1.el6_0.1.ppc64.rpm postgresql-test-8.4.7-1.el6_0.1.ppc64.rpm s390x: postgresql-8.4.7-1.el6_0.1.s390x.rpm postgresql-contrib-8.4.7-1.el6_0.1.s390x.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.s390.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.s390x.rpm postgresql-devel-8.4.7-1.el6_0.1.s390.rpm postgresql-devel-8.4.7-1.el6_0.1.s390x.rpm postgresql-docs-8.4.7-1.el6_0.1.s390x.rpm postgresql-libs-8.4.7-1.el6_0.1.s390.rpm postgresql-libs-8.4.7-1.el6_0.1.s390x.rpm postgresql-plperl-8.4.7-1.el6_0.1.s390x.rpm postgresql-plpython-8.4.7-1.el6_0.1.s390x.rpm postgresql-pltcl-8.4.7-1.el6_0.1.s390x.rpm postgresql-server-8.4.7-1.el6_0.1.s390x.rpm postgresql-test-8.4.7-1.el6_0.1.s390x.rpm x86_64: postgresql-8.4.7-1.el6_0.1.x86_64.rpm postgresql-contrib-8.4.7-1.el6_0.1.x86_64.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.i686.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.x86_64.rpm postgresql-devel-8.4.7-1.el6_0.1.i686.rpm postgresql-devel-8.4.7-1.el6_0.1.x86_64.rpm postgresql-docs-8.4.7-1.el6_0.1.x86_64.rpm postgresql-libs-8.4.7-1.el6_0.1.i686.rpm postgresql-libs-8.4.7-1.el6_0.1.x86_64.rpm postgresql-plperl-8.4.7-1.el6_0.1.x86_64.rpm postgresql-plpython-8.4.7-1.el6_0.1.x86_64.rpm postgresql-pltcl-8.4.7-1.el6_0.1.x86_64.rpm postgresql-server-8.4.7-1.el6_0.1.x86_64.rpm postgresql-test-8.4.7-1.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/postgresql-8.4.7-1.el6_0.1.src.rpm i386: postgresql-8.4.7-1.el6_0.1.i686.rpm postgresql-contrib-8.4.7-1.el6_0.1.i686.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.i686.rpm postgresql-devel-8.4.7-1.el6_0.1.i686.rpm postgresql-docs-8.4.7-1.el6_0.1.i686.rpm postgresql-libs-8.4.7-1.el6_0.1.i686.rpm postgresql-plperl-8.4.7-1.el6_0.1.i686.rpm postgresql-plpython-8.4.7-1.el6_0.1.i686.rpm postgresql-pltcl-8.4.7-1.el6_0.1.i686.rpm postgresql-server-8.4.7-1.el6_0.1.i686.rpm postgresql-test-8.4.7-1.el6_0.1.i686.rpm x86_64: postgresql-8.4.7-1.el6_0.1.x86_64.rpm postgresql-contrib-8.4.7-1.el6_0.1.x86_64.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.i686.rpm postgresql-debuginfo-8.4.7-1.el6_0.1.x86_64.rpm postgresql-devel-8.4.7-1.el6_0.1.i686.rpm postgresql-devel-8.4.7-1.el6_0.1.x86_64.rpm postgresql-docs-8.4.7-1.el6_0.1.x86_64.rpm postgresql-libs-8.4.7-1.el6_0.1.i686.rpm postgresql-libs-8.4.7-1.el6_0.1.x86_64.rpm postgresql-plperl-8.4.7-1.el6_0.1.x86_64.rpm postgresql-plpython-8.4.7-1.el6_0.1.x86_64.rpm postgresql-pltcl-8.4.7-1.el6_0.1.x86_64.rpm postgresql-server-8.4.7-1.el6_0.1.x86_64.rpm postgresql-test-8.4.7-1.el6_0.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4015.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNSw8IXlSAg2UNWIIRAtTbAKCTnJhgfhy/XxChYMU3qLuIyrAm0wCeKZFX ZhSQso3cbaFOLuSB9USVvPE= =fMAp -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 3 20:42:12 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 3 Feb 2011 13:42:12 -0700 Subject: [RHSA-2011:0198-01] Moderate: postgresql84 security update Message-ID: <201102032042.p13KgCvM029245@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: postgresql84 security update Advisory ID: RHSA-2011:0198-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0198.html Issue date: 2011-02-03 CVE Names: CVE-2010-4015 ===================================================================== 1. Summary: Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from an SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially-crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015) Red Hat would like to thank Geoff Keating of the Apple Product Security team for reporting this issue. These updated postgresql84 packages upgrade PostgreSQL to version 8.4.7. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.4/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 664402 - CVE-2010-4015 PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql84-8.4.7-1.el5_6.1.src.rpm i386: postgresql84-8.4.7-1.el5_6.1.i386.rpm postgresql84-contrib-8.4.7-1.el5_6.1.i386.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.i386.rpm postgresql84-docs-8.4.7-1.el5_6.1.i386.rpm postgresql84-libs-8.4.7-1.el5_6.1.i386.rpm postgresql84-python-8.4.7-1.el5_6.1.i386.rpm postgresql84-tcl-8.4.7-1.el5_6.1.i386.rpm x86_64: postgresql84-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-contrib-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.i386.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-docs-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-libs-8.4.7-1.el5_6.1.i386.rpm postgresql84-libs-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-python-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-tcl-8.4.7-1.el5_6.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql84-8.4.7-1.el5_6.1.src.rpm i386: postgresql84-debuginfo-8.4.7-1.el5_6.1.i386.rpm postgresql84-devel-8.4.7-1.el5_6.1.i386.rpm postgresql84-plperl-8.4.7-1.el5_6.1.i386.rpm postgresql84-plpython-8.4.7-1.el5_6.1.i386.rpm postgresql84-pltcl-8.4.7-1.el5_6.1.i386.rpm postgresql84-server-8.4.7-1.el5_6.1.i386.rpm postgresql84-test-8.4.7-1.el5_6.1.i386.rpm x86_64: postgresql84-debuginfo-8.4.7-1.el5_6.1.i386.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-devel-8.4.7-1.el5_6.1.i386.rpm postgresql84-devel-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-plperl-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-plpython-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-pltcl-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-server-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-test-8.4.7-1.el5_6.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/postgresql84-8.4.7-1.el5_6.1.src.rpm i386: postgresql84-8.4.7-1.el5_6.1.i386.rpm postgresql84-contrib-8.4.7-1.el5_6.1.i386.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.i386.rpm postgresql84-devel-8.4.7-1.el5_6.1.i386.rpm postgresql84-docs-8.4.7-1.el5_6.1.i386.rpm postgresql84-libs-8.4.7-1.el5_6.1.i386.rpm postgresql84-plperl-8.4.7-1.el5_6.1.i386.rpm postgresql84-plpython-8.4.7-1.el5_6.1.i386.rpm postgresql84-pltcl-8.4.7-1.el5_6.1.i386.rpm postgresql84-python-8.4.7-1.el5_6.1.i386.rpm postgresql84-server-8.4.7-1.el5_6.1.i386.rpm postgresql84-tcl-8.4.7-1.el5_6.1.i386.rpm postgresql84-test-8.4.7-1.el5_6.1.i386.rpm ia64: postgresql84-8.4.7-1.el5_6.1.ia64.rpm postgresql84-contrib-8.4.7-1.el5_6.1.ia64.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.ia64.rpm postgresql84-devel-8.4.7-1.el5_6.1.ia64.rpm postgresql84-docs-8.4.7-1.el5_6.1.ia64.rpm postgresql84-libs-8.4.7-1.el5_6.1.ia64.rpm postgresql84-plperl-8.4.7-1.el5_6.1.ia64.rpm postgresql84-plpython-8.4.7-1.el5_6.1.ia64.rpm postgresql84-pltcl-8.4.7-1.el5_6.1.ia64.rpm postgresql84-python-8.4.7-1.el5_6.1.ia64.rpm postgresql84-server-8.4.7-1.el5_6.1.ia64.rpm postgresql84-tcl-8.4.7-1.el5_6.1.ia64.rpm postgresql84-test-8.4.7-1.el5_6.1.ia64.rpm ppc: postgresql84-8.4.7-1.el5_6.1.ppc.rpm postgresql84-8.4.7-1.el5_6.1.ppc64.rpm postgresql84-contrib-8.4.7-1.el5_6.1.ppc.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.ppc.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.ppc64.rpm postgresql84-devel-8.4.7-1.el5_6.1.ppc.rpm postgresql84-devel-8.4.7-1.el5_6.1.ppc64.rpm postgresql84-docs-8.4.7-1.el5_6.1.ppc.rpm postgresql84-libs-8.4.7-1.el5_6.1.ppc.rpm postgresql84-libs-8.4.7-1.el5_6.1.ppc64.rpm postgresql84-plperl-8.4.7-1.el5_6.1.ppc.rpm postgresql84-plpython-8.4.7-1.el5_6.1.ppc.rpm postgresql84-pltcl-8.4.7-1.el5_6.1.ppc.rpm postgresql84-python-8.4.7-1.el5_6.1.ppc.rpm postgresql84-server-8.4.7-1.el5_6.1.ppc.rpm postgresql84-tcl-8.4.7-1.el5_6.1.ppc.rpm postgresql84-test-8.4.7-1.el5_6.1.ppc.rpm s390x: postgresql84-8.4.7-1.el5_6.1.s390x.rpm postgresql84-contrib-8.4.7-1.el5_6.1.s390x.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.s390.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.s390x.rpm postgresql84-devel-8.4.7-1.el5_6.1.s390.rpm postgresql84-devel-8.4.7-1.el5_6.1.s390x.rpm postgresql84-docs-8.4.7-1.el5_6.1.s390x.rpm postgresql84-libs-8.4.7-1.el5_6.1.s390.rpm postgresql84-libs-8.4.7-1.el5_6.1.s390x.rpm postgresql84-plperl-8.4.7-1.el5_6.1.s390x.rpm postgresql84-plpython-8.4.7-1.el5_6.1.s390x.rpm postgresql84-pltcl-8.4.7-1.el5_6.1.s390x.rpm postgresql84-python-8.4.7-1.el5_6.1.s390x.rpm postgresql84-server-8.4.7-1.el5_6.1.s390x.rpm postgresql84-tcl-8.4.7-1.el5_6.1.s390x.rpm postgresql84-test-8.4.7-1.el5_6.1.s390x.rpm x86_64: postgresql84-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-contrib-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.i386.rpm postgresql84-debuginfo-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-devel-8.4.7-1.el5_6.1.i386.rpm postgresql84-devel-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-docs-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-libs-8.4.7-1.el5_6.1.i386.rpm postgresql84-libs-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-plperl-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-plpython-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-pltcl-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-python-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-server-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-tcl-8.4.7-1.el5_6.1.x86_64.rpm postgresql84-test-8.4.7-1.el5_6.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4015.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNSxKFXlSAg2UNWIIRAi5DAJ0ZcFDRrZtnLCgNJ2rr2CqY07xF9QCgsJcS vnKWNeNXZJxpv5xL2loC65M= =vcK9 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 8 21:57:52 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 8 Feb 2011 14:57:52 -0700 Subject: [RHSA-2011:0199-01] Important: krb5 security update Message-ID: <201102082157.p18LvqkP025023@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: krb5 security update Advisory ID: RHSA-2011:0199-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0199.html Issue date: 2011-02-08 CVE Names: CVE-2011-0281 CVE-2011-0282 ===================================================================== 1. Summary: Updated krb5 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center (KDC). A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed principal names that were not null terminated, when the KDC was configured to use an LDAP back end. A remote attacker could use this flaw to crash the KDC via a specially-crafted request. (CVE-2011-0282) A denial of service flaw was found in the way the MIT Kerberos KDC processed certain principal names when the KDC was configured to use an LDAP back end. A remote attacker could use this flaw to cause the KDC to hang via a specially-crafted request. (CVE-2011-0281) Red Hat would like to thank the MIT Kerberos Team for reporting these issues. Upstream acknowledges Kevin Longfellow of Oracle Corporation as the original reporter of the CVE-2011-0281 issue. All krb5 users should upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the updated packages, the krb5kdc daemon will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 668719 - CVE-2011-0281 krb5: KDC hang when using LDAP backend caused by special principal name (MITKRB5-SA-2011-002) 668726 - CVE-2011-0282 krb5: KDC crash when using LDAP backend caused by a special principal name (MITKRB5-SA-2011-002) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/krb5-1.6.1-55.el5_6.1.src.rpm i386: krb5-debuginfo-1.6.1-55.el5_6.1.i386.rpm krb5-libs-1.6.1-55.el5_6.1.i386.rpm krb5-workstation-1.6.1-55.el5_6.1.i386.rpm x86_64: krb5-debuginfo-1.6.1-55.el5_6.1.i386.rpm krb5-debuginfo-1.6.1-55.el5_6.1.x86_64.rpm krb5-libs-1.6.1-55.el5_6.1.i386.rpm krb5-libs-1.6.1-55.el5_6.1.x86_64.rpm krb5-workstation-1.6.1-55.el5_6.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/krb5-1.6.1-55.el5_6.1.src.rpm i386: krb5-debuginfo-1.6.1-55.el5_6.1.i386.rpm krb5-devel-1.6.1-55.el5_6.1.i386.rpm krb5-server-1.6.1-55.el5_6.1.i386.rpm krb5-server-ldap-1.6.1-55.el5_6.1.i386.rpm x86_64: krb5-debuginfo-1.6.1-55.el5_6.1.i386.rpm krb5-debuginfo-1.6.1-55.el5_6.1.x86_64.rpm krb5-devel-1.6.1-55.el5_6.1.i386.rpm krb5-devel-1.6.1-55.el5_6.1.x86_64.rpm krb5-server-1.6.1-55.el5_6.1.x86_64.rpm krb5-server-ldap-1.6.1-55.el5_6.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/krb5-1.6.1-55.el5_6.1.src.rpm i386: krb5-debuginfo-1.6.1-55.el5_6.1.i386.rpm krb5-devel-1.6.1-55.el5_6.1.i386.rpm krb5-libs-1.6.1-55.el5_6.1.i386.rpm krb5-server-1.6.1-55.el5_6.1.i386.rpm krb5-server-ldap-1.6.1-55.el5_6.1.i386.rpm krb5-workstation-1.6.1-55.el5_6.1.i386.rpm ia64: krb5-debuginfo-1.6.1-55.el5_6.1.i386.rpm krb5-debuginfo-1.6.1-55.el5_6.1.ia64.rpm krb5-devel-1.6.1-55.el5_6.1.ia64.rpm krb5-libs-1.6.1-55.el5_6.1.i386.rpm krb5-libs-1.6.1-55.el5_6.1.ia64.rpm krb5-server-1.6.1-55.el5_6.1.ia64.rpm krb5-server-ldap-1.6.1-55.el5_6.1.ia64.rpm krb5-workstation-1.6.1-55.el5_6.1.ia64.rpm ppc: krb5-debuginfo-1.6.1-55.el5_6.1.ppc.rpm krb5-debuginfo-1.6.1-55.el5_6.1.ppc64.rpm krb5-devel-1.6.1-55.el5_6.1.ppc.rpm krb5-devel-1.6.1-55.el5_6.1.ppc64.rpm krb5-libs-1.6.1-55.el5_6.1.ppc.rpm krb5-libs-1.6.1-55.el5_6.1.ppc64.rpm krb5-server-1.6.1-55.el5_6.1.ppc.rpm krb5-server-ldap-1.6.1-55.el5_6.1.ppc.rpm krb5-workstation-1.6.1-55.el5_6.1.ppc.rpm s390x: krb5-debuginfo-1.6.1-55.el5_6.1.s390.rpm krb5-debuginfo-1.6.1-55.el5_6.1.s390x.rpm krb5-devel-1.6.1-55.el5_6.1.s390.rpm krb5-devel-1.6.1-55.el5_6.1.s390x.rpm krb5-libs-1.6.1-55.el5_6.1.s390.rpm krb5-libs-1.6.1-55.el5_6.1.s390x.rpm krb5-server-1.6.1-55.el5_6.1.s390x.rpm krb5-server-ldap-1.6.1-55.el5_6.1.s390x.rpm krb5-workstation-1.6.1-55.el5_6.1.s390x.rpm x86_64: krb5-debuginfo-1.6.1-55.el5_6.1.i386.rpm krb5-debuginfo-1.6.1-55.el5_6.1.x86_64.rpm krb5-devel-1.6.1-55.el5_6.1.i386.rpm krb5-devel-1.6.1-55.el5_6.1.x86_64.rpm krb5-libs-1.6.1-55.el5_6.1.i386.rpm krb5-libs-1.6.1-55.el5_6.1.x86_64.rpm krb5-server-1.6.1-55.el5_6.1.x86_64.rpm krb5-server-ldap-1.6.1-55.el5_6.1.x86_64.rpm krb5-workstation-1.6.1-55.el5_6.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-0281.html https://www.redhat.com/security/data/cve/CVE-2011-0282.html https://access.redhat.com/security/updates/classification/#important http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNUbtwXlSAg2UNWIIRAl+zAJ9KDJCvdD1J3OGmJq03zG4JvGT6cgCbBKnI cFXniSBW0KNU6Bts2a1e2JA= =eu30 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 8 21:58:43 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 8 Feb 2011 14:58:43 -0700 Subject: [RHSA-2011:0200-01] Important: krb5 security update Message-ID: <201102082158.p18LwhxC027152@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: krb5 security update Advisory ID: RHSA-2011:0200-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0200.html Issue date: 2011-02-08 CVE Names: CVE-2010-4022 CVE-2011-0281 CVE-2011-0282 ===================================================================== 1. Summary: Updated krb5 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center (KDC). A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed principal names that were not null terminated, when the KDC was configured to use an LDAP back end. A remote attacker could use this flaw to crash the KDC via a specially-crafted request. (CVE-2011-0282) A denial of service flaw was found in the way the MIT Kerberos KDC processed certain principal names when the KDC was configured to use an LDAP back end. A remote attacker could use this flaw to cause the KDC to hang via a specially-crafted request. (CVE-2011-0281) A denial of service flaw was found in the way the MIT Kerberos V5 slave KDC update server (kpropd) processed certain update requests for KDC database propagation. A remote attacker could use this flaw to terminate the kpropd daemon via a specially-crafted update request. (CVE-2010-4022) Red Hat would like to thank the MIT Kerberos Team for reporting the CVE-2011-0282 and CVE-2011-0281 issues. Upstream acknowledges Kevin Longfellow of Oracle Corporation as the original reporter of the CVE-2011-0281 issue. All krb5 users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the krb5kdc daemon will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 664009 - CVE-2010-4022 krb5: kpropd unexpected termination on invalid input (MITKRB5-SA-2011-001) 668719 - CVE-2011-0281 krb5: KDC hang when using LDAP backend caused by special principal name (MITKRB5-SA-2011-002) 668726 - CVE-2011-0282 krb5: KDC crash when using LDAP backend caused by a special principal name (MITKRB5-SA-2011-002) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/krb5-1.8.2-3.el6_0.4.src.rpm i386: krb5-debuginfo-1.8.2-3.el6_0.4.i686.rpm krb5-libs-1.8.2-3.el6_0.4.i686.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.4.i686.rpm krb5-workstation-1.8.2-3.el6_0.4.i686.rpm x86_64: krb5-debuginfo-1.8.2-3.el6_0.4.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.4.x86_64.rpm krb5-libs-1.8.2-3.el6_0.4.i686.rpm krb5-libs-1.8.2-3.el6_0.4.x86_64.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.4.x86_64.rpm krb5-workstation-1.8.2-3.el6_0.4.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/krb5-1.8.2-3.el6_0.4.src.rpm i386: krb5-debuginfo-1.8.2-3.el6_0.4.i686.rpm krb5-devel-1.8.2-3.el6_0.4.i686.rpm krb5-server-1.8.2-3.el6_0.4.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.4.i686.rpm x86_64: krb5-debuginfo-1.8.2-3.el6_0.4.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.4.x86_64.rpm krb5-devel-1.8.2-3.el6_0.4.i686.rpm krb5-devel-1.8.2-3.el6_0.4.x86_64.rpm krb5-server-1.8.2-3.el6_0.4.x86_64.rpm krb5-server-ldap-1.8.2-3.el6_0.4.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.4.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/krb5-1.8.2-3.el6_0.4.src.rpm x86_64: krb5-debuginfo-1.8.2-3.el6_0.4.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.4.x86_64.rpm krb5-libs-1.8.2-3.el6_0.4.i686.rpm krb5-libs-1.8.2-3.el6_0.4.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/krb5-1.8.2-3.el6_0.4.src.rpm x86_64: krb5-debuginfo-1.8.2-3.el6_0.4.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.4.x86_64.rpm krb5-devel-1.8.2-3.el6_0.4.i686.rpm krb5-devel-1.8.2-3.el6_0.4.x86_64.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.4.x86_64.rpm krb5-server-1.8.2-3.el6_0.4.x86_64.rpm krb5-server-ldap-1.8.2-3.el6_0.4.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.4.x86_64.rpm krb5-workstation-1.8.2-3.el6_0.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/krb5-1.8.2-3.el6_0.4.src.rpm i386: krb5-debuginfo-1.8.2-3.el6_0.4.i686.rpm krb5-devel-1.8.2-3.el6_0.4.i686.rpm krb5-libs-1.8.2-3.el6_0.4.i686.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.4.i686.rpm krb5-server-1.8.2-3.el6_0.4.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.4.i686.rpm krb5-workstation-1.8.2-3.el6_0.4.i686.rpm ppc64: krb5-debuginfo-1.8.2-3.el6_0.4.ppc.rpm krb5-debuginfo-1.8.2-3.el6_0.4.ppc64.rpm krb5-devel-1.8.2-3.el6_0.4.ppc.rpm krb5-devel-1.8.2-3.el6_0.4.ppc64.rpm krb5-libs-1.8.2-3.el6_0.4.ppc.rpm krb5-libs-1.8.2-3.el6_0.4.ppc64.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.4.ppc64.rpm krb5-server-1.8.2-3.el6_0.4.ppc64.rpm krb5-server-ldap-1.8.2-3.el6_0.4.ppc.rpm krb5-server-ldap-1.8.2-3.el6_0.4.ppc64.rpm krb5-workstation-1.8.2-3.el6_0.4.ppc64.rpm s390x: krb5-debuginfo-1.8.2-3.el6_0.4.s390.rpm krb5-debuginfo-1.8.2-3.el6_0.4.s390x.rpm krb5-devel-1.8.2-3.el6_0.4.s390.rpm krb5-devel-1.8.2-3.el6_0.4.s390x.rpm krb5-libs-1.8.2-3.el6_0.4.s390.rpm krb5-libs-1.8.2-3.el6_0.4.s390x.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.4.s390x.rpm krb5-server-1.8.2-3.el6_0.4.s390x.rpm krb5-server-ldap-1.8.2-3.el6_0.4.s390.rpm krb5-server-ldap-1.8.2-3.el6_0.4.s390x.rpm krb5-workstation-1.8.2-3.el6_0.4.s390x.rpm x86_64: krb5-debuginfo-1.8.2-3.el6_0.4.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.4.x86_64.rpm krb5-devel-1.8.2-3.el6_0.4.i686.rpm krb5-devel-1.8.2-3.el6_0.4.x86_64.rpm krb5-libs-1.8.2-3.el6_0.4.i686.rpm krb5-libs-1.8.2-3.el6_0.4.x86_64.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.4.x86_64.rpm krb5-server-1.8.2-3.el6_0.4.x86_64.rpm krb5-server-ldap-1.8.2-3.el6_0.4.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.4.x86_64.rpm krb5-workstation-1.8.2-3.el6_0.4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/krb5-1.8.2-3.el6_0.4.src.rpm i386: krb5-debuginfo-1.8.2-3.el6_0.4.i686.rpm krb5-devel-1.8.2-3.el6_0.4.i686.rpm krb5-libs-1.8.2-3.el6_0.4.i686.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.4.i686.rpm krb5-server-1.8.2-3.el6_0.4.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.4.i686.rpm krb5-workstation-1.8.2-3.el6_0.4.i686.rpm x86_64: krb5-debuginfo-1.8.2-3.el6_0.4.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.4.x86_64.rpm krb5-devel-1.8.2-3.el6_0.4.i686.rpm krb5-devel-1.8.2-3.el6_0.4.x86_64.rpm krb5-libs-1.8.2-3.el6_0.4.i686.rpm krb5-libs-1.8.2-3.el6_0.4.x86_64.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.4.x86_64.rpm krb5-server-1.8.2-3.el6_0.4.x86_64.rpm krb5-server-ldap-1.8.2-3.el6_0.4.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.4.x86_64.rpm krb5-workstation-1.8.2-3.el6_0.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4022.html https://www.redhat.com/security/data/cve/CVE-2011-0281.html https://www.redhat.com/security/data/cve/CVE-2011-0282.html https://access.redhat.com/security/updates/classification/#important http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-001.txt http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNUbvWXlSAg2UNWIIRAkU0AJ9RXk+iEfizvRZgoOd127FjB0OT8QCeONSk Ja3dA5C+cjH1SYA93gg13s8= =yR4Z -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 9 18:00:02 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 9 Feb 2011 11:00:02 -0700 Subject: [RHSA-2011:0206-01] Critical: flash-plugin security update Message-ID: <201102091800.p19I03jp027782@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2011:0206-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0206.html Issue date: 2011-02-09 CVE Names: CVE-2011-0558 CVE-2011-0559 CVE-2011-0560 CVE-2011-0561 CVE-2011-0571 CVE-2011-0572 CVE-2011-0573 CVE-2011-0574 CVE-2011-0575 CVE-2011-0577 CVE-2011-0578 CVE-2011-0607 CVE-2011-0608 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Supplementary (v. 5.6.Z server) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB11-02, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content. (CVE-2011-0558, CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0575, CVE-2011-0577, CVE-2011-0578, CVE-2011-0607, CVE-2011-0608) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.2.152.27. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 676226 - CVE-2011-0558 CVE-2011-0559 CVE-2011-0560 CVE-2011-0561 CVE-2011-0571 CVE-2011-0572 CVE-2011-0573 CVE-2011-0574 CVE-2011-0575 CVE-2011-0577 CVE-2011-0578 CVE-2011-0607 CVE-2011-0608 flash-plugin: multiple code execution flaws (APSB11-02) 6. Package List: RHEL Supplementary (v. 5.6.Z server): i386: flash-plugin-10.2.152.27-1.el5.i386.rpm x86_64: flash-plugin-10.2.152.27-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-10.2.152.27-1.el6.i686.rpm x86_64: flash-plugin-10.2.152.27-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-10.2.152.27-1.el6.i686.rpm x86_64: flash-plugin-10.2.152.27-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-10.2.152.27-1.el6.i686.rpm x86_64: flash-plugin-10.2.152.27-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-0558.html https://www.redhat.com/security/data/cve/CVE-2011-0559.html https://www.redhat.com/security/data/cve/CVE-2011-0560.html https://www.redhat.com/security/data/cve/CVE-2011-0561.html https://www.redhat.com/security/data/cve/CVE-2011-0571.html https://www.redhat.com/security/data/cve/CVE-2011-0572.html https://www.redhat.com/security/data/cve/CVE-2011-0573.html https://www.redhat.com/security/data/cve/CVE-2011-0574.html https://www.redhat.com/security/data/cve/CVE-2011-0575.html https://www.redhat.com/security/data/cve/CVE-2011-0577.html https://www.redhat.com/security/data/cve/CVE-2011-0578.html https://www.redhat.com/security/data/cve/CVE-2011-0607.html https://www.redhat.com/security/data/cve/CVE-2011-0608.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-02.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNUtVuXlSAg2UNWIIRAnbiAJ0Tx+e9JYyDpyRsAhy6MSpO6M2abACeNbsn SqPHWwIW6QHR2XSZlXO0OHY= =IetD -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Feb 11 00:54:15 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 10 Feb 2011 17:54:15 -0700 Subject: [RHSA-2011:0214-01] Moderate: java-1.6.0-openjdk security update Message-ID: <201102110054.p1B0sFQc012774@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.6.0-openjdk security update Advisory ID: RHSA-2011:0214-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0214.html Issue date: 2011-02-10 CVE Names: CVE-2010-4476 ===================================================================== 1. Summary: Updated java-1.6.0-openjdk packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. A denial of service flaw was found in the way certain strings were converted to Double objects. A remote attacker could use this flaw to cause Java-based applications to hang, for instance if they parse Double values in a specially-crafted HTTP request. (CVE-2010-4476) All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve this issue. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 674336 - CVE-2010-4476 JDK Double.parseDouble Denial-Of-Service 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.18.b17.el5.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.18.b17.el5.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.18.b17.el5.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.18.b17.el5.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.18.b17.el5.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.18.b17.el5.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.18.b17.el5.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.18.b17.el5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.18.b17.el5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.18.b17.el5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.18.b17.el5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.18.b17.el5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.18.b17.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.18.b17.el5.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.18.b17.el5.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.18.b17.el5.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.18.b17.el5.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.18.b17.el5.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.18.b17.el5.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.18.b17.el5.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.18.b17.el5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.18.b17.el5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.18.b17.el5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.18.b17.el5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.18.b17.el5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.18.b17.el5.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.36.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.36.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.src.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.src.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.36.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.36.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.36.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.36.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.36.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.36.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.36.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.36.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.36.b17.el6_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4476.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNVIfwXlSAg2UNWIIRAtFSAJ9FvGdrn3j0evfUoP8pKllRVqEWkACgnxh7 1CYG3AzKPHyD88EvIQvbUWE= =SNCa -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 15 18:57:20 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 15 Feb 2011 13:57:20 -0500 Subject: [RHSA-2011:0256-01] Moderate: dhcp security update Message-ID: <201102151857.p1FIvUp3003332@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: dhcp security update Advisory ID: RHSA-2011:0256-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0256.html Issue date: 2011-02-15 CVE Names: CVE-2011-0413 ===================================================================== 1. Summary: Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. DHCPv6 is the DHCP protocol version for IPv6 networks. A flaw was found in the way the dhcpd daemon processed certain DHCPv6 messages for addresses that had previously been declined and marked as abandoned internally. If a remote attacker sent such messages to dhcpd, it could cause dhcpd to crash due to an assertion failure if it was running as a DHCPv6 server. (CVE-2011-0413) Red Hat would like to thank Internet Systems Consortium for reporting this issue. Users running dhcpd as a DHCPv6 server should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, all DHCP servers will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 672755 - CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/dhcp-4.1.1-12.P1.el6_0.2.src.rpm i386: dhclient-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.i686.rpm x86_64: dhclient-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/dhcp-4.1.1-12.P1.el6_0.2.src.rpm i386: dhcp-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.i686.rpm x86_64: dhcp-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/dhcp-4.1.1-12.P1.el6_0.2.src.rpm x86_64: dhclient-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/dhcp-4.1.1-12.P1.el6_0.2.src.rpm x86_64: dhcp-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/dhcp-4.1.1-12.P1.el6_0.2.src.rpm i386: dhclient-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.i686.rpm ppc64: dhclient-4.1.1-12.P1.el6_0.2.ppc64.rpm dhcp-4.1.1-12.P1.el6_0.2.ppc64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.ppc64.rpm s390x: dhclient-4.1.1-12.P1.el6_0.2.s390x.rpm dhcp-4.1.1-12.P1.el6_0.2.s390x.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.s390x.rpm x86_64: dhclient-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/dhcp-4.1.1-12.P1.el6_0.2.src.rpm i386: dhcp-debuginfo-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.i686.rpm ppc64: dhcp-debuginfo-4.1.1-12.P1.el6_0.2.ppc.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.ppc64.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.ppc.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.ppc64.rpm s390x: dhcp-debuginfo-4.1.1-12.P1.el6_0.2.s390.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.s390x.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.s390.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.s390x.rpm x86_64: dhcp-debuginfo-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/dhcp-4.1.1-12.P1.el6_0.2.src.rpm i386: dhclient-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.i686.rpm x86_64: dhclient-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/dhcp-4.1.1-12.P1.el6_0.2.src.rpm i386: dhcp-debuginfo-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.i686.rpm x86_64: dhcp-debuginfo-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.2.x86_64.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-0413.html https://access.redhat.com/security/updates/classification/#moderate http://www.isc.org/software/dhcp/advisories/cve-2011-0413 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNWsunXlSAg2UNWIIRAtWRAKDBsYoWG4zPRsQoqPzY5fWk0d2KjwCeOs4A PpVGBIo+4TwLzryxfHddmdo= =5ZP7 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 15 19:12:01 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 15 Feb 2011 14:12:01 -0500 Subject: [RHSA-2011:0257-01] Moderate: subversion security update Message-ID: <201102151912.p1FJCBMa000926@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: subversion security update Advisory ID: RHSA-2011:0257-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0257.html Issue date: 2011-02-15 CVE Names: CVE-2010-4539 CVE-2010-4644 ===================================================================== 1. Summary: Updated subversion packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. A server-side memory leak was found in the Subversion server. If a malicious, remote user performed "svn blame" or "svn log" operations on certain repository files, it could cause the Subversion server to consume a large amount of system memory. (CVE-2010-4644) A NULL pointer dereference flaw was found in the way the mod_dav_svn module (for use with the Apache HTTP Server) processed certain requests. If a malicious, remote user issued a certain type of request to display a collection of Subversion repositories on a host that has the SVNListParentPath directive enabled, it could cause the httpd process serving the request to crash. Note that SVNListParentPath is not enabled by default. (CVE-2010-4539) All Subversion users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the Subversion server must be restarted for the update to take effect: restart httpd if you are using mod_dav_svn, or restart svnserve if it is used. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 667407 - CVE-2010-4539 Subversion (mod_dav_svn): DoS (crash) by processing certain requests to display all available repositories to a web browser 667763 - CVE-2010-4644 Subversion: DoS (memory consumption) by processing blame or log -g requests on certain files 6. Package List: RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/subversion-1.6.11-7.el5_6.1.src.rpm i386: mod_dav_svn-1.6.11-7.el5_6.1.i386.rpm subversion-1.6.11-7.el5_6.1.i386.rpm subversion-debuginfo-1.6.11-7.el5_6.1.i386.rpm subversion-devel-1.6.11-7.el5_6.1.i386.rpm subversion-javahl-1.6.11-7.el5_6.1.i386.rpm subversion-perl-1.6.11-7.el5_6.1.i386.rpm subversion-ruby-1.6.11-7.el5_6.1.i386.rpm x86_64: mod_dav_svn-1.6.11-7.el5_6.1.x86_64.rpm subversion-1.6.11-7.el5_6.1.i386.rpm subversion-1.6.11-7.el5_6.1.x86_64.rpm subversion-debuginfo-1.6.11-7.el5_6.1.i386.rpm subversion-debuginfo-1.6.11-7.el5_6.1.x86_64.rpm subversion-devel-1.6.11-7.el5_6.1.i386.rpm subversion-devel-1.6.11-7.el5_6.1.x86_64.rpm subversion-javahl-1.6.11-7.el5_6.1.x86_64.rpm subversion-perl-1.6.11-7.el5_6.1.x86_64.rpm subversion-ruby-1.6.11-7.el5_6.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/subversion-1.6.11-7.el5_6.1.src.rpm i386: mod_dav_svn-1.6.11-7.el5_6.1.i386.rpm subversion-1.6.11-7.el5_6.1.i386.rpm subversion-debuginfo-1.6.11-7.el5_6.1.i386.rpm subversion-devel-1.6.11-7.el5_6.1.i386.rpm subversion-javahl-1.6.11-7.el5_6.1.i386.rpm subversion-perl-1.6.11-7.el5_6.1.i386.rpm subversion-ruby-1.6.11-7.el5_6.1.i386.rpm ia64: mod_dav_svn-1.6.11-7.el5_6.1.ia64.rpm subversion-1.6.11-7.el5_6.1.ia64.rpm subversion-debuginfo-1.6.11-7.el5_6.1.ia64.rpm subversion-devel-1.6.11-7.el5_6.1.ia64.rpm subversion-javahl-1.6.11-7.el5_6.1.ia64.rpm subversion-perl-1.6.11-7.el5_6.1.ia64.rpm subversion-ruby-1.6.11-7.el5_6.1.ia64.rpm ppc: mod_dav_svn-1.6.11-7.el5_6.1.ppc.rpm subversion-1.6.11-7.el5_6.1.ppc.rpm subversion-1.6.11-7.el5_6.1.ppc64.rpm subversion-debuginfo-1.6.11-7.el5_6.1.ppc.rpm subversion-debuginfo-1.6.11-7.el5_6.1.ppc64.rpm subversion-devel-1.6.11-7.el5_6.1.ppc.rpm subversion-devel-1.6.11-7.el5_6.1.ppc64.rpm subversion-javahl-1.6.11-7.el5_6.1.ppc.rpm subversion-perl-1.6.11-7.el5_6.1.ppc.rpm subversion-ruby-1.6.11-7.el5_6.1.ppc.rpm s390x: mod_dav_svn-1.6.11-7.el5_6.1.s390x.rpm subversion-1.6.11-7.el5_6.1.s390.rpm subversion-1.6.11-7.el5_6.1.s390x.rpm subversion-debuginfo-1.6.11-7.el5_6.1.s390.rpm subversion-debuginfo-1.6.11-7.el5_6.1.s390x.rpm subversion-devel-1.6.11-7.el5_6.1.s390.rpm subversion-devel-1.6.11-7.el5_6.1.s390x.rpm subversion-javahl-1.6.11-7.el5_6.1.s390x.rpm subversion-perl-1.6.11-7.el5_6.1.s390x.rpm subversion-ruby-1.6.11-7.el5_6.1.s390x.rpm x86_64: mod_dav_svn-1.6.11-7.el5_6.1.x86_64.rpm subversion-1.6.11-7.el5_6.1.i386.rpm subversion-1.6.11-7.el5_6.1.x86_64.rpm subversion-debuginfo-1.6.11-7.el5_6.1.i386.rpm subversion-debuginfo-1.6.11-7.el5_6.1.x86_64.rpm subversion-devel-1.6.11-7.el5_6.1.i386.rpm subversion-devel-1.6.11-7.el5_6.1.x86_64.rpm subversion-javahl-1.6.11-7.el5_6.1.x86_64.rpm subversion-perl-1.6.11-7.el5_6.1.x86_64.rpm subversion-ruby-1.6.11-7.el5_6.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4539.html https://www.redhat.com/security/data/cve/CVE-2010-4644.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNWs8gXlSAg2UNWIIRAv/2AJ4pdiMqP2aG9P4WRtP9M1ugaTUF1wCdGyI7 UAPygoMcxPIRdWsILVZDsoY= =vo+8 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 15 19:31:24 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 15 Feb 2011 14:31:24 -0500 Subject: [RHSA-2011:0258-01] Moderate: subversion security update Message-ID: <201102151931.p1FJVYT3007562@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: subversion security update Advisory ID: RHSA-2011:0258-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0258.html Issue date: 2011-02-15 CVE Names: CVE-2010-3315 CVE-2010-4539 CVE-2010-4644 ===================================================================== 1. Summary: Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 3. Description: Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. An access restriction bypass flaw was found in the mod_dav_svn module. If the SVNPathAuthz directive was set to "short_circuit", certain access rules were not enforced, possibly allowing sensitive repository data to be leaked to remote users. Note that SVNPathAuthz is set to "On" by default. (CVE-2010-3315) A server-side memory leak was found in the Subversion server. If a malicious, remote user performed "svn blame" or "svn log" operations on certain repository files, it could cause the Subversion server to consume a large amount of system memory. (CVE-2010-4644) A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests. If a malicious, remote user issued a certain type of request to display a collection of Subversion repositories on a host that has the SVNListParentPath directive enabled, it could cause the httpd process serving the request to crash. Note that SVNListParentPath is not enabled by default. (CVE-2010-4539) All Subversion users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the Subversion server must be restarted for the update to take effect: restart httpd if you are using mod_dav_svn, or restart svnserve if it is used. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 640317 - CVE-2010-3315 Subversion: Access restriction bypass by checkout of the root of the repository 667407 - CVE-2010-4539 Subversion (mod_dav_svn): DoS (crash) by processing certain requests to display all available repositories to a web browser 667763 - CVE-2010-4644 Subversion: DoS (memory consumption) by processing blame or log -g requests on certain files 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/subversion-1.6.11-2.el6_0.2.src.rpm i386: mod_dav_svn-1.6.11-2.el6_0.2.i686.rpm subversion-1.6.11-2.el6_0.2.i686.rpm subversion-debuginfo-1.6.11-2.el6_0.2.i686.rpm subversion-devel-1.6.11-2.el6_0.2.i686.rpm subversion-gnome-1.6.11-2.el6_0.2.i686.rpm subversion-javahl-1.6.11-2.el6_0.2.i686.rpm subversion-kde-1.6.11-2.el6_0.2.i686.rpm subversion-perl-1.6.11-2.el6_0.2.i686.rpm subversion-ruby-1.6.11-2.el6_0.2.i686.rpm noarch: subversion-svn2cl-1.6.11-2.el6_0.2.noarch.rpm x86_64: mod_dav_svn-1.6.11-2.el6_0.2.x86_64.rpm subversion-1.6.11-2.el6_0.2.i686.rpm subversion-1.6.11-2.el6_0.2.x86_64.rpm subversion-debuginfo-1.6.11-2.el6_0.2.i686.rpm subversion-debuginfo-1.6.11-2.el6_0.2.x86_64.rpm subversion-devel-1.6.11-2.el6_0.2.i686.rpm subversion-devel-1.6.11-2.el6_0.2.x86_64.rpm subversion-gnome-1.6.11-2.el6_0.2.i686.rpm subversion-gnome-1.6.11-2.el6_0.2.x86_64.rpm subversion-javahl-1.6.11-2.el6_0.2.i686.rpm subversion-javahl-1.6.11-2.el6_0.2.x86_64.rpm subversion-kde-1.6.11-2.el6_0.2.i686.rpm subversion-kde-1.6.11-2.el6_0.2.x86_64.rpm subversion-perl-1.6.11-2.el6_0.2.i686.rpm subversion-perl-1.6.11-2.el6_0.2.x86_64.rpm subversion-ruby-1.6.11-2.el6_0.2.i686.rpm subversion-ruby-1.6.11-2.el6_0.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/subversion-1.6.11-2.el6_0.2.src.rpm noarch: subversion-svn2cl-1.6.11-2.el6_0.2.noarch.rpm x86_64: mod_dav_svn-1.6.11-2.el6_0.2.x86_64.rpm subversion-1.6.11-2.el6_0.2.i686.rpm subversion-1.6.11-2.el6_0.2.x86_64.rpm subversion-debuginfo-1.6.11-2.el6_0.2.i686.rpm subversion-debuginfo-1.6.11-2.el6_0.2.x86_64.rpm subversion-devel-1.6.11-2.el6_0.2.i686.rpm subversion-devel-1.6.11-2.el6_0.2.x86_64.rpm subversion-gnome-1.6.11-2.el6_0.2.i686.rpm subversion-gnome-1.6.11-2.el6_0.2.x86_64.rpm subversion-javahl-1.6.11-2.el6_0.2.i686.rpm subversion-javahl-1.6.11-2.el6_0.2.x86_64.rpm subversion-kde-1.6.11-2.el6_0.2.i686.rpm subversion-kde-1.6.11-2.el6_0.2.x86_64.rpm subversion-perl-1.6.11-2.el6_0.2.i686.rpm subversion-perl-1.6.11-2.el6_0.2.x86_64.rpm subversion-ruby-1.6.11-2.el6_0.2.i686.rpm subversion-ruby-1.6.11-2.el6_0.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/subversion-1.6.11-2.el6_0.2.src.rpm i386: mod_dav_svn-1.6.11-2.el6_0.2.i686.rpm subversion-1.6.11-2.el6_0.2.i686.rpm subversion-debuginfo-1.6.11-2.el6_0.2.i686.rpm subversion-javahl-1.6.11-2.el6_0.2.i686.rpm ppc64: mod_dav_svn-1.6.11-2.el6_0.2.ppc64.rpm subversion-1.6.11-2.el6_0.2.ppc.rpm subversion-1.6.11-2.el6_0.2.ppc64.rpm subversion-debuginfo-1.6.11-2.el6_0.2.ppc.rpm subversion-debuginfo-1.6.11-2.el6_0.2.ppc64.rpm s390x: mod_dav_svn-1.6.11-2.el6_0.2.s390x.rpm subversion-1.6.11-2.el6_0.2.s390.rpm subversion-1.6.11-2.el6_0.2.s390x.rpm subversion-debuginfo-1.6.11-2.el6_0.2.s390.rpm subversion-debuginfo-1.6.11-2.el6_0.2.s390x.rpm x86_64: mod_dav_svn-1.6.11-2.el6_0.2.x86_64.rpm subversion-1.6.11-2.el6_0.2.i686.rpm subversion-1.6.11-2.el6_0.2.x86_64.rpm subversion-debuginfo-1.6.11-2.el6_0.2.i686.rpm subversion-debuginfo-1.6.11-2.el6_0.2.x86_64.rpm subversion-javahl-1.6.11-2.el6_0.2.i686.rpm subversion-javahl-1.6.11-2.el6_0.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/subversion-1.6.11-2.el6_0.2.src.rpm i386: subversion-debuginfo-1.6.11-2.el6_0.2.i686.rpm subversion-devel-1.6.11-2.el6_0.2.i686.rpm subversion-gnome-1.6.11-2.el6_0.2.i686.rpm subversion-kde-1.6.11-2.el6_0.2.i686.rpm subversion-perl-1.6.11-2.el6_0.2.i686.rpm subversion-ruby-1.6.11-2.el6_0.2.i686.rpm noarch: subversion-svn2cl-1.6.11-2.el6_0.2.noarch.rpm ppc64: subversion-debuginfo-1.6.11-2.el6_0.2.ppc.rpm subversion-debuginfo-1.6.11-2.el6_0.2.ppc64.rpm subversion-devel-1.6.11-2.el6_0.2.ppc.rpm subversion-devel-1.6.11-2.el6_0.2.ppc64.rpm subversion-gnome-1.6.11-2.el6_0.2.ppc.rpm subversion-gnome-1.6.11-2.el6_0.2.ppc64.rpm subversion-javahl-1.6.11-2.el6_0.2.ppc.rpm subversion-javahl-1.6.11-2.el6_0.2.ppc64.rpm subversion-kde-1.6.11-2.el6_0.2.ppc.rpm subversion-kde-1.6.11-2.el6_0.2.ppc64.rpm subversion-perl-1.6.11-2.el6_0.2.ppc.rpm subversion-perl-1.6.11-2.el6_0.2.ppc64.rpm subversion-ruby-1.6.11-2.el6_0.2.ppc.rpm subversion-ruby-1.6.11-2.el6_0.2.ppc64.rpm s390x: subversion-debuginfo-1.6.11-2.el6_0.2.s390.rpm subversion-debuginfo-1.6.11-2.el6_0.2.s390x.rpm subversion-devel-1.6.11-2.el6_0.2.s390.rpm subversion-devel-1.6.11-2.el6_0.2.s390x.rpm subversion-gnome-1.6.11-2.el6_0.2.s390.rpm subversion-gnome-1.6.11-2.el6_0.2.s390x.rpm subversion-javahl-1.6.11-2.el6_0.2.s390.rpm subversion-javahl-1.6.11-2.el6_0.2.s390x.rpm subversion-kde-1.6.11-2.el6_0.2.s390.rpm subversion-kde-1.6.11-2.el6_0.2.s390x.rpm subversion-perl-1.6.11-2.el6_0.2.s390.rpm subversion-perl-1.6.11-2.el6_0.2.s390x.rpm subversion-ruby-1.6.11-2.el6_0.2.s390.rpm subversion-ruby-1.6.11-2.el6_0.2.s390x.rpm x86_64: subversion-debuginfo-1.6.11-2.el6_0.2.i686.rpm subversion-debuginfo-1.6.11-2.el6_0.2.x86_64.rpm subversion-devel-1.6.11-2.el6_0.2.i686.rpm subversion-devel-1.6.11-2.el6_0.2.x86_64.rpm subversion-gnome-1.6.11-2.el6_0.2.i686.rpm subversion-gnome-1.6.11-2.el6_0.2.x86_64.rpm subversion-kde-1.6.11-2.el6_0.2.i686.rpm subversion-kde-1.6.11-2.el6_0.2.x86_64.rpm subversion-perl-1.6.11-2.el6_0.2.i686.rpm subversion-perl-1.6.11-2.el6_0.2.x86_64.rpm subversion-ruby-1.6.11-2.el6_0.2.i686.rpm subversion-ruby-1.6.11-2.el6_0.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/subversion-1.6.11-2.el6_0.2.src.rpm i386: mod_dav_svn-1.6.11-2.el6_0.2.i686.rpm subversion-1.6.11-2.el6_0.2.i686.rpm subversion-debuginfo-1.6.11-2.el6_0.2.i686.rpm subversion-javahl-1.6.11-2.el6_0.2.i686.rpm x86_64: mod_dav_svn-1.6.11-2.el6_0.2.x86_64.rpm subversion-1.6.11-2.el6_0.2.i686.rpm subversion-1.6.11-2.el6_0.2.x86_64.rpm subversion-debuginfo-1.6.11-2.el6_0.2.i686.rpm subversion-debuginfo-1.6.11-2.el6_0.2.x86_64.rpm subversion-javahl-1.6.11-2.el6_0.2.i686.rpm subversion-javahl-1.6.11-2.el6_0.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/subversion-1.6.11-2.el6_0.2.src.rpm i386: subversion-debuginfo-1.6.11-2.el6_0.2.i686.rpm subversion-devel-1.6.11-2.el6_0.2.i686.rpm subversion-gnome-1.6.11-2.el6_0.2.i686.rpm subversion-kde-1.6.11-2.el6_0.2.i686.rpm subversion-perl-1.6.11-2.el6_0.2.i686.rpm subversion-ruby-1.6.11-2.el6_0.2.i686.rpm noarch: subversion-svn2cl-1.6.11-2.el6_0.2.noarch.rpm x86_64: subversion-debuginfo-1.6.11-2.el6_0.2.i686.rpm subversion-debuginfo-1.6.11-2.el6_0.2.x86_64.rpm subversion-devel-1.6.11-2.el6_0.2.i686.rpm subversion-devel-1.6.11-2.el6_0.2.x86_64.rpm subversion-gnome-1.6.11-2.el6_0.2.i686.rpm subversion-gnome-1.6.11-2.el6_0.2.x86_64.rpm subversion-kde-1.6.11-2.el6_0.2.i686.rpm subversion-kde-1.6.11-2.el6_0.2.x86_64.rpm subversion-perl-1.6.11-2.el6_0.2.i686.rpm subversion-perl-1.6.11-2.el6_0.2.x86_64.rpm subversion-ruby-1.6.11-2.el6_0.2.i686.rpm subversion-ruby-1.6.11-2.el6_0.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-3315.html https://www.redhat.com/security/data/cve/CVE-2010-4539.html https://www.redhat.com/security/data/cve/CVE-2010-4644.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNWtOcXlSAg2UNWIIRAjhUAKCIK5SmcC0FGYT3jDz1BgVXr2MttACfdvEO +MDkE+yJ3qam4OUOp76nAPo= =E1gW -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 15 19:42:23 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 15 Feb 2011 14:42:23 -0500 Subject: [RHSA-2011:0259-01] Critical: flash-plugin - 1-Month End Of Life Notice Message-ID: <201102151942.p1FJgXbj004237@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin - 1-Month End Of Life Notice Advisory ID: RHSA-2011:0259-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0259.html Issue date: 2011-02-15 ===================================================================== 1. Summary: The flash-plugin package on Red Hat Enterprise Linux 4 contains multiple security flaws and should no longer be used. This is the 1-month notification of Red Hat's plans to disable Adobe Flash Player 9 on Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. 2. Relevant releases/architectures: Red Hat Desktop version 4 Extras - i386 Red Hat Enterprise Linux AS version 4 Extras - i386 Red Hat Enterprise Linux ES version 4 Extras - i386 Red Hat Enterprise Linux WS version 4 Extras - i386 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. Adobe Flash Player 9 is vulnerable to critical security flaws and should no longer be used. A remote attacker could use these flaws to execute arbitrary code with the privileges of the user running Flash Player 9. (CVE-2011-0558, CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0575, CVE-2011-0577, CVE-2011-0578, CVE-2011-0607, CVE-2011-0608) Adobe is no longer providing security updates for Adobe Flash Player 9, and is not providing a replacement Flash Player version compatible with Red Hat Enterprise Linux 4. In one month Red Hat plans to release an update for the flash-plugin package that will prevent it from functioning. User wishing to continue using Flash Player 9, despite the vulnerabilities, can add the flash-plugin package to the up2date skip list. Refer to the following Red Hat Knowledgebase article for instructions on adding a package to the up2date skip list: https://access.redhat.com/kb/docs/DOC-1639 4. Solution: This erratum contains a flash-plugin package with an updated version number to ensure the distribution of this notice; however, no changes have been made to the package. 5. Bugs fixed (http://bugzilla.redhat.com/): 676226 - CVE-2011-0558 CVE-2011-0559 CVE-2011-0560 CVE-2011-0561 CVE-2011-0571 CVE-2011-0572 CVE-2011-0573 CVE-2011-0574 CVE-2011-0575 CVE-2011-0577 CVE-2011-0578 CVE-2011-0607 CVE-2011-0608 flash-plugin: multiple code execution flaws (APSB11-02) 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: flash-plugin-9.0.289.0-2.el4.i386.rpm Red Hat Desktop version 4 Extras: i386: flash-plugin-9.0.289.0-2.el4.i386.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: flash-plugin-9.0.289.0-2.el4.i386.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: flash-plugin-9.0.289.0-2.el4.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/updates/classification/#critical http://kb2.adobe.com/cps/406/kb406791.html https://access.redhat.com/kb/docs/DOC-1639 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNWtYUXlSAg2UNWIIRAnV4AKC+tA+zJiAwrg7Zn5Cg6hK6sEgbuQCfUNNi wSiCNZd0QstlfxKS93iSahU= =rvsA -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 16 15:36:07 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Feb 2011 10:36:07 -0500 Subject: [RHSA-2011:0260-01] Low: python security and bug fix update Message-ID: <201102161536.p1GFaOUb020096@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: python security and bug fix update Advisory ID: RHSA-2011:0260-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0260.html Issue date: 2011-02-16 CVE Names: CVE-2009-4134 CVE-2010-1449 CVE-2010-1450 ===================================================================== 1. Summary: Updated python packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Python is an interpreted, interactive, object-oriented programming language. Multiple flaws were found in the Python rgbimg module. If an application written in Python was using the rgbimg module and loaded a specially-crafted SGI image file, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2009-4134, CVE-2010-1449, CVE-2010-1450) This update also fixes the following bugs: * Python 2.3.4's time.strptime() function did not correctly handle the "%W" week number format string. This update backports the _strptime implementation from Python 2.3.6, fixing this issue. (BZ#436001) * Python 2.3.4's socket.htons() function returned partially-uninitialized data on IBM System z, generally leading to incorrect results. (BZ#513341) * Python 2.3.4's pwd.getpwuid() and grp.getgrgid() functions did not support the full range of user and group IDs on 64-bit architectures, leading to "OverflowError" exceptions for large input values. This update adds support for the full range of user and group IDs on 64-bit architectures. (BZ#497540) Users of Python should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 497540 - grp module does not support whole uid/gid range 541698 - CVE-2009-4134 CVE-2010-1449 CVE-2010-1450 python: rgbimg: multiple security issues 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/python-2.3.4-14.9.el4.src.rpm i386: python-2.3.4-14.9.el4.i386.rpm python-debuginfo-2.3.4-14.9.el4.i386.rpm python-devel-2.3.4-14.9.el4.i386.rpm python-docs-2.3.4-14.9.el4.i386.rpm python-tools-2.3.4-14.9.el4.i386.rpm tkinter-2.3.4-14.9.el4.i386.rpm ia64: python-2.3.4-14.9.el4.ia64.rpm python-debuginfo-2.3.4-14.9.el4.ia64.rpm python-devel-2.3.4-14.9.el4.ia64.rpm python-docs-2.3.4-14.9.el4.ia64.rpm python-tools-2.3.4-14.9.el4.ia64.rpm tkinter-2.3.4-14.9.el4.ia64.rpm ppc: python-2.3.4-14.9.el4.ppc.rpm python-debuginfo-2.3.4-14.9.el4.ppc.rpm python-devel-2.3.4-14.9.el4.ppc.rpm python-docs-2.3.4-14.9.el4.ppc.rpm python-tools-2.3.4-14.9.el4.ppc.rpm tkinter-2.3.4-14.9.el4.ppc.rpm s390: python-2.3.4-14.9.el4.s390.rpm python-debuginfo-2.3.4-14.9.el4.s390.rpm python-devel-2.3.4-14.9.el4.s390.rpm python-docs-2.3.4-14.9.el4.s390.rpm python-tools-2.3.4-14.9.el4.s390.rpm tkinter-2.3.4-14.9.el4.s390.rpm s390x: python-2.3.4-14.9.el4.s390x.rpm python-debuginfo-2.3.4-14.9.el4.s390x.rpm python-devel-2.3.4-14.9.el4.s390x.rpm python-docs-2.3.4-14.9.el4.s390x.rpm python-tools-2.3.4-14.9.el4.s390x.rpm tkinter-2.3.4-14.9.el4.s390x.rpm x86_64: python-2.3.4-14.9.el4.x86_64.rpm python-debuginfo-2.3.4-14.9.el4.x86_64.rpm python-devel-2.3.4-14.9.el4.x86_64.rpm python-docs-2.3.4-14.9.el4.x86_64.rpm python-tools-2.3.4-14.9.el4.x86_64.rpm tkinter-2.3.4-14.9.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/python-2.3.4-14.9.el4.src.rpm i386: python-2.3.4-14.9.el4.i386.rpm python-debuginfo-2.3.4-14.9.el4.i386.rpm python-devel-2.3.4-14.9.el4.i386.rpm python-docs-2.3.4-14.9.el4.i386.rpm python-tools-2.3.4-14.9.el4.i386.rpm tkinter-2.3.4-14.9.el4.i386.rpm x86_64: python-2.3.4-14.9.el4.x86_64.rpm python-debuginfo-2.3.4-14.9.el4.x86_64.rpm python-devel-2.3.4-14.9.el4.x86_64.rpm python-docs-2.3.4-14.9.el4.x86_64.rpm python-tools-2.3.4-14.9.el4.x86_64.rpm tkinter-2.3.4-14.9.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/python-2.3.4-14.9.el4.src.rpm i386: python-2.3.4-14.9.el4.i386.rpm python-debuginfo-2.3.4-14.9.el4.i386.rpm python-devel-2.3.4-14.9.el4.i386.rpm python-docs-2.3.4-14.9.el4.i386.rpm python-tools-2.3.4-14.9.el4.i386.rpm tkinter-2.3.4-14.9.el4.i386.rpm ia64: python-2.3.4-14.9.el4.ia64.rpm python-debuginfo-2.3.4-14.9.el4.ia64.rpm python-devel-2.3.4-14.9.el4.ia64.rpm python-docs-2.3.4-14.9.el4.ia64.rpm python-tools-2.3.4-14.9.el4.ia64.rpm tkinter-2.3.4-14.9.el4.ia64.rpm x86_64: python-2.3.4-14.9.el4.x86_64.rpm python-debuginfo-2.3.4-14.9.el4.x86_64.rpm python-devel-2.3.4-14.9.el4.x86_64.rpm python-docs-2.3.4-14.9.el4.x86_64.rpm python-tools-2.3.4-14.9.el4.x86_64.rpm tkinter-2.3.4-14.9.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/python-2.3.4-14.9.el4.src.rpm i386: python-2.3.4-14.9.el4.i386.rpm python-debuginfo-2.3.4-14.9.el4.i386.rpm python-devel-2.3.4-14.9.el4.i386.rpm python-docs-2.3.4-14.9.el4.i386.rpm python-tools-2.3.4-14.9.el4.i386.rpm tkinter-2.3.4-14.9.el4.i386.rpm ia64: python-2.3.4-14.9.el4.ia64.rpm python-debuginfo-2.3.4-14.9.el4.ia64.rpm python-devel-2.3.4-14.9.el4.ia64.rpm python-docs-2.3.4-14.9.el4.ia64.rpm python-tools-2.3.4-14.9.el4.ia64.rpm tkinter-2.3.4-14.9.el4.ia64.rpm x86_64: python-2.3.4-14.9.el4.x86_64.rpm python-debuginfo-2.3.4-14.9.el4.x86_64.rpm python-devel-2.3.4-14.9.el4.x86_64.rpm python-docs-2.3.4-14.9.el4.x86_64.rpm python-tools-2.3.4-14.9.el4.x86_64.rpm tkinter-2.3.4-14.9.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-4134.html https://www.redhat.com/security/data/cve/CVE-2010-1449.html https://www.redhat.com/security/data/cve/CVE-2010-1450.html https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNW+4GXlSAg2UNWIIRAp4eAKCby8RkLfj9EfGCzjBB5lEJcmKpXwCfUsqb Gvw0YLxN5Snhin3dlt6XsI4= =xcOn -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 16 15:39:29 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Feb 2011 10:39:29 -0500 Subject: [RHSA-2011:0261-01] Low: bash security and bug fix update Message-ID: <201102161539.p1GFdjgI001258@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: bash security and bug fix update Advisory ID: RHSA-2011:0261-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0261.html Issue date: 2011-02-16 CVE Names: CVE-2008-5374 ===================================================================== 1. Summary: Updated bash packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Bash (Bourne-again shell) is the default shell for Red Hat Enterprise Linux. It was found that certain scripts bundled with the Bash documentation created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files accessible to the victim running the scripts. (CVE-2008-5374) This update also fixes the following bugs: * If a child process's PID was the same as the PID of a previously ended child process, Bash did not wait for that child process. In some cases this caused "Resource temporarily unavailable" errors. With this update, Bash recycles PIDs and waits for processes with recycled PIDs. (BZ#521134) * Bash's built-in "read" command had a memory leak when "read" failed due to no input (pipe for stdin). With this update, the memory is correctly freed. (BZ#537029) * Bash did not correctly check for a valid multi-byte string when setting the IFS value, causing Bash to crash. With this update, Bash checks the multi-byte string and no longer crashes. (BZ#539536) * Bash incorrectly set locale settings when using the built-in "export" command and setting the locale on the same line (for example, with "LC_ALL=C export LC_ALL"). With this update, Bash correctly sets locale settings. (BZ#539538) All bash users should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 475474 - CVE-2008-5374 bash: Insecure temporary file use in aliasconv.sh, aliasconv.bash, cshtobash (symlink attack) 521134 - Bash doesn't wait for backgrounded process if its PID is recycled 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/bash-3.0-27.el4.src.rpm i386: bash-3.0-27.el4.i386.rpm bash-debuginfo-3.0-27.el4.i386.rpm ia64: bash-3.0-27.el4.i386.rpm bash-3.0-27.el4.ia64.rpm bash-debuginfo-3.0-27.el4.i386.rpm bash-debuginfo-3.0-27.el4.ia64.rpm ppc: bash-3.0-27.el4.ppc.rpm bash-debuginfo-3.0-27.el4.ppc.rpm s390: bash-3.0-27.el4.s390.rpm bash-debuginfo-3.0-27.el4.s390.rpm s390x: bash-3.0-27.el4.s390x.rpm bash-debuginfo-3.0-27.el4.s390x.rpm x86_64: bash-3.0-27.el4.x86_64.rpm bash-debuginfo-3.0-27.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/bash-3.0-27.el4.src.rpm i386: bash-3.0-27.el4.i386.rpm bash-debuginfo-3.0-27.el4.i386.rpm x86_64: bash-3.0-27.el4.x86_64.rpm bash-debuginfo-3.0-27.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/bash-3.0-27.el4.src.rpm i386: bash-3.0-27.el4.i386.rpm bash-debuginfo-3.0-27.el4.i386.rpm ia64: bash-3.0-27.el4.i386.rpm bash-3.0-27.el4.ia64.rpm bash-debuginfo-3.0-27.el4.i386.rpm bash-debuginfo-3.0-27.el4.ia64.rpm x86_64: bash-3.0-27.el4.x86_64.rpm bash-debuginfo-3.0-27.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/bash-3.0-27.el4.src.rpm i386: bash-3.0-27.el4.i386.rpm bash-debuginfo-3.0-27.el4.i386.rpm ia64: bash-3.0-27.el4.i386.rpm bash-3.0-27.el4.ia64.rpm bash-debuginfo-3.0-27.el4.i386.rpm bash-debuginfo-3.0-27.el4.ia64.rpm x86_64: bash-3.0-27.el4.x86_64.rpm bash-debuginfo-3.0-27.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2008-5374.html https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNW+7XXlSAg2UNWIIRAo8wAJ0f0sHHZpVn98Y3ZVCCJpFWthbeIQCgs9al 0mEZRNtoUwieXtSlqwdhSY4= =7Wkm -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 16 15:43:03 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Feb 2011 10:43:03 -0500 Subject: [RHSA-2011:0262-01] Low: sendmail security and bug fix update Message-ID: <201102161543.p1GFhKmb003211@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: sendmail security and bug fix update Advisory ID: RHSA-2011:0262-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0262.html Issue date: 2011-02-16 CVE Names: CVE-2009-4565 ===================================================================== 1. Summary: Updated sendmail packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Sendmail is a Mail Transport Agent (MTA) used to send mail between machines. A flaw was found in the way sendmail handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick sendmail into accepting it by mistake, allowing the attacker to perform a man-in-the-middle attack or bypass intended client certificate authentication. (CVE-2009-4565) The CVE-2009-4565 issue only affected configurations using TLS with certificate verification and CommonName checking enabled, which is not a typical configuration. This update also fixes the following bugs: * Previously, sendmail did not correctly handle mail messages that had a long first header line. A line with more than 2048 characters was split, causing the part of the line exceeding the limit, as well as all of the following mail headers, to be incorrectly handled as the message body. (BZ#499450) * When an SMTP-sender is sending mail data to sendmail, it may spool that data to a file in the mail queue. It was found that, if the SMTP-sender stopped sending data and a timeout occurred, the file may have been left stalled in the mail queue, instead of being deleted. This update may not correct this issue for every situation and configuration. Refer to the Solution section for further information. (BZ#434645) * Previously, the sendmail macro MAXHOSTNAMELEN used 64 characters as the limit for the hostname length. However, in some cases, it was used against an FQDN length, which has a maximum length of 255 characters. With this update, the MAXHOSTNAMELEN limit has been changed to 255. (BZ#485380) All sendmail users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, sendmail will be restarted automatically. 4. Solution: As part of the fix for BZ#434645, a script called purge-mqueue is shipped with this update. It is located in the /usr/share/sendmail/ directory. The primary purpose of this script is a one-time clean up of the mqueue from stalled files that were created before the installation of this update. By default, the script removes all files from /var/spool/mqueue/ that have an atime older than one month. It requires the tmpwatch package to be installed. If you have stalled files in your mqueue you can run this script or clean them manually. It is also possible to use this script as a cron job (for example, by copying it to /etc/cron.daily/), but it should not be needed in most cases, because this update should prevent the creation of new stalled files. Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 434645 - DATA timeouts leave behind stale df files in mqueue 485380 - sendmail applies MAXHOSTNAMELEN for FQDN. 552622 - CVE-2009-4565 sendmail: incorrect verification of SSL certificate with NUL in name 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/sendmail-8.13.1-6.el4.src.rpm i386: sendmail-8.13.1-6.el4.i386.rpm sendmail-cf-8.13.1-6.el4.i386.rpm sendmail-debuginfo-8.13.1-6.el4.i386.rpm sendmail-devel-8.13.1-6.el4.i386.rpm sendmail-doc-8.13.1-6.el4.i386.rpm ia64: sendmail-8.13.1-6.el4.ia64.rpm sendmail-cf-8.13.1-6.el4.ia64.rpm sendmail-debuginfo-8.13.1-6.el4.ia64.rpm sendmail-devel-8.13.1-6.el4.ia64.rpm sendmail-doc-8.13.1-6.el4.ia64.rpm ppc: sendmail-8.13.1-6.el4.ppc.rpm sendmail-cf-8.13.1-6.el4.ppc.rpm sendmail-debuginfo-8.13.1-6.el4.ppc.rpm sendmail-devel-8.13.1-6.el4.ppc.rpm sendmail-doc-8.13.1-6.el4.ppc.rpm s390: sendmail-8.13.1-6.el4.s390.rpm sendmail-cf-8.13.1-6.el4.s390.rpm sendmail-debuginfo-8.13.1-6.el4.s390.rpm sendmail-devel-8.13.1-6.el4.s390.rpm sendmail-doc-8.13.1-6.el4.s390.rpm s390x: sendmail-8.13.1-6.el4.s390x.rpm sendmail-cf-8.13.1-6.el4.s390x.rpm sendmail-debuginfo-8.13.1-6.el4.s390x.rpm sendmail-devel-8.13.1-6.el4.s390x.rpm sendmail-doc-8.13.1-6.el4.s390x.rpm x86_64: sendmail-8.13.1-6.el4.x86_64.rpm sendmail-cf-8.13.1-6.el4.x86_64.rpm sendmail-debuginfo-8.13.1-6.el4.x86_64.rpm sendmail-devel-8.13.1-6.el4.x86_64.rpm sendmail-doc-8.13.1-6.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/sendmail-8.13.1-6.el4.src.rpm i386: sendmail-8.13.1-6.el4.i386.rpm sendmail-cf-8.13.1-6.el4.i386.rpm sendmail-debuginfo-8.13.1-6.el4.i386.rpm sendmail-devel-8.13.1-6.el4.i386.rpm sendmail-doc-8.13.1-6.el4.i386.rpm x86_64: sendmail-8.13.1-6.el4.x86_64.rpm sendmail-cf-8.13.1-6.el4.x86_64.rpm sendmail-debuginfo-8.13.1-6.el4.x86_64.rpm sendmail-devel-8.13.1-6.el4.x86_64.rpm sendmail-doc-8.13.1-6.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/sendmail-8.13.1-6.el4.src.rpm i386: sendmail-8.13.1-6.el4.i386.rpm sendmail-cf-8.13.1-6.el4.i386.rpm sendmail-debuginfo-8.13.1-6.el4.i386.rpm sendmail-devel-8.13.1-6.el4.i386.rpm sendmail-doc-8.13.1-6.el4.i386.rpm ia64: sendmail-8.13.1-6.el4.ia64.rpm sendmail-cf-8.13.1-6.el4.ia64.rpm sendmail-debuginfo-8.13.1-6.el4.ia64.rpm sendmail-devel-8.13.1-6.el4.ia64.rpm sendmail-doc-8.13.1-6.el4.ia64.rpm x86_64: sendmail-8.13.1-6.el4.x86_64.rpm sendmail-cf-8.13.1-6.el4.x86_64.rpm sendmail-debuginfo-8.13.1-6.el4.x86_64.rpm sendmail-devel-8.13.1-6.el4.x86_64.rpm sendmail-doc-8.13.1-6.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/sendmail-8.13.1-6.el4.src.rpm i386: sendmail-8.13.1-6.el4.i386.rpm sendmail-cf-8.13.1-6.el4.i386.rpm sendmail-debuginfo-8.13.1-6.el4.i386.rpm sendmail-devel-8.13.1-6.el4.i386.rpm sendmail-doc-8.13.1-6.el4.i386.rpm ia64: sendmail-8.13.1-6.el4.ia64.rpm sendmail-cf-8.13.1-6.el4.ia64.rpm sendmail-debuginfo-8.13.1-6.el4.ia64.rpm sendmail-devel-8.13.1-6.el4.ia64.rpm sendmail-doc-8.13.1-6.el4.ia64.rpm x86_64: sendmail-8.13.1-6.el4.x86_64.rpm sendmail-cf-8.13.1-6.el4.x86_64.rpm sendmail-debuginfo-8.13.1-6.el4.x86_64.rpm sendmail-devel-8.13.1-6.el4.x86_64.rpm sendmail-doc-8.13.1-6.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2009-4565.html https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNW++mXlSAg2UNWIIRAmNOAJ9gHRqZ2xjhbkTNyg0FfaMyjq703wCgtcUM GHpvsgr3sd43BrzGRnku/pI= =zWrS -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 16 15:46:59 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Feb 2011 10:46:59 -0500 Subject: [RHSA-2011:0264-01] Low: rgmanager security and bug fix update Message-ID: <201102161547.p1GFlGok005024@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: rgmanager security and bug fix update Advisory ID: RHSA-2011:0264-01 Product: Red Hat Cluster Suite Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0264.html Issue date: 2011-02-16 CVE Names: CVE-2008-6552 CVE-2010-3389 ===================================================================== 1. Summary: An updated rgmanager package that fixes multiple security issues and several bugs is now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Cluster Suite 4AS - i386, ia64, ppc, x86_64 Red Hat Cluster Suite 4ES - i386, ia64, x86_64 Red Hat Cluster Suite 4WS - i386, ia64, x86_64 3. Description: The rgmanager package contains the Red Hat Resource Group Manager, which provides high availability for critical server applications. Multiple insecure temporary file use flaws were discovered in rgmanager and various resource scripts run by rgmanager. A local attacker could use these flaws to overwrite an arbitrary file writable by the rgmanager process (i.e. user root) with the output of rgmanager or a resource agent via a symbolic link attack. (CVE-2008-6552) It was discovered that certain resource agent scripts set the LD_LIBRARY_PATH environment variable to an insecure value containing empty path elements. A local user able to trick a user running those scripts to run them while working from an attacker-writable directory could use this flaw to escalate their privileges via a specially-crafted dynamic library. (CVE-2010-3389) Red Hat would like to thank Raphael Geissert for reporting the CVE-2010-3389 issue. This update also fixes the following bugs: * Previously, starting threads could incorrectly include a reference to an exited thread if that thread exited when rgmanager received a request to start a new thread. Due to this issue, the new thread did not retry and entered an infinite loop. This update ensures that new threads do not reference old threads. Now, new threads no longer enter an infinite loop in which the rgmanager enables and disables services without failing gracefully. (BZ#502872) * Previously, nfsclient.sh left temporary nfsclient-status-cache-$$ files in /tmp/. (BZ#506152) * Previously, the function local_node_name in /resources/utils/member_util.sh did not correctly check whether magma_tool failed. Due to this issue, empty strings could be returned. This update checks the input and rejects empty strings. (BZ#516758) * Previously, the file system agent could kill a process when an application used a mount point with a similar name to a mount point managed by rgmanager using force_unmount. With this update, the file system agent kills only the processes that access the mount point managed by rgmanager. (BZ#555901) * Previously, simultaneous execution of "lvchange --deltag" from /etc/init.d/rgmanager caused a checksum error on High Availability Logical Volume Manager (HA-LVM). With this update, ownership of LVM tags is checked before removing them. (BZ#559582) * Previously, the isAlive check could fail if two nodes used the same file name. With this update, the isAlive function prevents two nodes from using the same file name. (BZ#469815) * Previously, the S/Lang code could lead to unwanted S/Lang stack leaks during event processing. (BZ#507430) All users of rgmanager are advised to upgrade to this updated package, which corrects these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 469815 - clurgmgrd[15993]: status on clusterfs "gfs" returned 1 (generic error) 498985 - rgmanager is affected by several symlink attack vulnerabilities 506152 - nfsclient.sh leaves temporary files /tmp/nfsclient-status-cache-$$ 507430 - S/Lang stack / memory leaks 516758 - rgmanager: local_node_name does not check if magma_tool failed. 519436 - CVE-2008-6552 cman, gfs2-utils, rgmanager: multiple insecure temporary file use issues 555901 - fs.sh can kill processes that are not on the mount point which is being unmounted 639044 - CVE-2010-3389 rgmanager: insecure library loading vulnerability 6. Package List: Red Hat Cluster Suite 4AS: Source: ftp://updates.redhat.com/enterprise/4AS/en/RHCS/SRPMS/rgmanager-1.9.88-2.el4.src.rpm i386: rgmanager-1.9.88-2.el4.i386.rpm rgmanager-debuginfo-1.9.88-2.el4.i386.rpm ia64: rgmanager-1.9.88-2.el4.ia64.rpm rgmanager-debuginfo-1.9.88-2.el4.ia64.rpm ppc: rgmanager-1.9.88-2.el4.ppc64.rpm rgmanager-debuginfo-1.9.88-2.el4.ppc64.rpm x86_64: rgmanager-1.9.88-2.el4.x86_64.rpm rgmanager-debuginfo-1.9.88-2.el4.x86_64.rpm Red Hat Cluster Suite 4ES: Source: ftp://updates.redhat.com/enterprise/4ES/en/RHCS/SRPMS/rgmanager-1.9.88-2.el4.src.rpm i386: rgmanager-1.9.88-2.el4.i386.rpm rgmanager-debuginfo-1.9.88-2.el4.i386.rpm ia64: rgmanager-1.9.88-2.el4.ia64.rpm rgmanager-debuginfo-1.9.88-2.el4.ia64.rpm x86_64: rgmanager-1.9.88-2.el4.x86_64.rpm rgmanager-debuginfo-1.9.88-2.el4.x86_64.rpm Red Hat Cluster Suite 4WS: Source: ftp://updates.redhat.com/enterprise/4WS/en/RHCS/SRPMS/rgmanager-1.9.88-2.el4.src.rpm i386: rgmanager-1.9.88-2.el4.i386.rpm rgmanager-debuginfo-1.9.88-2.el4.i386.rpm ia64: rgmanager-1.9.88-2.el4.ia64.rpm rgmanager-debuginfo-1.9.88-2.el4.ia64.rpm x86_64: rgmanager-1.9.88-2.el4.x86_64.rpm rgmanager-debuginfo-1.9.88-2.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2008-6552.html https://www.redhat.com/security/data/cve/CVE-2010-3389.html https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNW/CaXlSAg2UNWIIRAonpAJ9BaU7Y+6qXzBY5oiQ4PgQFDpQrMQCgrrAw g+llk7ovrBjO2zjH2U/tuSg= =lug0 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 16 15:50:00 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Feb 2011 10:50:00 -0500 Subject: [RHSA-2011:0265-01] Low: ccs security update Message-ID: <201102161550.p1GFoH8v026143@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: ccs security update Advisory ID: RHSA-2011:0265-01 Product: Red Hat Cluster Suite Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0265.html Issue date: 2011-02-16 CVE Names: CVE-2008-6552 ===================================================================== 1. Summary: Updated ccs packages that fix one security issue are now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Cluster Suite 4AS - i386, ia64, ppc, x86_64 Red Hat Cluster Suite 4ES - i386, ia64, x86_64 Red Hat Cluster Suite 4WS - i386, ia64, x86_64 3. Description: The Cluster Configuration System provides the ability for nodes in a cluster to obtain information about the cluster and each other. ccs_tool is a program for making online updates to the cluster configuration file. An insecure temporary file use flaw was found in ccs_tool. A local attacker could use this flaw to conduct a symbolic link attack, allowing them to overwrite (with the output of ccs_tool) an arbitrary file writable by the victim running ccs_tool. (CVE-2008-6552) All ccs users should upgrade to these updated packages, which correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 498980 - cluster product is affected by several symlink attack vulnerabilities 519436 - CVE-2008-6552 cman, gfs2-utils, rgmanager: multiple insecure temporary file use issues 6. Package List: Red Hat Cluster Suite 4AS: Source: ftp://updates.redhat.com/enterprise/4AS/en/RHCS/SRPMS/ccs-1.0.13-2.src.rpm i386: ccs-1.0.13-2.i686.rpm ccs-debuginfo-1.0.13-2.i686.rpm ccs-devel-1.0.13-2.i686.rpm ia64: ccs-1.0.13-2.ia64.rpm ccs-debuginfo-1.0.13-2.ia64.rpm ccs-devel-1.0.13-2.ia64.rpm ppc: ccs-1.0.13-2.ppc64.rpm ccs-debuginfo-1.0.13-2.ppc64.rpm ccs-devel-1.0.13-2.ppc64.rpm x86_64: ccs-1.0.13-2.x86_64.rpm ccs-debuginfo-1.0.13-2.x86_64.rpm ccs-devel-1.0.13-2.x86_64.rpm Red Hat Cluster Suite 4ES: Source: ftp://updates.redhat.com/enterprise/4ES/en/RHCS/SRPMS/ccs-1.0.13-2.src.rpm i386: ccs-1.0.13-2.i686.rpm ccs-debuginfo-1.0.13-2.i686.rpm ccs-devel-1.0.13-2.i686.rpm ia64: ccs-1.0.13-2.ia64.rpm ccs-debuginfo-1.0.13-2.ia64.rpm ccs-devel-1.0.13-2.ia64.rpm x86_64: ccs-1.0.13-2.x86_64.rpm ccs-debuginfo-1.0.13-2.x86_64.rpm ccs-devel-1.0.13-2.x86_64.rpm Red Hat Cluster Suite 4WS: Source: ftp://updates.redhat.com/enterprise/4WS/en/RHCS/SRPMS/ccs-1.0.13-2.src.rpm i386: ccs-1.0.13-2.i686.rpm ccs-debuginfo-1.0.13-2.i686.rpm ccs-devel-1.0.13-2.i686.rpm ia64: ccs-1.0.13-2.ia64.rpm ccs-debuginfo-1.0.13-2.ia64.rpm ccs-devel-1.0.13-2.ia64.rpm x86_64: ccs-1.0.13-2.x86_64.rpm ccs-debuginfo-1.0.13-2.x86_64.rpm ccs-devel-1.0.13-2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2008-6552.html https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNW/E7XlSAg2UNWIIRAgriAJ9zlzVljiGRNVt7EzRIwBspDSfROwCcDAHV O7KMl2/TY9Yn7mya/PEOqQo= =FFR0 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 16 16:17:20 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Feb 2011 11:17:20 -0500 Subject: [RHSA-2011:0263-01] Important: Red Hat Enterprise Linux 4.9 kernel security and bug fix update Message-ID: <201102161617.p1GGHaqq006534@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat Enterprise Linux 4.9 kernel security and bug fix update Advisory ID: RHSA-2011:0263-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0263.html Issue date: 2011-02-16 CVE Names: CVE-2010-4527 CVE-2010-4655 CVE-2011-0521 ===================================================================== 1. Summary: Updated kernel packages that fix three security issues, hundreds of bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 4. This is the ninth regular update. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A buffer overflow flaw was found in the load_mixer_volumes() function in the Linux kernel's Open Sound System (OSS) sound driver. On 64-bit PowerPC systems, a local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges. (CVE-2010-4527, Important) * A missing boundary check was found in the dvb_ca_ioctl() function in the Linux kernel's av7110 module. On systems that use old DVB cards that require the av7110 module, a local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges. (CVE-2011-0521, Important) * A missing initialization flaw was found in the ethtool_get_regs() function in the Linux kernel's ethtool IOCTL handler. A local user who has the CAP_NET_ADMIN capability could use this flaw to cause an information leak. (CVE-2010-4655, Low) Red Hat would like to thank Dan Rosenberg for reporting CVE-2010-4527, and Kees Cook for reporting CVE-2010-4655. These updated kernel packages also fix hundreds of bugs and add numerous enhancements. For details on individual bug fixes and enhancements included in this update, refer to the Red Hat Enterprise Linux 4.9 Release Notes, linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 176848 - NLM: Fix Oops in nlmclnt_mark_reclaim() 189918 - kernel: serious ugliness in iget() uses by nfsd [rhel-4.9] 217829 - Powernow driver does not work properly with different voltage CPUs 247116 - RFE: Add debug to bonding driver as module option 396631 - Increase timeout for device connection on boot 427998 - RHEL4: Can enter no tick idle mode with RCU pending leading to hang 445957 - Change "decode_getfattr: xdr error %d!" to dprintk 456047 - Kernel Panic at end_bio_bh_io_sync+44 456649 - xenbus suspend_mutex remains locked after transaction failure 457519 - groups_search() cannot handle large gid correctly 459466 - kernel: binfmt_misc.c: avoid potential kernel stack overflow [rhel-4.8] 459499 - proc_loginuid_write() uses simple_strtoul() on non-terminated array 461038 - el4u5 pv guest user coredump crashing system 462717 - IPVS wrr scheduler bug 472752 - BUG() in end_buffer_async_write() 476700 - Loss of USB HID devices when switching with a KVM 479090 - Panic in do_cciss_intr removeQ 479264 - [RHEL4] lost siginfo when a signal queue is full 480404 - kernel BUG at fs/mpage.c:417! 480937 - RHEL-4: Deadlock in Xen netfront driver. 481292 - [RHEL4.7] Original ether's status is keeping PROMISC MULTICAST mode 481371 - PG_error bit is never cleared, even when a fresh I/O to the page succeeds 483783 - kernel hid-input.c divide error crash 484415 - CCISS device-mapper-multipath support: missing sysfs attributes 485904 - [RHEL4] Netfilter modules unloading hangs 488931 - ACLs on NFS mounted directories disappear 490148 - Xen domU, RAID1, LVM, iscsi target export with blockio bug 491284 - [x86_64]: copy_user_c can zero more data than needed 492868 - Xen guest kernel advertises absolute mouse pointer feature which it is incapable of setting up correctly 493780 - EL4U7 kernel bug fix update (Oracle bug 7916406 - JVM process hang) 494404 - [RHEL4.5] Even if a process have received data but schedule() in select() cannot return 494688 - e1000e: sporadic hang in netdump 495858 - show_partition() oops when race with rescan_partitions(). 496201 - [RHEL4] Nscd consumes many cpu resources ( nearly 100% ) continuously. 496205 - PVFB frontend can send bogus screen updates 496206 - xenkbd can crash when probe fails 496209 - PVFB frontend mouse wheel support 498012 - Bonding driver updelay parameter actual behavior doesn't match documented behavior 499355 - e1000_clean_tx_irq: Detected Tx Unit Hang 499548 - kernel: proc: avoid information leaks to non-privileged processes [rhel-4.9] 499848 - [RHEL4-U8] Kernel - testing NMI watchdog ... CPU#0: NMI appears to be stuck (0)! 500637 - A bond's preferred primary setting is lost after bringing down and up of the primary slave. 500889 - Various IPv4/v6 SNMP counter fixes 500904 - renaming file on a share w/o write permissions causes oops 501064 - [Stratus 4.9 bug] panic reading /proc/bus/input/devices during input device removal 501335 - oops in nfs4_put_open_state 501500 - oops in nfsd_svc after forced unmount of stale nfs4 filesystem and reboot 501844 - kernel: random: ICE at get_random_int() [rhel-4.3] 502473 - Failure logging execve with lots of arguments 502884 - NFSv4 Issue/slowdown when testing against the NetApp server 503489 - [NetApp 4.8 bug] Issues with "qioctlmod" module on RHEL4.8 hosts with QLogic FC inbox drivers 503762 - Adding bonding in balance-alb mode to bridge cause network connectivity to be lost [rhel-4.9] 504080 - MegaRAID SAS 1078 tape I/O errors when using mt erase 504156 - rtl8139 doesn't work with bonding in alb mode [rhel-4.9] 504279 - [RHEL 4] Lookups due to infinite loops in posix_locks_deadlock 504593 - LRO patch to 4.7 breaks SANGOMA WANPIPE drivers build 504778 - FEAT RHEL4.9: Support new PCI IDS to support VX800 in via82cxxx 504988 - [RHEL4 Xen]: i386 Guest crash when host has >= 64G RAM 505081 - [RHEL4.8 Xen]: Xenbus warnings in a FV guest on shutdown 505122 - Make Aborted Command (internal target failure) retryable at SCSI layer (sense B 44 00) 505506 - RHEL4.8: crash in do_cciss_request() 505591 - Bug in lockd prevents a locks being freed. 506875 - kernel: ptrace: don't use REMOVE_LINKS/SET_LINKS for reparenting [rhel-4.9] 507527 - NFSD returns NFS4_OK when the owner opens a file with permission set to 000 507847 - Balloon driver gives up too easily when ballooning up under memory pressure 507951 - [4.8]Kernel can not increase the counter of Icmp6OutDestUnreachs when forwarding packet with address unreachable. 509220 - i386 rhel4.8 kvm guests crashes in virtio during installation 509627 - kernel: fd leak if pipe() is called with an invalid address [rhel-4.9] 509816 - cciss: spinlock deadlock causes NMI on HP systems 510184 - NFSD returns NFS4_OK(0) when OPEN with access==read/write on a read-denied/write-denied file 510395 - num_mtt settings of 2097152 fails in RHEL with infiniband HCA 510454 - [IPv6] No fragment header in ICMPv6 reply after packet_too_big message 511183 - kernel: build with -fno-delete-null-pointer-checks [rhel-4.9] 512641 - kernel: security: implement mmap_min_addr infrastructure [rhel-4.9] 514684 - NFS: mounted NFSv4/krb5 export inaccessible following an NFS server reboot 515274 - /proc/net/dev sometimes contains bogus values (BCM5706) 516076 - netconsole on e1000 cause "Badness in local_bh_enable at kernel/softirq.c:141" 516742 - CIFS - crash in small_smb_init 517162 - cthon test5 failing on nfsv4 with rhel6 client vs. rhel4 server 517329 - [RHEL4.8] igb driver doesn't allocate enough buffer for ethtool_get_strings() 517523 - get_partstats() returns NULL and causes panic 520018 - statfs on NFS partition always returns 0 520299 - kernel: ipv4: make ip_append_data() handle NULL routing table [rhel-4.9] 522000 - [RFE ] Connlimit kernel module support [rhel-4.9] 523983 - kernel: ipt_recent: sanity check hit count [rhel-4.9] 524884 - reading from /proc/net/ip_conntrack returns ENOSPC 525398 - RHEL4: Unable to write to file as non-root user with setuid and setgid bit set 525941 - OOM on i686 kernel-smp 527656 - bnx2x fails when iptables is on 528066 - [Cisco/LSI 4.9 bug] mptctl module dereferences a userspace address, triggering a crash 529063 - qla2xxx flash programming changes in 4.8 broke diskdump 531914 - [4.6] TCP conntrack doesn't handle half-open state connection correctly 532045 - SCTP Messages out of order 532593 - Upgrade from RHEL4U7 to U8 fails to bring up networking with forcedeth driver. [simple patch] 532858 - IBM HS22: SOL drops on bnx2 driver load 533299 - scsi device add/remove panic at sysfs_hash_and_remove 537475 - Write barrier operations not working for libata and general SCSI disks 539506 - [4.7] wait4 blocks on non-existing pid 541538 - [RHEL4 Xen]: PV guest crash on poweroff 543823 - [RHEL4]: A new xenfb thread is created on every save/restore 546251 - [RHEL4.5] select() cannot return in UDP/UNIX domain socket 546324 - TCP receive window clamping problem 547213 - ext2online resize hangs 548496 - [Emulex 4.9 bug] lpfc driver doesn't acquire lock when searching hba for target 552953 - "forcedeth" driver issue: eth0 fails to get ip address on boot with RHEL4 kernel 557122 - No output of xmit_hash_policy on IEEE 802.3ad Bonding 557380 - Kernel panic due to recursive lock in 3c59x driver. 558607 - e1000e: wol is broken in kernel 2.6.9-89.19 561108 - platform:ahern:rmmod hangs at 100% cpu removing usbnet module 562949 - problems with aliased dentries and case-insensitivity in CIFS readdir code 563920 - Please implement upstream fix for potential filesystem corruption bug 568271 - [QLogic 4.9 bug] qla2xxx: Fix srb cache destroy issue on driver unload and FDMI registration issue (8.02.10.01.04.09-d) 569668 - [RHEL4] boot hangs if scsi read capacity fails on faulty non system drive 577178 - megaraid_sas: fix physical disk handling 577378 - NFSv3 file attributes are not updated by READDIRPLUS reply 585430 - Add log message for unhandled sense error REPORTED_LUNS_DATA_CHANGED 589897 - Lost the network in a KVM VM on top of 4.9 591938 - cifs: busy file renames across directories should fail with error 594633 - kernel: security: testing the wrong variable in create_by_name() [rhel-4.9] 604786 - second cifs mount to samba server fails when samba using security=ADS 605455 - EXT3-fs error: do_get_write_access: OOM for frozen_buffer 607261 - Read from /proc/xen/xenbus does not honor O_NONBLOCK 607533 - Vhost:Fail to transfer file between two guests in same vlan 610236 - [4u8] Bonding in ALB mode sends ARP in loop 614559 - sky2 issue with 4.8 kernel 620485 - system crashes due to corrupt net_device_wrapper structure 621209 - [4u9] bonding: fix a race condition in calls to slave MII ioctls 623265 - bnx2: panic in bnx2_poll_work() 624117 - recording fails when usb audio device is connected to EHCI controller (ehci_hcd) 624713 - [RHEL4] Problems with aacraid - File system going into read-only. 629143 - Assertion failure in ext3_put_super() at fs/ext3/super.c:426: "list_empty(&sbi->s_orphan)" 630564 - kernel: additional stack guard patches [rhel-4.9] 634632 - nfs4_reclaim_open_state: unhandled error -5. Zeroing state 637556 - Bonded interface doesn't issue IGMP report (join) on slave interface during failover 637658 - [RHEL 4.8] 32-bit pvhvm guest on 64-bit host crash w/xm mem-set 640803 - [RHEL4.8.z] soft lockup on vlan with bonding in balance-alb mode 641112 - bonding does not switch to slave 643992 - Kernel maintainer's bz for spec file changes 645220 - [RFE] kernel: modules: sysctl to block module loading [rhel-4.9] 645633 - temporary loss of path to SAN results in persistent EIO with msync 647187 - [netfront] ethtool -i should return proper information for netfront device 647196 - RFE: Virtio nic should support "ethtool -i virtio nic" 651334 - RHEL4.9: EHCI: AMD periodic frame list table quirk 653252 - kernel: restrict unprivileged access to kernel syslog [rhel-4.9] 653505 - [4.9 Regression] network is lost after balloon-up fails 658824 - The USB storage cannot use >2TB. 662839 - [REG][4.9] Filesystem corruption happens on ext2 filesystem 667615 - CVE-2010-4527 kernel: buffer overflow in OSS load_mixer_volumes 672398 - CVE-2011-0521 kernel: av7110 negative array offset 672428 - CVE-2010-4655 kernel: heap contents leak for CAP_NET_ADMIN via ethtool ioctl 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-100.EL.src.rpm i386: kernel-2.6.9-100.EL.i686.rpm kernel-debuginfo-2.6.9-100.EL.i686.rpm kernel-devel-2.6.9-100.EL.i686.rpm kernel-hugemem-2.6.9-100.EL.i686.rpm kernel-hugemem-devel-2.6.9-100.EL.i686.rpm kernel-smp-2.6.9-100.EL.i686.rpm kernel-smp-devel-2.6.9-100.EL.i686.rpm kernel-xenU-2.6.9-100.EL.i686.rpm kernel-xenU-devel-2.6.9-100.EL.i686.rpm ia64: kernel-2.6.9-100.EL.ia64.rpm kernel-debuginfo-2.6.9-100.EL.ia64.rpm kernel-devel-2.6.9-100.EL.ia64.rpm kernel-largesmp-2.6.9-100.EL.ia64.rpm kernel-largesmp-devel-2.6.9-100.EL.ia64.rpm noarch: kernel-doc-2.6.9-100.EL.noarch.rpm ppc: kernel-2.6.9-100.EL.ppc64.rpm kernel-2.6.9-100.EL.ppc64iseries.rpm kernel-debuginfo-2.6.9-100.EL.ppc64.rpm kernel-debuginfo-2.6.9-100.EL.ppc64iseries.rpm kernel-devel-2.6.9-100.EL.ppc64.rpm kernel-devel-2.6.9-100.EL.ppc64iseries.rpm kernel-largesmp-2.6.9-100.EL.ppc64.rpm kernel-largesmp-devel-2.6.9-100.EL.ppc64.rpm s390: kernel-2.6.9-100.EL.s390.rpm kernel-debuginfo-2.6.9-100.EL.s390.rpm kernel-devel-2.6.9-100.EL.s390.rpm s390x: kernel-2.6.9-100.EL.s390x.rpm kernel-debuginfo-2.6.9-100.EL.s390x.rpm kernel-devel-2.6.9-100.EL.s390x.rpm x86_64: kernel-2.6.9-100.EL.x86_64.rpm kernel-debuginfo-2.6.9-100.EL.x86_64.rpm kernel-devel-2.6.9-100.EL.x86_64.rpm kernel-largesmp-2.6.9-100.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-100.EL.x86_64.rpm kernel-smp-2.6.9-100.EL.x86_64.rpm kernel-smp-devel-2.6.9-100.EL.x86_64.rpm kernel-xenU-2.6.9-100.EL.x86_64.rpm kernel-xenU-devel-2.6.9-100.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-100.EL.src.rpm i386: kernel-2.6.9-100.EL.i686.rpm kernel-debuginfo-2.6.9-100.EL.i686.rpm kernel-devel-2.6.9-100.EL.i686.rpm kernel-hugemem-2.6.9-100.EL.i686.rpm kernel-hugemem-devel-2.6.9-100.EL.i686.rpm kernel-smp-2.6.9-100.EL.i686.rpm kernel-smp-devel-2.6.9-100.EL.i686.rpm kernel-xenU-2.6.9-100.EL.i686.rpm kernel-xenU-devel-2.6.9-100.EL.i686.rpm noarch: kernel-doc-2.6.9-100.EL.noarch.rpm x86_64: kernel-2.6.9-100.EL.x86_64.rpm kernel-debuginfo-2.6.9-100.EL.x86_64.rpm kernel-devel-2.6.9-100.EL.x86_64.rpm kernel-largesmp-2.6.9-100.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-100.EL.x86_64.rpm kernel-smp-2.6.9-100.EL.x86_64.rpm kernel-smp-devel-2.6.9-100.EL.x86_64.rpm kernel-xenU-2.6.9-100.EL.x86_64.rpm kernel-xenU-devel-2.6.9-100.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-100.EL.src.rpm i386: kernel-2.6.9-100.EL.i686.rpm kernel-debuginfo-2.6.9-100.EL.i686.rpm kernel-devel-2.6.9-100.EL.i686.rpm kernel-hugemem-2.6.9-100.EL.i686.rpm kernel-hugemem-devel-2.6.9-100.EL.i686.rpm kernel-smp-2.6.9-100.EL.i686.rpm kernel-smp-devel-2.6.9-100.EL.i686.rpm kernel-xenU-2.6.9-100.EL.i686.rpm kernel-xenU-devel-2.6.9-100.EL.i686.rpm ia64: kernel-2.6.9-100.EL.ia64.rpm kernel-debuginfo-2.6.9-100.EL.ia64.rpm kernel-devel-2.6.9-100.EL.ia64.rpm kernel-largesmp-2.6.9-100.EL.ia64.rpm kernel-largesmp-devel-2.6.9-100.EL.ia64.rpm noarch: kernel-doc-2.6.9-100.EL.noarch.rpm x86_64: kernel-2.6.9-100.EL.x86_64.rpm kernel-debuginfo-2.6.9-100.EL.x86_64.rpm kernel-devel-2.6.9-100.EL.x86_64.rpm kernel-largesmp-2.6.9-100.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-100.EL.x86_64.rpm kernel-smp-2.6.9-100.EL.x86_64.rpm kernel-smp-devel-2.6.9-100.EL.x86_64.rpm kernel-xenU-2.6.9-100.EL.x86_64.rpm kernel-xenU-devel-2.6.9-100.EL.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-100.EL.src.rpm i386: kernel-2.6.9-100.EL.i686.rpm kernel-debuginfo-2.6.9-100.EL.i686.rpm kernel-devel-2.6.9-100.EL.i686.rpm kernel-hugemem-2.6.9-100.EL.i686.rpm kernel-hugemem-devel-2.6.9-100.EL.i686.rpm kernel-smp-2.6.9-100.EL.i686.rpm kernel-smp-devel-2.6.9-100.EL.i686.rpm kernel-xenU-2.6.9-100.EL.i686.rpm kernel-xenU-devel-2.6.9-100.EL.i686.rpm ia64: kernel-2.6.9-100.EL.ia64.rpm kernel-debuginfo-2.6.9-100.EL.ia64.rpm kernel-devel-2.6.9-100.EL.ia64.rpm kernel-largesmp-2.6.9-100.EL.ia64.rpm kernel-largesmp-devel-2.6.9-100.EL.ia64.rpm noarch: kernel-doc-2.6.9-100.EL.noarch.rpm x86_64: kernel-2.6.9-100.EL.x86_64.rpm kernel-debuginfo-2.6.9-100.EL.x86_64.rpm kernel-devel-2.6.9-100.EL.x86_64.rpm kernel-largesmp-2.6.9-100.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-100.EL.x86_64.rpm kernel-smp-2.6.9-100.EL.x86_64.rpm kernel-smp-devel-2.6.9-100.EL.x86_64.rpm kernel-xenU-2.6.9-100.EL.x86_64.rpm kernel-xenU-devel-2.6.9-100.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4527.html https://www.redhat.com/security/data/cve/CVE-2010-4655.html https://www.redhat.com/security/data/cve/CVE-2011-0521.html https://access.redhat.com/security/updates/classification/#important http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/4/html/4.9_Release_Notes/index.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNW/dwXlSAg2UNWIIRAqY/AKC5TqPxUUfq1EKBKKmDP2IUDENX/QCfaYo6 CLBnfRP4gb/k0StaMyPPPxQ= =pnRI -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 16 16:27:26 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Feb 2011 11:27:26 -0500 Subject: [RHSA-2011:0266-01] Low: fence security, bug fix, and enhancement update Message-ID: <201102161627.p1GGRhXl010183@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: fence security, bug fix, and enhancement update Advisory ID: RHSA-2011:0266-01 Product: Red Hat Cluster Suite Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0266.html Issue date: 2011-02-16 CVE Names: CVE-2008-4192 CVE-2008-4579 ===================================================================== 1. Summary: An updated fence package that fixes multiple security issues, several bugs, and adds two enhancements is now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Cluster Suite 4AS - i386, ia64, ppc, x86_64 Red Hat Cluster Suite 4ES - i386, ia64, x86_64 Red Hat Cluster Suite 4WS - i386, ia64, x86_64 3. Description: The fence package allows failed or unreachable nodes to be forcibly restarted and removed from a cluster. Insecure temporary file use flaws were found in fence_egenera, fence_apc, and fence_apc_snmp. A local attacker could use these flaws to overwrite an arbitrary file writable by the victim running those utilities via a symbolic link attack. (CVE-2008-4192, CVE-2008-4579) This update also fixes the following bugs: * fence_apc_snmp now waits for five seconds after fencing to properly get status. (BZ#494587) * The fence_drac5 help output now shows the proper commands. (BZ#498870) * fence_scsi_test.pl now verifies that sg_persist is in the path before running. (BZ#500172) * fence_drac5 is now more consistent with other agents and uses module_name instead of modulename. (BZ#500546) * fence_apc and fence_wti no longer fail with a pexpect exception. (BZ#501890, BZ#504589) * fence_wti no longer issues a traceback when an option is missing. (BZ#508258) * fence_sanbox2 is now able to properly obtain the status after fencing. (BZ#510279) * Fencing no longer fails if fence_wti is used without telnet. (BZ#510335) * fence_scsi get_scsi_devices no longer hangs with various devices. (BZ#545193) * fence_ilo no longer fails to reboot with ilo2 firmware 1.70. (BZ#545682) * Fixed an issue with fence_ilo not rebooting in some implementations. (BZ#576036) * fence_ilo no longer throws exceptions if the user does not have power privileges. (BZ#576178) As well, this update adds the following enhancements: * Support has been added for SSH-enabled RSA II fence devices. (BZ#476161) * The APC fence agent will now work with a non-root account. (BZ#491643) All fence users are advised to upgrade to this updated package, which corrects these issues and adds these enhancements. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 460476 - CVE-2008-4192 cman/fence: insecure temporary file usage in the egenera fence agent 467386 - CVE-2008-4579 cman/fence: insecure temporary file usage in the apc fence agents 491643 - APC Fence Agent does not work with non-admin account 494587 - fence_apc_snmp time wait 498870 - fence_drac5 help output shows incorrect usage 498983 - cluster product is affected by several symlink attack vulnerabilities 500172 - cman - fence_scsi_test.pl does not check for sg_persist in the path 500546 - fence_drac5 uses module_name instead of modulename 501890 - fence_apc fails with pexpect exception 504589 - fence agents (fence_apc, fence_wti) fails with pexpect exception 508268 - Fence agent for WTI ends with traceback when option is missing 510279 - fence_sanbox2 unable to retrieve status of fencing 545193 - fence_scsi get_scsi_devices() too slow, maybe hanging 545682 - fence_ilo fails to reboot, possibly timing problem with ilo2 1.70 576036 - ipmi fence failed 576178 - fence_ilo will throw exception if user does not have power priviledges 584133 - Can't build fence without removing -Wstrict-prototypes due to nss issue 6. Package List: Red Hat Cluster Suite 4AS: Source: ftp://updates.redhat.com/enterprise/4AS/en/RHCS/SRPMS/fence-1.32.68-5.el4.src.rpm i386: fence-1.32.68-5.el4.i686.rpm fence-debuginfo-1.32.68-5.el4.i686.rpm ia64: fence-1.32.68-5.el4.ia64.rpm fence-debuginfo-1.32.68-5.el4.ia64.rpm ppc: fence-1.32.68-5.el4.ppc64.rpm fence-debuginfo-1.32.68-5.el4.ppc64.rpm x86_64: fence-1.32.68-5.el4.x86_64.rpm fence-debuginfo-1.32.68-5.el4.x86_64.rpm Red Hat Cluster Suite 4ES: Source: ftp://updates.redhat.com/enterprise/4ES/en/RHCS/SRPMS/fence-1.32.68-5.el4.src.rpm i386: fence-1.32.68-5.el4.i686.rpm fence-debuginfo-1.32.68-5.el4.i686.rpm ia64: fence-1.32.68-5.el4.ia64.rpm fence-debuginfo-1.32.68-5.el4.ia64.rpm x86_64: fence-1.32.68-5.el4.x86_64.rpm fence-debuginfo-1.32.68-5.el4.x86_64.rpm Red Hat Cluster Suite 4WS: Source: ftp://updates.redhat.com/enterprise/4WS/en/RHCS/SRPMS/fence-1.32.68-5.el4.src.rpm i386: fence-1.32.68-5.el4.i686.rpm fence-debuginfo-1.32.68-5.el4.i686.rpm ia64: fence-1.32.68-5.el4.ia64.rpm fence-debuginfo-1.32.68-5.el4.ia64.rpm x86_64: fence-1.32.68-5.el4.x86_64.rpm fence-debuginfo-1.32.68-5.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2008-4192.html https://www.redhat.com/security/data/cve/CVE-2008-4579.html https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNW/nOXlSAg2UNWIIRAiV9AJkBbTjAqRKJQtT/tadx7diZqqf8dACgrs0C FVyhqvCe98RBBnxnAnCkFQs= =AvHV -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 16 21:35:54 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Feb 2011 16:35:54 -0500 Subject: [RHSA-2011:0279-01] Low: Red Hat Enterprise Linux Extended Update Support 4.7 6-Month EOL Notice Message-ID: <201102162135.p1GLZurq007744@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux Extended Update Support 4.7 6-Month EOL Notice Advisory ID: RHSA-2011:0279-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0279.html Issue date: 2011-02-16 ===================================================================== 1. Summary: This is the 6-month notification of the End Of Life plans for Red Hat Enterprise Linux Extended Update Support Add-On (EUS) 4.7. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4.7.z - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 4.7.z - i386, ia64, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 4 Update 7 will end on August 31, 2011. Note: This does not impact you unless you are subscribed to the Extended Update Support (EUS) channel for Red Hat Enterprise Linux 4.7. Details of the Red Hat Enterprise Linux life-cycle can be found on the Red Hat website: https://access.redhat.com/support/policy/updates/errata/ 4. Solution: This erratum contains an updated redhat-release package, that provides a copy of this end of life notice in the "/usr/share/doc/" directory. 5. Package List: Red Hat Enterprise Linux AS version 4.7.z: Source: redhat-release-4AS-8.0.el4_7.2.src.rpm i386: redhat-release-4AS-8.0.el4_7.2.i386.rpm redhat-release-debuginfo-4AS-8.0.el4_7.2.i386.rpm ia64: redhat-release-4AS-8.0.el4_7.2.ia64.rpm redhat-release-debuginfo-4AS-8.0.el4_7.2.ia64.rpm ppc: redhat-release-4AS-8.0.el4_7.2.ppc.rpm redhat-release-debuginfo-4AS-8.0.el4_7.2.ppc.rpm s390: redhat-release-4AS-8.0.el4_7.2.s390.rpm redhat-release-debuginfo-4AS-8.0.el4_7.2.s390.rpm s390x: redhat-release-4AS-8.0.el4_7.2.s390x.rpm redhat-release-debuginfo-4AS-8.0.el4_7.2.s390x.rpm x86_64: redhat-release-4AS-8.0.el4_7.2.x86_64.rpm redhat-release-debuginfo-4AS-8.0.el4_7.2.x86_64.rpm Red Hat Enterprise Linux ES version 4.7.z: Source: redhat-release-4ES-8.0.el4_7.2.src.rpm i386: redhat-release-4ES-8.0.el4_7.2.i386.rpm redhat-release-debuginfo-4ES-8.0.el4_7.2.i386.rpm ia64: redhat-release-4ES-8.0.el4_7.2.ia64.rpm redhat-release-debuginfo-4ES-8.0.el4_7.2.ia64.rpm x86_64: redhat-release-4ES-8.0.el4_7.2.x86_64.rpm redhat-release-debuginfo-4ES-8.0.el4_7.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 6. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/support/policy/updates/errata/ 7. Contact: The Red Hat security contact is <secalert at redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNXEMmXlSAg2UNWIIRAv+PAJ9FvwR2tsI+3atCaHDd9+DKbS4qmACdFu6t J7igETZ2QZlNIwsHvNSl0jg= =Dc70 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 17 18:43:42 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 Feb 2011 13:43:42 -0500 Subject: [RHSA-2011:0281-01] Important: java-1.6.0-openjdk security update Message-ID: <201102171844.p1HIi7wG019671@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.6.0-openjdk security update Advisory ID: RHSA-2011:0281-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0281.html Issue date: 2011-02-17 CVE Names: CVE-2010-4448 CVE-2010-4450 CVE-2010-4465 CVE-2010-4469 CVE-2010-4470 CVE-2010-4472 ===================================================================== 1. Summary: Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. A flaw was found in the Swing library. Forged TimerEvents could be used to bypass SecurityManager checks, allowing access to otherwise blocked files and directories. (CVE-2010-4465) A flaw was found in the HotSpot component in OpenJDK. Certain bytecode instructions confused the memory management within the Java Virtual Machine (JVM), which could lead to heap corruption. (CVE-2010-4469) A flaw was found in the way JAXP (Java API for XML Processing) components were handled, allowing them to be manipulated by untrusted applets. This could be used to elevate privileges and bypass secure XML processing restrictions. (CVE-2010-4470) It was found that untrusted applets could create and place cache entries in the name resolution cache. This could allow an attacker targeted manipulation over name resolution until the OpenJDK VM is restarted. (CVE-2010-4448) It was found that the Java launcher provided by OpenJDK did not check the LD_LIBRARY_PATH environment variable for insecure empty path elements. A local attacker able to trick a user into running the Java launcher while working from an attacker-writable directory could use this flaw to load an untrusted library, subverting the Java security model. (CVE-2010-4450) A flaw was found in the XML Digital Signature component in OpenJDK. Untrusted code could use this flaw to replace the Java Runtime Environment (JRE) XML Digital Signature Transform or C14N algorithm implementations to intercept digital signature operations. (CVE-2010-4472) Note: All of the above flaws can only be remotely triggered in OpenJDK by calling the "appletviewer" application. This update also provides one defense in depth patch. (BZ#676019) All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 675942 - CVE-2010-4472 OpenJDK untrusted code allowed to replace DSIG/C14N implementation (6994263) 675958 - CVE-2010-4469 OpenJDK Hotspot verifier heap corruption (6878713) 675984 - CVE-2010-4465 OpenJDK Swing timer-based security manager bypass (6907662) 676005 - CVE-2010-4470 OpenJDK JAXP untrusted component state manipulation (6927050) 676019 - CVE-2010-4471 OpenJDK Java2D font-related system property leak (6985453) 676023 - CVE-2010-4448 OpenJDK DNS cache poisoning by untrusted applets (6981922) 676026 - CVE-2010-4450 OpenJDK Launcher incorrect processing of empty library path entries (6983554) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.20.b17.el5.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.20.b17.el5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.20.b17.el5.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.20.b17.el5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4448.html https://www.redhat.com/security/data/cve/CVE-2010-4450.html https://www.redhat.com/security/data/cve/CVE-2010-4465.html https://www.redhat.com/security/data/cve/CVE-2010-4469.html https://www.redhat.com/security/data/cve/CVE-2010-4470.html https://www.redhat.com/security/data/cve/CVE-2010-4472.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNXWtmXlSAg2UNWIIRAqpdAKDCCXlDTtOuTC5P0jxFURGMj3z2mwCfX+4j NWjZPNAJCcHgorBut6xD2jo= =9zIQ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 17 18:49:53 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 Feb 2011 13:49:53 -0500 Subject: [RHSA-2011:0282-01] Critical: java-1.6.0-sun security update Message-ID: <201102171850.p1HIoItq022253@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-sun security update Advisory ID: RHSA-2011:0282-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0282.html Issue date: 2011-02-17 CVE Names: CVE-2010-4422 CVE-2010-4447 CVE-2010-4448 CVE-2010-4450 CVE-2010-4451 CVE-2010-4452 CVE-2010-4454 CVE-2010-4462 CVE-2010-4463 CVE-2010-4465 CVE-2010-4466 CVE-2010-4467 CVE-2010-4468 CVE-2010-4469 CVE-2010-4470 CVE-2010-4471 CVE-2010-4472 CVE-2010-4473 CVE-2010-4475 CVE-2010-4476 ===================================================================== 1. Summary: Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the "Oracle Java SE and Java for Business Critical Patch Update Advisory" page, listed in the References section. (CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4451, CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4466, CVE-2010-4467, CVE-2010-4468, CVE-2010-4469, CVE-2010-4470, CVE-2010-4471, CVE-2010-4472, CVE-2010-4473, CVE-2010-4475, CVE-2010-4476) All users of java-1.6.0-sun are advised to upgrade to these updated packages, which resolve these issues. All running instances of Sun Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 674336 - CVE-2010-4476 JDK Double.parseDouble Denial-Of-Service 675942 - CVE-2010-4472 OpenJDK untrusted code allowed to replace DSIG/C14N implementation (6994263) 675958 - CVE-2010-4469 OpenJDK Hotspot verifier heap corruption (6878713) 675984 - CVE-2010-4465 OpenJDK Swing timer-based security manager bypass (6907662) 676005 - CVE-2010-4470 OpenJDK JAXP untrusted component state manipulation (6927050) 676019 - CVE-2010-4471 OpenJDK Java2D font-related system property leak (6985453) 676023 - CVE-2010-4448 OpenJDK DNS cache poisoning by untrusted applets (6981922) 676026 - CVE-2010-4450 OpenJDK Launcher incorrect processing of empty library path entries (6983554) 677957 - CVE-2010-4475 JDK unspecified vulnerability in Deployment component 677958 - CVE-2010-4473 JDK unspecified vulnerability in Sound component 677959 - CVE-2010-4468 JDK unspecified vulnerability in JDBC component 677960 - CVE-2010-4467 JDK unspecified vulnerability in Deployment component 677961 - CVE-2010-4466 JDK unspecified vulnerability in Deployment component 677963 - CVE-2010-4463 JDK unspecified vulnerability in Deployment component 677966 - CVE-2010-4462 JDK unspecified vulnerability in Sound component 677967 - CVE-2010-4454 JDK unspecified vulnerability in Sound component 677968 - CVE-2010-4452 JDK unspecified vulnerability in Deployment component 677969 - CVE-2010-4451 JDK unspecified vulnerability in Install component 677970 - CVE-2010-4447 JDK unspecified vulnerability in Deployment component 677971 - CVE-2010-4422 JDK unspecified vulnerability in Deployment component 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: java-1.6.0-sun-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: java-1.6.0-sun-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: java-1.6.0-sun-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: java-1.6.0-sun-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.6.0-sun-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el5.i586.rpm x86_64: java-1.6.0-sun-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-1.6.0.24-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el5.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.6.0-sun-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el5.i586.rpm x86_64: java-1.6.0-sun-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-1.6.0.24-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el5.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el6.i686.rpm x86_64: java-1.6.0-sun-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-sun-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el6.i686.rpm x86_64: java-1.6.0-sun-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el6.i686.rpm x86_64: java-1.6.0-sun-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.24-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.24-1jpp.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4422.html https://www.redhat.com/security/data/cve/CVE-2010-4447.html https://www.redhat.com/security/data/cve/CVE-2010-4448.html https://www.redhat.com/security/data/cve/CVE-2010-4450.html https://www.redhat.com/security/data/cve/CVE-2010-4451.html https://www.redhat.com/security/data/cve/CVE-2010-4452.html https://www.redhat.com/security/data/cve/CVE-2010-4454.html https://www.redhat.com/security/data/cve/CVE-2010-4462.html https://www.redhat.com/security/data/cve/CVE-2010-4463.html https://www.redhat.com/security/data/cve/CVE-2010-4465.html https://www.redhat.com/security/data/cve/CVE-2010-4466.html https://www.redhat.com/security/data/cve/CVE-2010-4467.html https://www.redhat.com/security/data/cve/CVE-2010-4468.html https://www.redhat.com/security/data/cve/CVE-2010-4469.html https://www.redhat.com/security/data/cve/CVE-2010-4470.html https://www.redhat.com/security/data/cve/CVE-2010-4471.html https://www.redhat.com/security/data/cve/CVE-2010-4472.html https://www.redhat.com/security/data/cve/CVE-2010-4473.html https://www.redhat.com/security/data/cve/CVE-2010-4475.html https://www.redhat.com/security/data/cve/CVE-2010-4476.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html#AppendixJAVA 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNXWzfXlSAg2UNWIIRAsxnAKCWB7ECxJqIdxr4actkCdVXQDDlWACeIB6U Ny/X8FBK3G6Sj1dVIHjeGVA= =1ULT -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 22 18:02:50 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 22 Feb 2011 13:02:50 -0500 Subject: [RHSA-2011:0283-01] Moderate: kernel security, bug fix, and enhancement update Message-ID: <201102221803.p1MI3sQX018095@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2011:0283-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0283.html Issue date: 2011-02-22 CVE Names: CVE-2010-4165 CVE-2010-4169 CVE-2010-4243 ===================================================================== 1. Summary: Updated kernel packages that fix three security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A divide-by-zero flaw was found in the tcp_select_initial_window() function in the Linux kernel's TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to trigger a denial of service by calling setsockopt() with certain options. (CVE-2010-4165, Moderate) * A use-after-free flaw in the mprotect() system call in the Linux kernel could allow a local, unprivileged user to cause a local denial of service. (CVE-2010-4169, Moderate) * A flaw was found in the Linux kernel execve() system call implementation. A local, unprivileged user could cause large amounts of memory to be allocated but not visible to the OOM (Out of Memory) killer, triggering a denial of service. (CVE-2010-4243, Moderate) Red Hat would like to thank Steve Chen for reporting CVE-2010-4165, and Brad Spengler for reporting CVE-2010-4243. This update also fixes several bugs and adds two enhancements. Documentation for these bug fixes and enhancements will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs and add the enhancements noted in the Technical Notes. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 625688 - CVE-2010-4243 kernel: mm: mem allocated invisible to oom_kill() when not attached to any threads 651671 - CVE-2010-4169 kernel: perf bug 652508 - CVE-2010-4165 kernel: possible kernel oops from user MSS 652720 - read from virtio-serial returns if the host side is not connect to pipe [rhel-6.0.z] 658854 - [NetApp 6.1 bug] RHEL6.0 FC host hits kernel panic at scsi_error_handler [rhel-6.0.z] 658891 - [6.0.z FEAT] Port KVM bug fixes for cr_access to RHEL 6 [rhel-6.0.z] 659610 - [NetApp 6.1 bug] SCSI ALUA handler fails to handle ALUA transitioning properly [rhel-6.0.z] 660590 - [NetApp 6.1 bug] regression: allow offlined devs to be set to running [rhel-6.0.z] 661730 - NFS4 clients cannot reclaim locks after server reboot [rhel-6.0.z] 661731 - kernel: Problem with execve(2) reintroduced [rhel-6.1] [rhel-6.0.z] 661737 - xen PV guest kernel 2.6.32 processes lock up in D state [rhel-6.0.z] 662721 - Fix hot-unplug handling of virtio-console ports [rhel-6.0.z] 662921 - UV: WAR for interrupt-IOPort deadlock [rhel-6.0.z] 664398 - QLogic qla2xxx: Backport critical parts of 8.03.05.01.06.1-k0 to [rhel-6.0.z] 671342 - System panic in pskb_expand_head When arp_validate option is specified in bonding ARP monitor mode [rhel-6.0.z] 673978 - [NetApp 6.0 Bug] Erroneous TPG ID check in SCSI ALUA Handler [rhel-6.0.z] 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-71.18.1.el6.src.rpm i386: kernel-2.6.32-71.18.1.el6.i686.rpm kernel-debug-2.6.32-71.18.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-71.18.1.el6.i686.rpm kernel-debug-devel-2.6.32-71.18.1.el6.i686.rpm kernel-debuginfo-2.6.32-71.18.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-71.18.1.el6.i686.rpm kernel-devel-2.6.32-71.18.1.el6.i686.rpm kernel-headers-2.6.32-71.18.1.el6.i686.rpm noarch: kernel-doc-2.6.32-71.18.1.el6.noarch.rpm kernel-firmware-2.6.32-71.18.1.el6.noarch.rpm perf-2.6.32-71.18.1.el6.noarch.rpm x86_64: kernel-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-71.18.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-71.18.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-71.18.1.el6.x86_64.rpm kernel-devel-2.6.32-71.18.1.el6.x86_64.rpm kernel-headers-2.6.32-71.18.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-71.18.1.el6.src.rpm noarch: kernel-doc-2.6.32-71.18.1.el6.noarch.rpm kernel-firmware-2.6.32-71.18.1.el6.noarch.rpm perf-2.6.32-71.18.1.el6.noarch.rpm x86_64: kernel-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-71.18.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-71.18.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-71.18.1.el6.x86_64.rpm kernel-devel-2.6.32-71.18.1.el6.x86_64.rpm kernel-headers-2.6.32-71.18.1.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-71.18.1.el6.src.rpm i386: kernel-2.6.32-71.18.1.el6.i686.rpm kernel-debug-2.6.32-71.18.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-71.18.1.el6.i686.rpm kernel-debug-devel-2.6.32-71.18.1.el6.i686.rpm kernel-debuginfo-2.6.32-71.18.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-71.18.1.el6.i686.rpm kernel-devel-2.6.32-71.18.1.el6.i686.rpm kernel-headers-2.6.32-71.18.1.el6.i686.rpm noarch: kernel-doc-2.6.32-71.18.1.el6.noarch.rpm kernel-firmware-2.6.32-71.18.1.el6.noarch.rpm perf-2.6.32-71.18.1.el6.noarch.rpm ppc64: kernel-2.6.32-71.18.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-71.18.1.el6.ppc64.rpm kernel-debug-2.6.32-71.18.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-71.18.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-71.18.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-71.18.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-71.18.1.el6.ppc64.rpm kernel-devel-2.6.32-71.18.1.el6.ppc64.rpm kernel-headers-2.6.32-71.18.1.el6.ppc64.rpm s390x: kernel-2.6.32-71.18.1.el6.s390x.rpm kernel-debug-2.6.32-71.18.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-71.18.1.el6.s390x.rpm kernel-debug-devel-2.6.32-71.18.1.el6.s390x.rpm kernel-debuginfo-2.6.32-71.18.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-71.18.1.el6.s390x.rpm kernel-devel-2.6.32-71.18.1.el6.s390x.rpm kernel-headers-2.6.32-71.18.1.el6.s390x.rpm kernel-kdump-2.6.32-71.18.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-71.18.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-71.18.1.el6.s390x.rpm x86_64: kernel-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-71.18.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-71.18.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-71.18.1.el6.x86_64.rpm kernel-devel-2.6.32-71.18.1.el6.x86_64.rpm kernel-headers-2.6.32-71.18.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-71.18.1.el6.src.rpm i386: kernel-2.6.32-71.18.1.el6.i686.rpm kernel-debug-2.6.32-71.18.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-71.18.1.el6.i686.rpm kernel-debug-devel-2.6.32-71.18.1.el6.i686.rpm kernel-debuginfo-2.6.32-71.18.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-71.18.1.el6.i686.rpm kernel-devel-2.6.32-71.18.1.el6.i686.rpm kernel-headers-2.6.32-71.18.1.el6.i686.rpm noarch: kernel-doc-2.6.32-71.18.1.el6.noarch.rpm kernel-firmware-2.6.32-71.18.1.el6.noarch.rpm perf-2.6.32-71.18.1.el6.noarch.rpm x86_64: kernel-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-71.18.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-71.18.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-71.18.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-71.18.1.el6.x86_64.rpm kernel-devel-2.6.32-71.18.1.el6.x86_64.rpm kernel-headers-2.6.32-71.18.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4165.html https://www.redhat.com/security/data/cve/CVE-2010-4169.html https://www.redhat.com/security/data/cve/CVE-2010-4243.html https://access.redhat.com/security/updates/classification/#moderate http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Technical_Notes/ape.html#RHSA-2011-0283 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNY/lxXlSAg2UNWIIRAooSAKDFhGmpk+VM8iKjpoc+jdYJI+xZPQCeJ4Px qdqCE3kwotMnflaNIz50L4I= =m8XW -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 22 18:05:15 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 22 Feb 2011 13:05:15 -0500 Subject: [RHSA-2011:0290-01] Moderate: java-1.6.0-ibm security update Message-ID: <201102221806.p1MI6JGV013600@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.6.0-ibm security update Advisory ID: RHSA-2011:0290-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0290.html Issue date: 2011-02-22 CVE Names: CVE-2010-4476 ===================================================================== 1. Summary: Updated java-1.6.0-ibm packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A denial of service flaw was found in the way certain strings were converted to Double objects. A remote attacker could use this flaw to cause Java based applications to hang, for example, if they parsed Double values in a specially-crafted HTTP request. (CVE-2010-4476) All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.6.0 SR9 Java release. All running instances of IBM Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 674336 - CVE-2010-4476 JDK Double.parseDouble Denial-Of-Service 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el4.i386.rpm ppc: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4.ppc.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el4.ppc.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el4.ppc.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el4.ppc.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el4.ppc.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el4.ppc.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el4.ppc.rpm s390: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4.s390.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el4.s390.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el4.s390.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el4.s390.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el4.s390.rpm s390x: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4.s390x.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el4.s390x.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el4.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el4.s390x.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el4.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el4.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el4.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el4.i386.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el4.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el4.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el5.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el5.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el5.i386.rpm ppc: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el5.ppc.rpm java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el5.ppc64.rpm java-1.6.0-ibm-accessibility-1.6.0.9.0-1jpp.4.el5.ppc.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el5.ppc.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el5.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el5.ppc.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el5.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el5.ppc.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el5.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el5.ppc.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el5.ppc64.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el5.ppc.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el5.ppc.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el5.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el5.s390.rpm java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el5.s390x.rpm java-1.6.0-ibm-accessibility-1.6.0.9.0-1jpp.4.el5.s390x.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el5.s390.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el5.s390x.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el5.s390.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el5.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el5.s390.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el5.s390x.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el5.s390.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el5.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.4.el5.x86_64.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el5.i386.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.4.el5.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.5.el6.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.5.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-ibm-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.5.el6.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.5.el6.i686.rpm ppc64: java-1.6.0-ibm-1.6.0.9.0-1jpp.5.el6.ppc64.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.5.el6.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.ppc.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.5.el6.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.5.el6.ppc64.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.5.el6.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.9.0-1jpp.5.el6.s390x.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.5.el6.s390x.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.s390.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.5.el6.s390x.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.5.el6.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.5.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.5.el6.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.i686.rpm java-1.6.0-ibm-devel-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.9.0-1jpp.5.el6.x86_64.rpm java-1.6.0-ibm-src-1.6.0.9.0-1jpp.5.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4476.html https://access.redhat.com/security/updates/classification/#moderate http://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNY/oKXlSAg2UNWIIRAu/mAJ9cKE6VPltriE8xoum9XPQdPMxhSQCeOpCp tfA50p4rdbYRjhGswvlSNOg= =Jgol -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 22 18:07:43 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 22 Feb 2011 13:07:43 -0500 Subject: [RHSA-2011:0291-01] Moderate: java-1.5.0-ibm security update Message-ID: <201102221808.p1MI8lN1000771@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.5.0-ibm security update Advisory ID: RHSA-2011:0291-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0291.html Issue date: 2011-02-22 CVE Names: CVE-2010-4476 ===================================================================== 1. Summary: Updated java-1.5.0-ibm packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A denial of service flaw was found in the way certain strings were converted to Double objects. A remote attacker could use this flaw to cause Java based applications to hang, for example, if they parsed Double values in a specially-crafted HTTP request. (CVE-2010-4476) All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.5.0 SR12-FP3 Java release. All running instances of IBM Java must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 674336 - CVE-2010-4476 JDK Double.parseDouble Denial-Of-Service 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.i386.rpm ppc: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.ppc.rpm java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.ppc64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.ppc.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.ppc64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.ppc.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.ppc64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el4.ppc.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el4.ppc64.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el4.ppc.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.2.el4.ppc.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.ppc.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.ppc64.rpm s390: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.s390.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.s390.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.s390.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el4.s390.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.s390.rpm s390x: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.s390x.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.s390x.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.s390x.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.s390x.rpm x86_64: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.i386.rpm x86_64: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.i386.rpm x86_64: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.2.el4.i386.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.i386.rpm x86_64: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el4.x86_64.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-accessibility-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el5.i386.rpm x86_64: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el5.x86_64.rpm java-1.5.0-ibm-accessibility-1.5.0.12.3-1jpp.2.el5.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el5.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el5.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el5.x86_64.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el5.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-accessibility-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el5.i386.rpm ppc: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el5.ppc.rpm java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el5.ppc64.rpm java-1.5.0-ibm-accessibility-1.5.0.12.3-1jpp.2.el5.ppc.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el5.ppc.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el5.ppc64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el5.ppc.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el5.ppc64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el5.ppc.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el5.ppc64.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el5.ppc.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.2.el5.ppc.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el5.ppc.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el5.ppc64.rpm s390x: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el5.s390.rpm java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el5.s390x.rpm java-1.5.0-ibm-accessibility-1.5.0.12.3-1jpp.2.el5.s390x.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el5.s390.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el5.s390x.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el5.s390.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el5.s390x.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el5.s390.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el5.s390.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el5.s390x.rpm x86_64: java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el5.x86_64.rpm java-1.5.0-ibm-accessibility-1.5.0.12.3-1jpp.2.el5.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.2.el5.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.2.el5.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.2.el5.x86_64.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el5.i386.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.2.el5.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.5.0-ibm-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.3.el6.i686.rpm x86_64: java-1.5.0-ibm-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.3.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.5.0-ibm-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.3.el6.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.5.0-ibm-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.3.el6.i686.rpm ppc64: java-1.5.0-ibm-1.5.0.12.3-1jpp.3.el6.ppc64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.3.el6.ppc64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.ppc.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.ppc64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.3.el6.ppc64.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.3.el6.ppc.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.3.el6.ppc.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.3.el6.ppc64.rpm s390x: java-1.5.0-ibm-1.5.0.12.3-1jpp.3.el6.s390x.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.3.el6.s390x.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.s390.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.s390x.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.3.el6.s390.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.3.el6.s390x.rpm x86_64: java-1.5.0-ibm-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.3.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.5.0-ibm-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-plugin-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.3.el6.i686.rpm x86_64: java-1.5.0-ibm-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.i686.rpm java-1.5.0-ibm-devel-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.12.3-1jpp.3.el6.x86_64.rpm java-1.5.0-ibm-src-1.5.0.12.3-1jpp.3.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4476.html https://access.redhat.com/security/updates/classification/#moderate http://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNY/qiXlSAg2UNWIIRAtX2AJ9QhApojGxkj1QW4kTowxw/OLeKBACgtVW0 nVrjXmcy127O38LA5FKjW+8= =dq0a -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 22 18:09:51 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 22 Feb 2011 13:09:51 -0500 Subject: [RHSA-2011:0292-01] Moderate: java-1.4.2-ibm security update Message-ID: <201102221810.p1MIAtUr030587@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.4.2-ibm security update Advisory ID: RHSA-2011:0292-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0292.html Issue date: 2011-02-22 CVE Names: CVE-2010-4476 ===================================================================== 1. Summary: Updated java-1.4.2-ibm packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, ia64, x86_64 3. Description: The IBM 1.4.2 SR13-FP8 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A denial of service flaw was found in the way certain strings were converted to Double objects. A remote attacker could use this flaw to cause Java based applications to hang, for example, if they parsed Double values in a specially-crafted HTTP request. (CVE-2010-4476) All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain the IBM 1.4.2 SR13-FP8 Java release. All running instances of IBM Java must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 674336 - CVE-2010-4476 JDK Double.parseDouble Denial-Of-Service 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.ia64.rpm ppc: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.ppc.rpm java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.ppc64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.ppc.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.ppc64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.ppc.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.ppc64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.4.el4.ppc.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.4.el4.ppc64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.4.el4.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.ppc64.rpm s390: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.s390.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.s390.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.s390.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.4.el4.s390.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.s390.rpm s390x: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.s390x.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.s390x.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.s390x.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.s390x.rpm x86_64: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.i386.rpm x86_64: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.8-1jpp.4.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.4.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.4.el4.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.3.el5.i386.rpm x86_64: java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.3.el5.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.3.el5.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.3.el5.x86_64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.3.el5.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.3.el5.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.3.el5.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.3.el5.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.3.el5.ia64.rpm ppc: java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5.ppc.rpm java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5.ppc64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.3.el5.ppc.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.3.el5.ppc64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.3.el5.ppc.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.3.el5.ppc64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.3.el5.ppc.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.3.el5.ppc64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.3.el5.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.3.el5.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.3.el5.ppc64.rpm s390x: java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5.s390.rpm java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5.s390x.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.3.el5.s390.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.3.el5.s390x.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.3.el5.s390.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.3.el5.s390x.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.3.el5.s390.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.3.el5.s390.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.3.el5.s390x.rpm x86_64: java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.8-1jpp.3.el5.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.8-1jpp.3.el5.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.8-1jpp.3.el5.x86_64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.3.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.8-1jpp.3.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4476.html https://access.redhat.com/security/updates/classification/#moderate http://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNY/sjXlSAg2UNWIIRAuqUAJ9/fPnYVHUY7AG7MtOHbtL79w3e0wCffbLO RwpVY2pXRRpDlSZ3ACAi0rk= =Q9Eu -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 23 21:19:58 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Feb 2011 14:19:58 -0700 Subject: [RHSA-2011:0301-01] Critical: acroread security update Message-ID: <201102232119.p1NLJwQm018376@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:0301-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0301.html Issue date: 2011-02-23 CVE Names: CVE-2011-0562 CVE-2011-0563 CVE-2011-0565 CVE-2011-0566 CVE-2011-0567 CVE-2011-0585 CVE-2011-0586 CVE-2011-0587 CVE-2011-0589 CVE-2011-0590 CVE-2011-0591 CVE-2011-0592 CVE-2011-0593 CVE-2011-0594 CVE-2011-0595 CVE-2011-0596 CVE-2011-0598 CVE-2011-0599 CVE-2011-0600 CVE-2011-0602 CVE-2011-0603 CVE-2011-0604 CVE-2011-0606 ===================================================================== 1. Summary: Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes multiple vulnerabilities in Adobe Reader. These vulnerabilities are detailed on the Adobe security page APSB11-03, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-0562, CVE-2011-0563, CVE-2011-0565, CVE-2011-0566, CVE-2011-0567, CVE-2011-0585, CVE-2011-0586, CVE-2011-0589, CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0594, CVE-2011-0595, CVE-2011-0596, CVE-2011-0598, CVE-2011-0599, CVE-2011-0600, CVE-2011-0602, CVE-2011-0603, CVE-2011-0606) Multiple security flaws were found in Adobe reader. A specially-crafted PDF file could cause cross-site scripting (XSS) attacks against the user running Adobe Reader when opened. (CVE-2011-0587, CVE-2011-0604) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.2, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 676157 - CVE-2011-0562 CVE-2011-0563 CVE-2011-0565 CVE-2011-0566 CVE-2011-0567 CVE-2011-0585 CVE-2011-0586 CVE-2011-0589 CVE-2011-0590 CVE-2011-0591 CVE-2011-0592 CVE-2011-0593 CVE-2011-0594 CVE-2011-0595 acroread: critical APSB11-03 676158 - CVE-2011-0587 CVE-2011-0604 acroread: multiple XSS flaws (APSB11-03) 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: acroread-9.4.2-1.el4.i386.rpm acroread-plugin-9.4.2-1.el4.i386.rpm x86_64: acroread-9.4.2-1.el4.i386.rpm Red Hat Desktop version 4 Extras: i386: acroread-9.4.2-1.el4.i386.rpm acroread-plugin-9.4.2-1.el4.i386.rpm x86_64: acroread-9.4.2-1.el4.i386.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: acroread-9.4.2-1.el4.i386.rpm acroread-plugin-9.4.2-1.el4.i386.rpm x86_64: acroread-9.4.2-1.el4.i386.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: acroread-9.4.2-1.el4.i386.rpm acroread-plugin-9.4.2-1.el4.i386.rpm x86_64: acroread-9.4.2-1.el4.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: acroread-9.4.2-1.el5.i386.rpm acroread-plugin-9.4.2-1.el5.i386.rpm x86_64: acroread-9.4.2-1.el5.i386.rpm acroread-plugin-9.4.2-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: acroread-9.4.2-1.el5.i386.rpm acroread-plugin-9.4.2-1.el5.i386.rpm x86_64: acroread-9.4.2-1.el5.i386.rpm acroread-plugin-9.4.2-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: acroread-9.4.2-3.el6_0.i686.rpm acroread-plugin-9.4.2-3.el6_0.i686.rpm x86_64: acroread-9.4.2-3.el6_0.i686.rpm acroread-plugin-9.4.2-3.el6_0.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: acroread-9.4.2-3.el6_0.i686.rpm acroread-plugin-9.4.2-3.el6_0.i686.rpm x86_64: acroread-9.4.2-3.el6_0.i686.rpm acroread-plugin-9.4.2-3.el6_0.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: acroread-9.4.2-3.el6_0.i686.rpm acroread-plugin-9.4.2-3.el6_0.i686.rpm x86_64: acroread-9.4.2-3.el6_0.i686.rpm acroread-plugin-9.4.2-3.el6_0.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-0562.html https://www.redhat.com/security/data/cve/CVE-2011-0563.html https://www.redhat.com/security/data/cve/CVE-2011-0565.html https://www.redhat.com/security/data/cve/CVE-2011-0566.html https://www.redhat.com/security/data/cve/CVE-2011-0567.html https://www.redhat.com/security/data/cve/CVE-2011-0585.html https://www.redhat.com/security/data/cve/CVE-2011-0586.html https://www.redhat.com/security/data/cve/CVE-2011-0587.html https://www.redhat.com/security/data/cve/CVE-2011-0589.html https://www.redhat.com/security/data/cve/CVE-2011-0590.html https://www.redhat.com/security/data/cve/CVE-2011-0591.html https://www.redhat.com/security/data/cve/CVE-2011-0592.html https://www.redhat.com/security/data/cve/CVE-2011-0593.html https://www.redhat.com/security/data/cve/CVE-2011-0594.html https://www.redhat.com/security/data/cve/CVE-2011-0595.html https://www.redhat.com/security/data/cve/CVE-2011-0596.html https://www.redhat.com/security/data/cve/CVE-2011-0598.html https://www.redhat.com/security/data/cve/CVE-2011-0599.html https://www.redhat.com/security/data/cve/CVE-2011-0600.html https://www.redhat.com/security/data/cve/CVE-2011-0602.html https://www.redhat.com/security/data/cve/CVE-2011-0603.html https://www.redhat.com/security/data/cve/CVE-2011-0604.html https://www.redhat.com/security/data/cve/CVE-2011-0606.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-03.html 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNZXjqXlSAg2UNWIIRAgu5AJ4w8W+2K7VuH1ffOCj9AKDi4uKVJACfR3JI mbYXv8GzS71/UsdkL5Ysxlc= =Ox6e -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Feb 28 18:50:28 2011 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 28 Feb 2011 11:50:28 -0700 Subject: [RHSA-2011:0219-01] Low: Red Hat Enterprise Linux 4 - 1-Year End Of Life Notice Message-ID: <201102281850.p1SIoSvh006677@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux 4 - 1-Year End Of Life Notice Advisory ID: RHSA-2011:0219-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0219.html Issue date: 2011-02-28 ===================================================================== 1. Summary: This is the 1-year notification of the End Of Life plans for Red Hat Enterprise Linux 4. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, the regular 7 year life-cycle of Red Hat Enterprise Linux 4 will end on February 29, 2012. After this date, Red Hat will discontinue the regular subscription services for Red Hat Enterprise Linux 4. Therefore, new bug fix, enhancement, and security errata updates, as well as technical support services will no longer be available for the following products: * Red Hat Enterprise Linux AS 4 * Red Hat Enterprise Linux ES 4 * Red Hat Enterprise Linux WS 4 * Red Hat Enterprise Linux Extras 4 * Red Hat Desktop 4 * Red Hat Global File System 4 * Red Hat Cluster Suite 4 Customers still running production workloads on Red Hat Enterprise Linux 4 are advised to begin planning the upgrade to Red Hat Enterprise Linux 5 or 6. Active subscribers of Red Hat Enterprise Linux already have access to all currently maintained versions of Red Hat Enterprise Linux, as part of their subscription without additional fees. For customers who are unable to migrate off Red Hat Enterprise Linux 4 before its end-of-life date, Red Hat intends to offer a limited, optional extension program. For more information, contact your Red Hat sales representative or channel partner. Details of the Red Hat Enterprise Linux life-cycle can be found on the Red Hat website: https://access.redhat.com/support/policy/updates/errata/ 4. Solution: This erratum contains an updated redhat-release package, that provides a copy of this end of life notice in the "/usr/share/doc/" directory. 5. Bugs fixed (http://bugzilla.redhat.com/): 669039 - Send Out RHEL 4 1-Year EOL Notice 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/redhat-release-4AS-10.1.src.rpm i386: redhat-release-4AS-10.1.i386.rpm ia64: redhat-release-4AS-10.1.ia64.rpm ppc: redhat-release-4AS-10.1.ppc.rpm s390: redhat-release-4AS-10.1.s390.rpm s390x: redhat-release-4AS-10.1.s390x.rpm x86_64: redhat-release-4AS-10.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/redhat-release-4Desktop-10.1.src.rpm i386: redhat-release-4Desktop-10.1.i386.rpm x86_64: redhat-release-4Desktop-10.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/redhat-release-4ES-10.1.src.rpm i386: redhat-release-4ES-10.1.i386.rpm ia64: redhat-release-4ES-10.1.ia64.rpm x86_64: redhat-release-4ES-10.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/redhat-release-4WS-10.1.src.rpm i386: redhat-release-4WS-10.1.i386.rpm ia64: redhat-release-4WS-10.1.ia64.rpm x86_64: redhat-release-4WS-10.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/support/policy/updates/errata/ 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNa+1NXlSAg2UNWIIRAlX6AJ9GwQmWXcAKKqW9LBIXLzKaS7QsCgCeLa0t aeCAov4KG5HsId/TPIegVck= =EhM1 -----END PGP SIGNATURE-----