From bugzilla at redhat.com Tue Nov 6 18:18:48 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 6 Nov 2012 18:18:48 +0000 Subject: [RHSA-2012:1426-01] Moderate: kernel security and bug fix update Message-ID: <201211061818.qA6IIm3V032129@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: kernel security and bug fix update Advisory ID: RHSA-2012:1426-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1426.html Issue date: 2012-11-06 CVE Names: CVE-2012-1568 CVE-2012-2133 CVE-2012-3400 CVE-2012-3511 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-2133, Moderate) * A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-3511, Moderate) * It was found that when running a 32-bit binary that uses a large number of shared libraries, one of the libraries would always be loaded at a predictable address in memory. An attacker could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2012-1568, Low) * Buffer overflow flaws were found in the udf_load_logicalvol() function in the Universal Disk Format (UDF) file system implementation in the Linux kernel. An attacker with physical access to a system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2012-3400, Low) Red Hat would like to thank Shachar Raindel for reporting CVE-2012-2133. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 804947 - CVE-2012-1568 kernel: execshield: predictable ascii armour base address 817430 - CVE-2012-2133 kernel: use after free bug in "quota" handling 843139 - CVE-2012-3400 kernel: udf: buffer overflow when parsing sparing table 849734 - CVE-2012-3511 kernel: mm: use-after-free in madvise_remove() 860787 - [xfs/xfstests 273] heavy cp workload hang [rhel-6.3.z] 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-279.14.1.el6.src.rpm i386: kernel-2.6.32-279.14.1.el6.i686.rpm kernel-debug-2.6.32-279.14.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debug-devel-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.14.1.el6.i686.rpm kernel-devel-2.6.32-279.14.1.el6.i686.rpm kernel-headers-2.6.32-279.14.1.el6.i686.rpm perf-2.6.32-279.14.1.el6.i686.rpm perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm noarch: kernel-doc-2.6.32-279.14.1.el6.noarch.rpm kernel-firmware-2.6.32-279.14.1.el6.noarch.rpm x86_64: kernel-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.14.1.el6.x86_64.rpm kernel-devel-2.6.32-279.14.1.el6.x86_64.rpm kernel-headers-2.6.32-279.14.1.el6.x86_64.rpm perf-2.6.32-279.14.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-279.14.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.14.1.el6.i686.rpm perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm python-perf-2.6.32-279.14.1.el6.i686.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.14.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm python-perf-2.6.32-279.14.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-279.14.1.el6.src.rpm noarch: kernel-doc-2.6.32-279.14.1.el6.noarch.rpm kernel-firmware-2.6.32-279.14.1.el6.noarch.rpm x86_64: kernel-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.14.1.el6.x86_64.rpm kernel-devel-2.6.32-279.14.1.el6.x86_64.rpm kernel-headers-2.6.32-279.14.1.el6.x86_64.rpm perf-2.6.32-279.14.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-279.14.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.14.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm python-perf-2.6.32-279.14.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-279.14.1.el6.src.rpm i386: kernel-2.6.32-279.14.1.el6.i686.rpm kernel-debug-2.6.32-279.14.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debug-devel-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.14.1.el6.i686.rpm kernel-devel-2.6.32-279.14.1.el6.i686.rpm kernel-headers-2.6.32-279.14.1.el6.i686.rpm perf-2.6.32-279.14.1.el6.i686.rpm perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm noarch: kernel-doc-2.6.32-279.14.1.el6.noarch.rpm kernel-firmware-2.6.32-279.14.1.el6.noarch.rpm ppc64: kernel-2.6.32-279.14.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-279.14.1.el6.ppc64.rpm kernel-debug-2.6.32-279.14.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-279.14.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-279.14.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-279.14.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-279.14.1.el6.ppc64.rpm kernel-devel-2.6.32-279.14.1.el6.ppc64.rpm kernel-headers-2.6.32-279.14.1.el6.ppc64.rpm perf-2.6.32-279.14.1.el6.ppc64.rpm perf-debuginfo-2.6.32-279.14.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.ppc64.rpm s390x: kernel-2.6.32-279.14.1.el6.s390x.rpm kernel-debug-2.6.32-279.14.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-279.14.1.el6.s390x.rpm kernel-debug-devel-2.6.32-279.14.1.el6.s390x.rpm kernel-debuginfo-2.6.32-279.14.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-279.14.1.el6.s390x.rpm kernel-devel-2.6.32-279.14.1.el6.s390x.rpm kernel-headers-2.6.32-279.14.1.el6.s390x.rpm kernel-kdump-2.6.32-279.14.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-279.14.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-279.14.1.el6.s390x.rpm perf-2.6.32-279.14.1.el6.s390x.rpm perf-debuginfo-2.6.32-279.14.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.s390x.rpm x86_64: kernel-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.14.1.el6.x86_64.rpm kernel-devel-2.6.32-279.14.1.el6.x86_64.rpm kernel-headers-2.6.32-279.14.1.el6.x86_64.rpm perf-2.6.32-279.14.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-279.14.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.14.1.el6.i686.rpm perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm python-perf-2.6.32-279.14.1.el6.i686.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-279.14.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-279.14.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-279.14.1.el6.ppc64.rpm perf-debuginfo-2.6.32-279.14.1.el6.ppc64.rpm python-perf-2.6.32-279.14.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-279.14.1.el6.s390x.rpm kernel-debuginfo-2.6.32-279.14.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-279.14.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-279.14.1.el6.s390x.rpm perf-debuginfo-2.6.32-279.14.1.el6.s390x.rpm python-perf-2.6.32-279.14.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.14.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm python-perf-2.6.32-279.14.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-279.14.1.el6.src.rpm i386: kernel-2.6.32-279.14.1.el6.i686.rpm kernel-debug-2.6.32-279.14.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debug-devel-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.14.1.el6.i686.rpm kernel-devel-2.6.32-279.14.1.el6.i686.rpm kernel-headers-2.6.32-279.14.1.el6.i686.rpm perf-2.6.32-279.14.1.el6.i686.rpm perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm noarch: kernel-doc-2.6.32-279.14.1.el6.noarch.rpm kernel-firmware-2.6.32-279.14.1.el6.noarch.rpm x86_64: kernel-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.14.1.el6.x86_64.rpm kernel-devel-2.6.32-279.14.1.el6.x86_64.rpm kernel-headers-2.6.32-279.14.1.el6.x86_64.rpm perf-2.6.32-279.14.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-279.14.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-2.6.32-279.14.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.14.1.el6.i686.rpm perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm python-perf-2.6.32-279.14.1.el6.i686.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.14.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm python-perf-2.6.32-279.14.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.14.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-1568.html https://www.redhat.com/security/data/cve/CVE-2012-2133.html https://www.redhat.com/security/data/cve/CVE-2012-3400.html https://www.redhat.com/security/data/cve/CVE-2012-3511.html https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.3_Technical_Notes/kernel.html#RHSA-2012-1426 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQmVRwXlSAg2UNWIIRAlk8AJ0cwdMWtUdoFwd48I69rH7shI9M3wCfSzSH TcklwwRLfXhom84SvkRfK6U= =MPxp -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 6 18:19:28 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 6 Nov 2012 18:19:28 +0000 Subject: [RHSA-2012:1430-01] Important: kernel security and bug fix update Message-ID: <201211061819.qA6IJS0x004928@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2012:1430-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1430.html Issue date: 2012-11-06 CVE Names: CVE-2012-3412 ===================================================================== 1. Summary: Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6.1 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server EUS (v. 6.1) - i386, noarch, ppc64, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * A flaw was found in the way socket buffers (skb) requiring TSO (TCP segment offloading) were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, the network card could repeatedly reset itself. A remote attacker could use this flaw to cause a denial of service. (CVE-2012-3412, Important) Red Hat would like to thank Ben Hutchings of Solarflare (tm) for reporting this issue. This update also fixes the following bugs: * In the hpet_next_event() function, an interrupt could have occurred between the read and write of the HPET (High Precision Event Timer) and the value of HPET_COUNTER was then beyond that being written to the comparator (HPET_Tn_CMP). Consequently, the timers were overdue for up to several minutes. Now, a comparison is performed between the value of the counter and the comparator in the HPET code. If the counter is beyond the comparator, the "-ETIME" error code is returned, which fixes this bug. (BZ#855280) * Traffic to the NFS server could trigger a kernel oops in the svc_tcp_clear_pages() function. The source code has been modified, and the kernel oops no longer occurs in this scenario. (BZ#856104) * A kernel oops occurred in the nf_nat code when a bogus pointer was dereferenced in the nf_conn_nat structure. Consequently, if Source Network Address Translation (SNAT) was performed, incorrect information could be received by other CTS (Clear to Send) signals. A conntrack entry is now placed in the source hash after SNAT has been completed, which prevents the described problems. (BZ#865714) Users should upgrade to these updated packages, which contain backported patches to resolve these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 844714 - CVE-2012-3412 kernel: sfc: potential remote denial of service through TCP MSS option 6. Package List: Red Hat Enterprise Linux Server EUS (v. 6.1): Source: kernel-2.6.32-131.35.1.el6.src.rpm i386: kernel-2.6.32-131.35.1.el6.i686.rpm kernel-debug-2.6.32-131.35.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-131.35.1.el6.i686.rpm kernel-debug-devel-2.6.32-131.35.1.el6.i686.rpm kernel-debuginfo-2.6.32-131.35.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-131.35.1.el6.i686.rpm kernel-devel-2.6.32-131.35.1.el6.i686.rpm kernel-headers-2.6.32-131.35.1.el6.i686.rpm perf-2.6.32-131.35.1.el6.i686.rpm perf-debuginfo-2.6.32-131.35.1.el6.i686.rpm noarch: kernel-doc-2.6.32-131.35.1.el6.noarch.rpm kernel-firmware-2.6.32-131.35.1.el6.noarch.rpm ppc64: kernel-2.6.32-131.35.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-131.35.1.el6.ppc64.rpm kernel-debug-2.6.32-131.35.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-131.35.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-131.35.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-131.35.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-131.35.1.el6.ppc64.rpm kernel-devel-2.6.32-131.35.1.el6.ppc64.rpm kernel-headers-2.6.32-131.35.1.el6.ppc64.rpm perf-2.6.32-131.35.1.el6.ppc64.rpm perf-debuginfo-2.6.32-131.35.1.el6.ppc64.rpm s390x: kernel-2.6.32-131.35.1.el6.s390x.rpm kernel-debug-2.6.32-131.35.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-131.35.1.el6.s390x.rpm kernel-debug-devel-2.6.32-131.35.1.el6.s390x.rpm kernel-debuginfo-2.6.32-131.35.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-131.35.1.el6.s390x.rpm kernel-devel-2.6.32-131.35.1.el6.s390x.rpm kernel-headers-2.6.32-131.35.1.el6.s390x.rpm kernel-kdump-2.6.32-131.35.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-131.35.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-131.35.1.el6.s390x.rpm perf-2.6.32-131.35.1.el6.s390x.rpm perf-debuginfo-2.6.32-131.35.1.el6.s390x.rpm x86_64: kernel-2.6.32-131.35.1.el6.x86_64.rpm kernel-debug-2.6.32-131.35.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-131.35.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-131.35.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-131.35.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-131.35.1.el6.x86_64.rpm kernel-devel-2.6.32-131.35.1.el6.x86_64.rpm kernel-headers-2.6.32-131.35.1.el6.x86_64.rpm perf-2.6.32-131.35.1.el6.x86_64.rpm perf-debuginfo-2.6.32-131.35.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-3412.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQmVSWXlSAg2UNWIIRAo4nAJ4/BAiQrre/7Sr3DcbRdKbwjGVQwwCZASXP Z0uLXhqohz6trWP7cht/PQo= =uVfd -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Nov 7 08:44:54 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 7 Nov 2012 08:44:54 +0000 Subject: [RHSA-2012:1431-01] Critical: flash-plugin security update Message-ID: <201211070853.qA78r5Qo025151@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1431-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html Issue date: 2012-11-07 CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes several vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security bulletin APSB12-24, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.251. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 873818 - flash-plugin: multiple code-execution flaws (APSB12-24) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.251-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.251-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.251-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.251-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.251-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-5274.html https://www.redhat.com/security/data/cve/CVE-2012-5275.html https://www.redhat.com/security/data/cve/CVE-2012-5276.html https://www.redhat.com/security/data/cve/CVE-2012-5277.html https://www.redhat.com/security/data/cve/CVE-2012-5278.html https://www.redhat.com/security/data/cve/CVE-2012-5279.html https://www.redhat.com/security/data/cve/CVE-2012-5280.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-24.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH wmLm/s5nqgvfyTp8wUW9wVE= =fVdJ -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Nov 7 19:01:44 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 7 Nov 2012 19:01:44 +0000 Subject: [RHSA-2012:1434-01] Critical: icedtea-web security update Message-ID: <201211071901.qA7J1jM6017774@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: icedtea-web security update Advisory ID: RHSA-2012:1434-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1434.html Issue date: 2012-11-07 CVE Names: CVE-2012-4540 ===================================================================== 1. Summary: Updated icedtea-web packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, execute arbitrary code. (CVE-2012-4540) Red Hat would like to thank Arthur Gerkis for reporting this issue. This erratum also upgrades IcedTea-Web to version 1.2.2. Refer to the NEWS file, linked to in the References, for further information. All IcedTea-Web users should upgrade to these updated packages, which resolve this issue. Web browsers using the IcedTea-Web browser plug-in must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 869040 - CVE-2012-4540 icedtea-web: IcedTeaScriptableJavaObject::invoke off-by-one heap-based buffer overflow 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/icedtea-web-1.2.2-1.el6_3.src.rpm i386: icedtea-web-1.2.2-1.el6_3.i686.rpm icedtea-web-debuginfo-1.2.2-1.el6_3.i686.rpm x86_64: icedtea-web-1.2.2-1.el6_3.x86_64.rpm icedtea-web-debuginfo-1.2.2-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/icedtea-web-1.2.2-1.el6_3.src.rpm i386: icedtea-web-debuginfo-1.2.2-1.el6_3.i686.rpm icedtea-web-javadoc-1.2.2-1.el6_3.i686.rpm x86_64: icedtea-web-debuginfo-1.2.2-1.el6_3.x86_64.rpm icedtea-web-javadoc-1.2.2-1.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/icedtea-web-1.2.2-1.el6_3.src.rpm x86_64: icedtea-web-1.2.2-1.el6_3.x86_64.rpm icedtea-web-debuginfo-1.2.2-1.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/icedtea-web-1.2.2-1.el6_3.src.rpm x86_64: icedtea-web-debuginfo-1.2.2-1.el6_3.x86_64.rpm icedtea-web-javadoc-1.2.2-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/icedtea-web-1.2.2-1.el6_3.src.rpm i386: icedtea-web-1.2.2-1.el6_3.i686.rpm icedtea-web-debuginfo-1.2.2-1.el6_3.i686.rpm x86_64: icedtea-web-1.2.2-1.el6_3.x86_64.rpm icedtea-web-debuginfo-1.2.2-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/icedtea-web-1.2.2-1.el6_3.src.rpm i386: icedtea-web-debuginfo-1.2.2-1.el6_3.i686.rpm icedtea-web-javadoc-1.2.2-1.el6_3.i686.rpm x86_64: icedtea-web-debuginfo-1.2.2-1.el6_3.x86_64.rpm icedtea-web-javadoc-1.2.2-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/icedtea-web-1.2.2-1.el6_3.src.rpm i386: icedtea-web-1.2.2-1.el6_3.i686.rpm icedtea-web-debuginfo-1.2.2-1.el6_3.i686.rpm x86_64: icedtea-web-1.2.2-1.el6_3.x86_64.rpm icedtea-web-debuginfo-1.2.2-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/icedtea-web-1.2.2-1.el6_3.src.rpm i386: icedtea-web-debuginfo-1.2.2-1.el6_3.i686.rpm icedtea-web-javadoc-1.2.2-1.el6_3.i686.rpm x86_64: icedtea-web-debuginfo-1.2.2-1.el6_3.x86_64.rpm icedtea-web-javadoc-1.2.2-1.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-4540.html https://access.redhat.com/security/updates/classification/#critical http://icedtea.classpath.org/hg/release/icedtea-web-1.2/file/icedtea-web-1.2.2/NEWS 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQmrAHXlSAg2UNWIIRAmhfAJ9p8C4Mfl49AFC5DnjUDBz5G0GnhwCdElUw KvuD2H/kTSqlum5awDH7oD0= =nCpt -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Nov 12 18:52:02 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 12 Nov 2012 18:52:02 +0000 Subject: [RHSA-2012:1455-01] Moderate: gegl security update Message-ID: <201211121852.qACIq2Lb026645@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: gegl security update Advisory ID: RHSA-2012:1455-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1455.html Issue date: 2012-11-12 CVE Names: CVE-2012-4433 ===================================================================== 1. Summary: Updated gegl packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: GEGL (Generic Graphics Library) is a graph-based image processing framework. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the gegl utility processed .ppm (Portable Pixel Map) image files. An attacker could create a specially-crafted .ppm file that, when opened in gegl, would cause gegl to crash or, potentially, execute arbitrary code. (CVE-2012-4433) This issue was discovered by Murray McAllister of the Red Hat Security Response Team. Users of gegl should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 856300 - CVE-2012-4433 gegl: Integer overflow, leading to heap-based buffer overflow by parsing PPM image headers 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/gegl-0.1.2-4.el6_3.src.rpm i386: gegl-0.1.2-4.el6_3.i686.rpm gegl-debuginfo-0.1.2-4.el6_3.i686.rpm x86_64: gegl-0.1.2-4.el6_3.x86_64.rpm gegl-debuginfo-0.1.2-4.el6_3.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/gegl-0.1.2-4.el6_3.src.rpm i386: gegl-debuginfo-0.1.2-4.el6_3.i686.rpm gegl-devel-0.1.2-4.el6_3.i686.rpm x86_64: gegl-0.1.2-4.el6_3.i686.rpm gegl-debuginfo-0.1.2-4.el6_3.i686.rpm gegl-debuginfo-0.1.2-4.el6_3.x86_64.rpm gegl-devel-0.1.2-4.el6_3.i686.rpm gegl-devel-0.1.2-4.el6_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/gegl-0.1.2-4.el6_3.src.rpm i386: gegl-0.1.2-4.el6_3.i686.rpm gegl-debuginfo-0.1.2-4.el6_3.i686.rpm ppc64: gegl-0.1.2-4.el6_3.ppc64.rpm gegl-debuginfo-0.1.2-4.el6_3.ppc64.rpm s390x: gegl-0.1.2-4.el6_3.s390x.rpm gegl-debuginfo-0.1.2-4.el6_3.s390x.rpm x86_64: gegl-0.1.2-4.el6_3.x86_64.rpm gegl-debuginfo-0.1.2-4.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/gegl-0.1.2-4.el6_3.src.rpm i386: gegl-debuginfo-0.1.2-4.el6_3.i686.rpm gegl-devel-0.1.2-4.el6_3.i686.rpm ppc64: gegl-0.1.2-4.el6_3.ppc.rpm gegl-debuginfo-0.1.2-4.el6_3.ppc.rpm gegl-debuginfo-0.1.2-4.el6_3.ppc64.rpm gegl-devel-0.1.2-4.el6_3.ppc.rpm gegl-devel-0.1.2-4.el6_3.ppc64.rpm s390x: gegl-0.1.2-4.el6_3.s390.rpm gegl-debuginfo-0.1.2-4.el6_3.s390.rpm gegl-debuginfo-0.1.2-4.el6_3.s390x.rpm gegl-devel-0.1.2-4.el6_3.s390.rpm gegl-devel-0.1.2-4.el6_3.s390x.rpm x86_64: gegl-0.1.2-4.el6_3.i686.rpm gegl-debuginfo-0.1.2-4.el6_3.i686.rpm gegl-debuginfo-0.1.2-4.el6_3.x86_64.rpm gegl-devel-0.1.2-4.el6_3.i686.rpm gegl-devel-0.1.2-4.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/gegl-0.1.2-4.el6_3.src.rpm i386: gegl-0.1.2-4.el6_3.i686.rpm gegl-debuginfo-0.1.2-4.el6_3.i686.rpm x86_64: gegl-0.1.2-4.el6_3.x86_64.rpm gegl-debuginfo-0.1.2-4.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/gegl-0.1.2-4.el6_3.src.rpm i386: gegl-debuginfo-0.1.2-4.el6_3.i686.rpm gegl-devel-0.1.2-4.el6_3.i686.rpm x86_64: gegl-0.1.2-4.el6_3.i686.rpm gegl-debuginfo-0.1.2-4.el6_3.i686.rpm gegl-debuginfo-0.1.2-4.el6_3.x86_64.rpm gegl-devel-0.1.2-4.el6_3.i686.rpm gegl-devel-0.1.2-4.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-4433.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQoUUJXlSAg2UNWIIRApFXAKCV0seFV/u4O9r3HnS/cDbRCspUvwCfR5ht KLYTTEG0l2tBaOpNgZh97H8= =yn1e -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 13 16:05:56 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 13 Nov 2012 16:05:56 +0000 Subject: [RHSA-2012:1445-01] Low: kernel security and bug fix update Message-ID: <201211131605.qADG5vFZ011375@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: kernel security and bug fix update Advisory ID: RHSA-2012:1445-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1445.html Issue date: 2012-11-13 CVE Names: CVE-2012-2100 ===================================================================== 1. Summary: Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * It was found that the RHSA-2010:0178 update did not correctly fix the CVE-2009-4307 issue, a divide-by-zero flaw in the ext4 file system code. A local, unprivileged user with the ability to mount an ext4 file system could use this flaw to cause a denial of service. (CVE-2012-2100, Low) This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct this issue, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 809687 - CVE-2012-2100 kernel: ext4: fix inconsistency in ext4_fill_flex_info() 859946 - kernel: xen: change the default behaviour of CVE-2012-2934 fix [rhel-5.8.z] 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-308.20.1.el5.src.rpm i386: kernel-2.6.18-308.20.1.el5.i686.rpm kernel-PAE-2.6.18-308.20.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-308.20.1.el5.i686.rpm kernel-PAE-devel-2.6.18-308.20.1.el5.i686.rpm kernel-debug-2.6.18-308.20.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-308.20.1.el5.i686.rpm kernel-debug-devel-2.6.18-308.20.1.el5.i686.rpm kernel-debuginfo-2.6.18-308.20.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-308.20.1.el5.i686.rpm kernel-devel-2.6.18-308.20.1.el5.i686.rpm kernel-headers-2.6.18-308.20.1.el5.i386.rpm kernel-xen-2.6.18-308.20.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-308.20.1.el5.i686.rpm kernel-xen-devel-2.6.18-308.20.1.el5.i686.rpm noarch: kernel-doc-2.6.18-308.20.1.el5.noarch.rpm x86_64: kernel-2.6.18-308.20.1.el5.x86_64.rpm kernel-debug-2.6.18-308.20.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-308.20.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-308.20.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-308.20.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-308.20.1.el5.x86_64.rpm kernel-devel-2.6.18-308.20.1.el5.x86_64.rpm kernel-headers-2.6.18-308.20.1.el5.x86_64.rpm kernel-xen-2.6.18-308.20.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-308.20.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-308.20.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-308.20.1.el5.src.rpm i386: kernel-2.6.18-308.20.1.el5.i686.rpm kernel-PAE-2.6.18-308.20.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-308.20.1.el5.i686.rpm kernel-PAE-devel-2.6.18-308.20.1.el5.i686.rpm kernel-debug-2.6.18-308.20.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-308.20.1.el5.i686.rpm kernel-debug-devel-2.6.18-308.20.1.el5.i686.rpm kernel-debuginfo-2.6.18-308.20.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-308.20.1.el5.i686.rpm kernel-devel-2.6.18-308.20.1.el5.i686.rpm kernel-headers-2.6.18-308.20.1.el5.i386.rpm kernel-xen-2.6.18-308.20.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-308.20.1.el5.i686.rpm kernel-xen-devel-2.6.18-308.20.1.el5.i686.rpm ia64: kernel-2.6.18-308.20.1.el5.ia64.rpm kernel-debug-2.6.18-308.20.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-308.20.1.el5.ia64.rpm kernel-debug-devel-2.6.18-308.20.1.el5.ia64.rpm kernel-debuginfo-2.6.18-308.20.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-308.20.1.el5.ia64.rpm kernel-devel-2.6.18-308.20.1.el5.ia64.rpm kernel-headers-2.6.18-308.20.1.el5.ia64.rpm kernel-xen-2.6.18-308.20.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-308.20.1.el5.ia64.rpm kernel-xen-devel-2.6.18-308.20.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-308.20.1.el5.noarch.rpm ppc: kernel-2.6.18-308.20.1.el5.ppc64.rpm kernel-debug-2.6.18-308.20.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-308.20.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-308.20.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-308.20.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-308.20.1.el5.ppc64.rpm kernel-devel-2.6.18-308.20.1.el5.ppc64.rpm kernel-headers-2.6.18-308.20.1.el5.ppc.rpm kernel-headers-2.6.18-308.20.1.el5.ppc64.rpm kernel-kdump-2.6.18-308.20.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-308.20.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-308.20.1.el5.ppc64.rpm s390x: kernel-2.6.18-308.20.1.el5.s390x.rpm kernel-debug-2.6.18-308.20.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-308.20.1.el5.s390x.rpm kernel-debug-devel-2.6.18-308.20.1.el5.s390x.rpm kernel-debuginfo-2.6.18-308.20.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-308.20.1.el5.s390x.rpm kernel-devel-2.6.18-308.20.1.el5.s390x.rpm kernel-headers-2.6.18-308.20.1.el5.s390x.rpm kernel-kdump-2.6.18-308.20.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-308.20.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-308.20.1.el5.s390x.rpm x86_64: kernel-2.6.18-308.20.1.el5.x86_64.rpm kernel-debug-2.6.18-308.20.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-308.20.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-308.20.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-308.20.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-308.20.1.el5.x86_64.rpm kernel-devel-2.6.18-308.20.1.el5.x86_64.rpm kernel-headers-2.6.18-308.20.1.el5.x86_64.rpm kernel-xen-2.6.18-308.20.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-308.20.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-308.20.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-2100.html https://access.redhat.com/security/updates/classification/#low https://rhn.redhat.com/errata/RHSA-2010-0178.html https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.8_Technical_Notes/kernel.html#RHSA-2012-1445 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQom+oXlSAg2UNWIIRApXxAKCuyVw3G8ul6T02fKjDhkIwC5NUbgCgotgv mhExD5bL0KmKDMapE6Ek3o8= =9rwY -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 13 16:07:06 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 13 Nov 2012 16:07:06 +0000 Subject: [RHSA-2012:1459-01] Low: nspluginwrapper security and bug fix update Message-ID: <201211131607.qADG76LF011675@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: nspluginwrapper security and bug fix update Advisory ID: RHSA-2012:1459-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1459.html Issue date: 2012-11-13 CVE Names: CVE-2011-2486 ===================================================================== 1. Summary: Updated nspluginwrapper packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: nspluginwrapper is a utility which allows 32-bit plug-ins to run in a 64-bit browser environment (a common example is Adobe's browser plug-in for presenting proprietary Flash files embedded in web pages). It includes the plug-in viewer and a tool for managing plug-in installations and updates. It was not possible for plug-ins wrapped by nspluginwrapper to discover whether the browser was running in Private Browsing mode. This flaw could lead to plug-ins wrapped by nspluginwrapper using normal mode while they were expected to run in Private Browsing mode. (CVE-2011-2486) This update also fixes the following bug: * When using the Adobe Reader web browser plug-in provided by the acroread-plugin package on a 64-bit system, opening Portable Document Format (PDF) files in Firefox could cause the plug-in to crash and a black window to be displayed where the PDF should be. Firefox had to be restarted to resolve the issue. This update implements a workaround in nspluginwrapper to automatically handle the plug-in crash, so that users no longer have to keep restarting Firefox. (BZ#869554) All users of nspluginwrapper are advised to upgrade to these updated packages, which upgrade nspluginwrapper to upstream version 1.4.4, and correct these issues. After installing the update, Firefox must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 715384 - CVE-2011-2486 nspluginwrapper: NPNVprivateModeBool variable not forwarded 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/nspluginwrapper-1.4.4-1.el6_3.src.rpm i386: nspluginwrapper-1.4.4-1.el6_3.i686.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.i686.rpm x86_64: nspluginwrapper-1.4.4-1.el6_3.i686.rpm nspluginwrapper-1.4.4-1.el6_3.x86_64.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.i686.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/nspluginwrapper-1.4.4-1.el6_3.src.rpm x86_64: nspluginwrapper-1.4.4-1.el6_3.i686.rpm nspluginwrapper-1.4.4-1.el6_3.x86_64.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.i686.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/nspluginwrapper-1.4.4-1.el6_3.src.rpm i386: nspluginwrapper-1.4.4-1.el6_3.i686.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.i686.rpm ppc64: nspluginwrapper-1.4.4-1.el6_3.ppc.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.ppc.rpm x86_64: nspluginwrapper-1.4.4-1.el6_3.i686.rpm nspluginwrapper-1.4.4-1.el6_3.x86_64.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.i686.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/nspluginwrapper-1.4.4-1.el6_3.src.rpm i386: nspluginwrapper-1.4.4-1.el6_3.i686.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.i686.rpm x86_64: nspluginwrapper-1.4.4-1.el6_3.i686.rpm nspluginwrapper-1.4.4-1.el6_3.x86_64.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.i686.rpm nspluginwrapper-debuginfo-1.4.4-1.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-2486.html https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQom/9XlSAg2UNWIIRAr29AJ9791YX3MhreTV8M7f9gbBBR6ntDgCbBzj5 bO78kC9r56oeaZ+DUFl2R4k= =bgBc -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Nov 14 20:56:36 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 14 Nov 2012 20:56:36 +0000 Subject: [RHSA-2012:1461-01] Moderate: libproxy security update Message-ID: <201211142056.qAEKua6k002063@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libproxy security update Advisory ID: RHSA-2012:1461-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1461.html Issue date: 2012-11-14 CVE Names: CVE-2012-4505 ===================================================================== 1. Summary: Updated libproxy packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: libproxy is a library that handles all the details of proxy configuration. A buffer overflow flaw was found in the way libproxy handled the downloading of proxy auto-configuration (PAC) files. A malicious server hosting a PAC file or a man-in-the-middle attacker could use this flaw to cause an application using libproxy to crash or, possibly, execute arbitrary code, if the proxy settings obtained by libproxy (from the environment or the desktop environment settings) instructed the use of a PAC proxy configuration. (CVE-2012-4505) This issue was discovered by the Red Hat Security Response Team. Users of libproxy should upgrade to these updated packages, which contain a backported patch to correct this issue. All applications using libproxy must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 864612 - CVE-2012-4505 libproxy: PAC handling insufficient content length check leading to buffer overflow 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libproxy-0.3.0-3.el6_3.src.rpm i386: libproxy-0.3.0-3.el6_3.i686.rpm libproxy-bin-0.3.0-3.el6_3.i686.rpm libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-python-0.3.0-3.el6_3.i686.rpm x86_64: libproxy-0.3.0-3.el6_3.i686.rpm libproxy-0.3.0-3.el6_3.x86_64.rpm libproxy-bin-0.3.0-3.el6_3.x86_64.rpm libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-debuginfo-0.3.0-3.el6_3.x86_64.rpm libproxy-python-0.3.0-3.el6_3.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libproxy-0.3.0-3.el6_3.src.rpm i386: libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-devel-0.3.0-3.el6_3.i686.rpm libproxy-gnome-0.3.0-3.el6_3.i686.rpm libproxy-kde-0.3.0-3.el6_3.i686.rpm libproxy-mozjs-0.3.0-3.el6_3.i686.rpm libproxy-webkit-0.3.0-3.el6_3.i686.rpm x86_64: libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-debuginfo-0.3.0-3.el6_3.x86_64.rpm libproxy-devel-0.3.0-3.el6_3.i686.rpm libproxy-devel-0.3.0-3.el6_3.x86_64.rpm libproxy-gnome-0.3.0-3.el6_3.x86_64.rpm libproxy-kde-0.3.0-3.el6_3.x86_64.rpm libproxy-mozjs-0.3.0-3.el6_3.x86_64.rpm libproxy-webkit-0.3.0-3.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/libproxy-0.3.0-3.el6_3.src.rpm x86_64: libproxy-0.3.0-3.el6_3.i686.rpm libproxy-0.3.0-3.el6_3.x86_64.rpm libproxy-bin-0.3.0-3.el6_3.x86_64.rpm libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-debuginfo-0.3.0-3.el6_3.x86_64.rpm libproxy-devel-0.3.0-3.el6_3.i686.rpm libproxy-devel-0.3.0-3.el6_3.x86_64.rpm libproxy-gnome-0.3.0-3.el6_3.x86_64.rpm libproxy-kde-0.3.0-3.el6_3.x86_64.rpm libproxy-mozjs-0.3.0-3.el6_3.x86_64.rpm libproxy-python-0.3.0-3.el6_3.x86_64.rpm libproxy-webkit-0.3.0-3.el6_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libproxy-0.3.0-3.el6_3.src.rpm i386: libproxy-0.3.0-3.el6_3.i686.rpm libproxy-bin-0.3.0-3.el6_3.i686.rpm libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-python-0.3.0-3.el6_3.i686.rpm ppc64: libproxy-0.3.0-3.el6_3.ppc.rpm libproxy-0.3.0-3.el6_3.ppc64.rpm libproxy-bin-0.3.0-3.el6_3.ppc64.rpm libproxy-debuginfo-0.3.0-3.el6_3.ppc.rpm libproxy-debuginfo-0.3.0-3.el6_3.ppc64.rpm libproxy-python-0.3.0-3.el6_3.ppc64.rpm s390x: libproxy-0.3.0-3.el6_3.s390.rpm libproxy-0.3.0-3.el6_3.s390x.rpm libproxy-bin-0.3.0-3.el6_3.s390x.rpm libproxy-debuginfo-0.3.0-3.el6_3.s390.rpm libproxy-debuginfo-0.3.0-3.el6_3.s390x.rpm libproxy-python-0.3.0-3.el6_3.s390x.rpm x86_64: libproxy-0.3.0-3.el6_3.i686.rpm libproxy-0.3.0-3.el6_3.x86_64.rpm libproxy-bin-0.3.0-3.el6_3.x86_64.rpm libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-debuginfo-0.3.0-3.el6_3.x86_64.rpm libproxy-python-0.3.0-3.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libproxy-0.3.0-3.el6_3.src.rpm i386: libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-devel-0.3.0-3.el6_3.i686.rpm libproxy-gnome-0.3.0-3.el6_3.i686.rpm libproxy-kde-0.3.0-3.el6_3.i686.rpm libproxy-mozjs-0.3.0-3.el6_3.i686.rpm libproxy-webkit-0.3.0-3.el6_3.i686.rpm ppc64: libproxy-debuginfo-0.3.0-3.el6_3.ppc.rpm libproxy-debuginfo-0.3.0-3.el6_3.ppc64.rpm libproxy-devel-0.3.0-3.el6_3.ppc.rpm libproxy-devel-0.3.0-3.el6_3.ppc64.rpm libproxy-gnome-0.3.0-3.el6_3.ppc64.rpm libproxy-kde-0.3.0-3.el6_3.ppc64.rpm libproxy-mozjs-0.3.0-3.el6_3.ppc64.rpm libproxy-webkit-0.3.0-3.el6_3.ppc64.rpm s390x: libproxy-debuginfo-0.3.0-3.el6_3.s390.rpm libproxy-debuginfo-0.3.0-3.el6_3.s390x.rpm libproxy-devel-0.3.0-3.el6_3.s390.rpm libproxy-devel-0.3.0-3.el6_3.s390x.rpm libproxy-gnome-0.3.0-3.el6_3.s390x.rpm libproxy-kde-0.3.0-3.el6_3.s390x.rpm libproxy-mozjs-0.3.0-3.el6_3.s390x.rpm libproxy-webkit-0.3.0-3.el6_3.s390x.rpm x86_64: libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-debuginfo-0.3.0-3.el6_3.x86_64.rpm libproxy-devel-0.3.0-3.el6_3.i686.rpm libproxy-devel-0.3.0-3.el6_3.x86_64.rpm libproxy-gnome-0.3.0-3.el6_3.x86_64.rpm libproxy-kde-0.3.0-3.el6_3.x86_64.rpm libproxy-mozjs-0.3.0-3.el6_3.x86_64.rpm libproxy-webkit-0.3.0-3.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libproxy-0.3.0-3.el6_3.src.rpm i386: libproxy-0.3.0-3.el6_3.i686.rpm libproxy-bin-0.3.0-3.el6_3.i686.rpm libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-python-0.3.0-3.el6_3.i686.rpm x86_64: libproxy-0.3.0-3.el6_3.i686.rpm libproxy-0.3.0-3.el6_3.x86_64.rpm libproxy-bin-0.3.0-3.el6_3.x86_64.rpm libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-debuginfo-0.3.0-3.el6_3.x86_64.rpm libproxy-python-0.3.0-3.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libproxy-0.3.0-3.el6_3.src.rpm i386: libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-devel-0.3.0-3.el6_3.i686.rpm libproxy-gnome-0.3.0-3.el6_3.i686.rpm libproxy-kde-0.3.0-3.el6_3.i686.rpm libproxy-mozjs-0.3.0-3.el6_3.i686.rpm libproxy-webkit-0.3.0-3.el6_3.i686.rpm x86_64: libproxy-debuginfo-0.3.0-3.el6_3.i686.rpm libproxy-debuginfo-0.3.0-3.el6_3.x86_64.rpm libproxy-devel-0.3.0-3.el6_3.i686.rpm libproxy-devel-0.3.0-3.el6_3.x86_64.rpm libproxy-gnome-0.3.0-3.el6_3.x86_64.rpm libproxy-kde-0.3.0-3.el6_3.x86_64.rpm libproxy-mozjs-0.3.0-3.el6_3.x86_64.rpm libproxy-webkit-0.3.0-3.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-4505.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQpAVhXlSAg2UNWIIRAlGOAJ40MYFWgmn1aBmwleCBZaEqw4HrbgCgwFD7 Jcl0w00unoFqcFfpGFPOKJ8= =HkKO -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Nov 14 20:57:27 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 14 Nov 2012 20:57:27 +0000 Subject: [RHSA-2012:1462-01] Important: mysql security update Message-ID: <201211142057.qAEKvRgm000840@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: mysql security update Advisory ID: RHSA-2012:1462-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1462.html Issue date: 2012-11-14 CVE Names: CVE-2012-0540 CVE-2012-1688 CVE-2012-1689 CVE-2012-1690 CVE-2012-1703 CVE-2012-1734 CVE-2012-2749 CVE-2012-3150 CVE-2012-3158 CVE-2012-3160 CVE-2012-3163 CVE-2012-3166 CVE-2012-3167 CVE-2012-3173 CVE-2012-3177 CVE-2012-3180 CVE-2012-3197 ===================================================================== 1. Summary: Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages, listed in the References section. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197, CVE-2012-3160) These updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL release notes listed in the References section for a full list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 814285 - CVE-2012-1688 mysql: Unspecified vulnerability in the server DML subcomponent leading to DoS (server hang / crash) (Oracle CPU April 2012) 814287 - CVE-2012-1690 mysql: Unspecified vulnerability in the server optimizer subcomponent leading to DoS (server hang / crash) (Oracle CPU April 2012) 814293 - CVE-2012-1703 mysql: Unspecified vulnerability in the server optimizer subcomponent leading to DoS (server crash or system hang) (Oracle CPU April 2012) 833737 - CVE-2012-2749 mysql: crash caused by wrong calculation of key length for sort order index 841349 - CVE-2012-0540 mysql: unspecified vulnerability related to GIS extension DoS (CPU Jul 2012) 841351 - CVE-2012-1689 mysql: unspecified vulnerability related to Server Optimizer DoS (CPU Jul 2012) 841353 - CVE-2012-1734 mysql: unspecified vulnerability related to Server Optimizer DoS (CPU Jul 2012) 867212 - CVE-2012-3163 mysql: unspecified vulnerability related to Information Schema 867213 - CVE-2012-3158 mysql: unspecified vulnerability related to the MySQL Protocol 867215 - CVE-2012-3177 mysql: unspecified Server DoS vulnerability 867216 - CVE-2012-3166 mysql: unspecified DoS vulnerability related to InnoDB 867217 - CVE-2012-3173 mysql: unspecified DoS vulnerability related to InnoDB Plugin 867220 - CVE-2012-3150 mysql: unspecified DoS vulnerability related to Server Optimizer 867223 - CVE-2012-3180 mysql: unspecified DoS vulnerability related to Server Optimizer 867230 - CVE-2012-3167 mysql: unspecified DoS vulnerability related to Server Full Text Search 867233 - CVE-2012-3197 mysql: unspecified DoS vulnerability related to Server Replication 867238 - CVE-2012-3160 mysql: unspecified vulnerability in Server Installation leading to information disclosure 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/mysql-5.1.66-1.el6_3.src.rpm i386: mysql-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-libs-5.1.66-1.el6_3.i686.rpm mysql-server-5.1.66-1.el6_3.i686.rpm x86_64: mysql-5.1.66-1.el6_3.x86_64.rpm mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.x86_64.rpm mysql-libs-5.1.66-1.el6_3.i686.rpm mysql-libs-5.1.66-1.el6_3.x86_64.rpm mysql-server-5.1.66-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/mysql-5.1.66-1.el6_3.src.rpm i386: mysql-bench-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-devel-5.1.66-1.el6_3.i686.rpm mysql-embedded-5.1.66-1.el6_3.i686.rpm mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm mysql-test-5.1.66-1.el6_3.i686.rpm x86_64: mysql-bench-5.1.66-1.el6_3.x86_64.rpm mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.x86_64.rpm mysql-devel-5.1.66-1.el6_3.i686.rpm mysql-devel-5.1.66-1.el6_3.x86_64.rpm mysql-embedded-5.1.66-1.el6_3.i686.rpm mysql-embedded-5.1.66-1.el6_3.x86_64.rpm mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm mysql-embedded-devel-5.1.66-1.el6_3.x86_64.rpm mysql-test-5.1.66-1.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/mysql-5.1.66-1.el6_3.src.rpm x86_64: mysql-5.1.66-1.el6_3.x86_64.rpm mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.x86_64.rpm mysql-libs-5.1.66-1.el6_3.i686.rpm mysql-libs-5.1.66-1.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/mysql-5.1.66-1.el6_3.src.rpm x86_64: mysql-bench-5.1.66-1.el6_3.x86_64.rpm mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.x86_64.rpm mysql-devel-5.1.66-1.el6_3.i686.rpm mysql-devel-5.1.66-1.el6_3.x86_64.rpm mysql-embedded-5.1.66-1.el6_3.i686.rpm mysql-embedded-5.1.66-1.el6_3.x86_64.rpm mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm mysql-embedded-devel-5.1.66-1.el6_3.x86_64.rpm mysql-server-5.1.66-1.el6_3.x86_64.rpm mysql-test-5.1.66-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/mysql-5.1.66-1.el6_3.src.rpm i386: mysql-5.1.66-1.el6_3.i686.rpm mysql-bench-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-devel-5.1.66-1.el6_3.i686.rpm mysql-libs-5.1.66-1.el6_3.i686.rpm mysql-server-5.1.66-1.el6_3.i686.rpm mysql-test-5.1.66-1.el6_3.i686.rpm ppc64: mysql-5.1.66-1.el6_3.ppc64.rpm mysql-bench-5.1.66-1.el6_3.ppc64.rpm mysql-debuginfo-5.1.66-1.el6_3.ppc.rpm mysql-debuginfo-5.1.66-1.el6_3.ppc64.rpm mysql-devel-5.1.66-1.el6_3.ppc.rpm mysql-devel-5.1.66-1.el6_3.ppc64.rpm mysql-libs-5.1.66-1.el6_3.ppc.rpm mysql-libs-5.1.66-1.el6_3.ppc64.rpm mysql-server-5.1.66-1.el6_3.ppc64.rpm mysql-test-5.1.66-1.el6_3.ppc64.rpm s390x: mysql-5.1.66-1.el6_3.s390x.rpm mysql-bench-5.1.66-1.el6_3.s390x.rpm mysql-debuginfo-5.1.66-1.el6_3.s390.rpm mysql-debuginfo-5.1.66-1.el6_3.s390x.rpm mysql-devel-5.1.66-1.el6_3.s390.rpm mysql-devel-5.1.66-1.el6_3.s390x.rpm mysql-libs-5.1.66-1.el6_3.s390.rpm mysql-libs-5.1.66-1.el6_3.s390x.rpm mysql-server-5.1.66-1.el6_3.s390x.rpm mysql-test-5.1.66-1.el6_3.s390x.rpm x86_64: mysql-5.1.66-1.el6_3.x86_64.rpm mysql-bench-5.1.66-1.el6_3.x86_64.rpm mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.x86_64.rpm mysql-devel-5.1.66-1.el6_3.i686.rpm mysql-devel-5.1.66-1.el6_3.x86_64.rpm mysql-libs-5.1.66-1.el6_3.i686.rpm mysql-libs-5.1.66-1.el6_3.x86_64.rpm mysql-server-5.1.66-1.el6_3.x86_64.rpm mysql-test-5.1.66-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/mysql-5.1.66-1.el6_3.src.rpm i386: mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-embedded-5.1.66-1.el6_3.i686.rpm mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm ppc64: mysql-debuginfo-5.1.66-1.el6_3.ppc.rpm mysql-debuginfo-5.1.66-1.el6_3.ppc64.rpm mysql-embedded-5.1.66-1.el6_3.ppc.rpm mysql-embedded-5.1.66-1.el6_3.ppc64.rpm mysql-embedded-devel-5.1.66-1.el6_3.ppc.rpm mysql-embedded-devel-5.1.66-1.el6_3.ppc64.rpm s390x: mysql-debuginfo-5.1.66-1.el6_3.s390.rpm mysql-debuginfo-5.1.66-1.el6_3.s390x.rpm mysql-embedded-5.1.66-1.el6_3.s390.rpm mysql-embedded-5.1.66-1.el6_3.s390x.rpm mysql-embedded-devel-5.1.66-1.el6_3.s390.rpm mysql-embedded-devel-5.1.66-1.el6_3.s390x.rpm x86_64: mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.x86_64.rpm mysql-embedded-5.1.66-1.el6_3.i686.rpm mysql-embedded-5.1.66-1.el6_3.x86_64.rpm mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm mysql-embedded-devel-5.1.66-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/mysql-5.1.66-1.el6_3.src.rpm i386: mysql-5.1.66-1.el6_3.i686.rpm mysql-bench-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-devel-5.1.66-1.el6_3.i686.rpm mysql-libs-5.1.66-1.el6_3.i686.rpm mysql-server-5.1.66-1.el6_3.i686.rpm mysql-test-5.1.66-1.el6_3.i686.rpm x86_64: mysql-5.1.66-1.el6_3.x86_64.rpm mysql-bench-5.1.66-1.el6_3.x86_64.rpm mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.x86_64.rpm mysql-devel-5.1.66-1.el6_3.i686.rpm mysql-devel-5.1.66-1.el6_3.x86_64.rpm mysql-libs-5.1.66-1.el6_3.i686.rpm mysql-libs-5.1.66-1.el6_3.x86_64.rpm mysql-server-5.1.66-1.el6_3.x86_64.rpm mysql-test-5.1.66-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/mysql-5.1.66-1.el6_3.src.rpm i386: mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-embedded-5.1.66-1.el6_3.i686.rpm mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm x86_64: mysql-debuginfo-5.1.66-1.el6_3.i686.rpm mysql-debuginfo-5.1.66-1.el6_3.x86_64.rpm mysql-embedded-5.1.66-1.el6_3.i686.rpm mysql-embedded-5.1.66-1.el6_3.x86_64.rpm mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm mysql-embedded-devel-5.1.66-1.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-0540.html https://www.redhat.com/security/data/cve/CVE-2012-1688.html https://www.redhat.com/security/data/cve/CVE-2012-1689.html https://www.redhat.com/security/data/cve/CVE-2012-1690.html https://www.redhat.com/security/data/cve/CVE-2012-1703.html https://www.redhat.com/security/data/cve/CVE-2012-1734.html https://www.redhat.com/security/data/cve/CVE-2012-2749.html https://www.redhat.com/security/data/cve/CVE-2012-3150.html https://www.redhat.com/security/data/cve/CVE-2012-3158.html https://www.redhat.com/security/data/cve/CVE-2012-3160.html https://www.redhat.com/security/data/cve/CVE-2012-3163.html https://www.redhat.com/security/data/cve/CVE-2012-3166.html https://www.redhat.com/security/data/cve/CVE-2012-3167.html https://www.redhat.com/security/data/cve/CVE-2012-3173.html https://www.redhat.com/security/data/cve/CVE-2012-3177.html https://www.redhat.com/security/data/cve/CVE-2012-3180.html https://www.redhat.com/security/data/cve/CVE-2012-3197.html https://access.redhat.com/security/updates/classification/#important http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html#AppendixMSQL http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html#AppendixMSQL http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html#AppendixMSQL http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-64.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-65.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-66.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQpAWbXlSAg2UNWIIRApWjAJ9+KjFqVoVPI/QqQ3t9vW0fEJPcCwCfWs/b Nmjn6dyfUxoXlm0UAlTeX+0= =S2FX -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Nov 15 21:26:54 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 15 Nov 2012 21:26:54 +0000 Subject: [RHSA-2012:1465-01] Critical: java-1.5.0-ibm security update Message-ID: <201211152126.qAFLQsf9028093@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.5.0-ibm security update Advisory ID: RHSA-2012:1465-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1465.html Issue date: 2012-11-15 CVE Names: CVE-2012-1531 CVE-2012-3143 CVE-2012-3216 CVE-2012-4820 CVE-2012-4822 CVE-2012-5069 CVE-2012-5071 CVE-2012-5073 CVE-2012-5075 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5089 ===================================================================== 1. Summary: Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-1531, CVE-2012-3143, CVE-2012-3216, CVE-2012-4820, CVE-2012-4822, CVE-2012-5069, CVE-2012-5071, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089) All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM J2SE 5.0 SR15 release. All running instances of IBM Java must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919) 867185 - CVE-2012-1531 Oracle JDK: unspecified vulnerability (2D) 867189 - CVE-2012-3143 Oracle JDK: unspecified vulnerability (JMX) 867193 - CVE-2012-5083 Oracle JDK: unspecified vulnerability (2D) 876386 - CVE-2012-4820 IBM JDK: java.lang.reflect.Method invoke() code execution 876388 - CVE-2012-4822 IBM JDK: java.lang.class code execution 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm ppc: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm s390x: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.i686.rpm x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.i686.rpm ppc64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.ppc.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.ppc.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.ppc.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm s390x: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.s390.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.s390.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.i686.rpm x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-1531.html https://www.redhat.com/security/data/cve/CVE-2012-3143.html https://www.redhat.com/security/data/cve/CVE-2012-3216.html https://www.redhat.com/security/data/cve/CVE-2012-4820.html https://www.redhat.com/security/data/cve/CVE-2012-4822.html https://www.redhat.com/security/data/cve/CVE-2012-5069.html https://www.redhat.com/security/data/cve/CVE-2012-5071.html https://www.redhat.com/security/data/cve/CVE-2012-5073.html https://www.redhat.com/security/data/cve/CVE-2012-5075.html https://www.redhat.com/security/data/cve/CVE-2012-5079.html https://www.redhat.com/security/data/cve/CVE-2012-5081.html https://www.redhat.com/security/data/cve/CVE-2012-5083.html https://www.redhat.com/security/data/cve/CVE-2012-5084.html https://www.redhat.com/security/data/cve/CVE-2012-5089.html https://access.redhat.com/security/updates/classification/#critical https://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQpV27XlSAg2UNWIIRAtdyAJ950SF43om961RrbDO+l6pKLsNVkQCfZToe RVwkoTHhFv4aMj/Tm3SjYjw= =XKVH -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Nov 15 21:27:59 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 15 Nov 2012 21:27:59 +0000 Subject: [RHSA-2012:1466-01] Critical: java-1.6.0-ibm security update Message-ID: <201211152127.qAFLRxAV032269@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-ibm security update Advisory ID: RHSA-2012:1466-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1466.html Issue date: 2012-11-15 CVE Names: CVE-2012-0547 CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-1682 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4820 CVE-2012-4822 CVE-2012-4823 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5089 ===================================================================== 1. Summary: Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-0547, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1682, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089) All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 6 SR12 release. All running instances of IBM Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 853097 - CVE-2012-1682 OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476) 853228 - CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201) 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919) 867185 - CVE-2012-1531 Oracle JDK: unspecified vulnerability (2D) 867186 - CVE-2012-1532 Oracle JDK: unspecified vulnerability (Deployment) 867187 - CVE-2012-1533 Oracle JDK: unspecified vulnerability (Deployment) 867189 - CVE-2012-3143 Oracle JDK: unspecified vulnerability (JMX) 867190 - CVE-2012-3159 Oracle JDK: unspecified vulnerability (Deployment) 867193 - CVE-2012-5083 Oracle JDK: unspecified vulnerability (2D) 876386 - CVE-2012-4820 IBM JDK: java.lang.reflect.Method invoke() code execution 876388 - CVE-2012-4822 IBM JDK: java.lang.class code execution 876389 - CVE-2012-4823 IBM JDK: java.lang.ClassLoder defineClass() code execution 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.i386.rpm ppc: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.s390.rpm java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.s390.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.s390.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.s390.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.s390.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.i686.rpm ppc64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.ppc.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.s390x.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.s390x.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.s390.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.s390x.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-0547.html https://www.redhat.com/security/data/cve/CVE-2012-1531.html https://www.redhat.com/security/data/cve/CVE-2012-1532.html https://www.redhat.com/security/data/cve/CVE-2012-1533.html https://www.redhat.com/security/data/cve/CVE-2012-1682.html https://www.redhat.com/security/data/cve/CVE-2012-3143.html https://www.redhat.com/security/data/cve/CVE-2012-3159.html https://www.redhat.com/security/data/cve/CVE-2012-3216.html https://www.redhat.com/security/data/cve/CVE-2012-4820.html https://www.redhat.com/security/data/cve/CVE-2012-4822.html https://www.redhat.com/security/data/cve/CVE-2012-4823.html https://www.redhat.com/security/data/cve/CVE-2012-5068.html https://www.redhat.com/security/data/cve/CVE-2012-5069.html https://www.redhat.com/security/data/cve/CVE-2012-5071.html https://www.redhat.com/security/data/cve/CVE-2012-5072.html https://www.redhat.com/security/data/cve/CVE-2012-5073.html https://www.redhat.com/security/data/cve/CVE-2012-5075.html https://www.redhat.com/security/data/cve/CVE-2012-5079.html https://www.redhat.com/security/data/cve/CVE-2012-5081.html https://www.redhat.com/security/data/cve/CVE-2012-5083.html https://www.redhat.com/security/data/cve/CVE-2012-5084.html https://www.redhat.com/security/data/cve/CVE-2012-5089.html https://access.redhat.com/security/updates/classification/#critical https://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQpV4wXlSAg2UNWIIRAh3xAKCCtopCdB74QaM37wyC/DyniWhpLQCghJEj Rm+cXgBdDZVQhZ96Ylamhpk= =d/D8 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Nov 15 21:28:46 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 15 Nov 2012 21:28:46 +0000 Subject: [RHSA-2012:1467-01] Critical: java-1.7.0-ibm security update Message-ID: <201211152128.qAFLSkZ6032488@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-ibm security update Advisory ID: RHSA-2012:1467-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1467.html Issue date: 2012-11-15 CVE Names: CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-1718 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4820 CVE-2012-4821 CVE-2012-4822 CVE-2012-4823 CVE-2012-5067 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 ===================================================================== 1. Summary: Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1718, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823, CVE-2012-5067, CVE-2012-5069, CVE-2012-5070, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5074, CVE-2012-5075, CVE-2012-5076, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5089) All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR3 release. All running instances of IBM Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 829372 - CVE-2012-1718 OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872) 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865350 - CVE-2012-5070 OpenJDK: EnvHelp information disclosure (JMX, 7158796) 865352 - CVE-2012-5076 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7163198) 865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865359 - CVE-2012-5074 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7169887) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917) 865434 - CVE-2012-5087 OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549) 865471 - CVE-2012-5088 OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919) 867185 - CVE-2012-1531 Oracle JDK: unspecified vulnerability (2D) 867186 - CVE-2012-1532 Oracle JDK: unspecified vulnerability (Deployment) 867187 - CVE-2012-1533 Oracle JDK: unspecified vulnerability (Deployment) 867189 - CVE-2012-3143 Oracle JDK: unspecified vulnerability (JMX) 867190 - CVE-2012-3159 Oracle JDK: unspecified vulnerability (Deployment) 867192 - CVE-2012-5067 Oracle JDK: unspecified vulnerability (Deployment) 867193 - CVE-2012-5083 Oracle JDK: unspecified vulnerability (2D) 876386 - CVE-2012-4820 IBM JDK: java.lang.reflect.Method invoke() code execution 876387 - CVE-2012-4821 IBM JDK: getDeclaredMethods() and setAccessible() code execution 876388 - CVE-2012-4822 IBM JDK: java.lang.class code execution 876389 - CVE-2012-4823 IBM JDK: java.lang.ClassLoder defineClass() code execution 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.7.0-ibm-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-demo-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-devel-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-plugin-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-src-1.7.0.3.0-1jpp.2.el6_3.i686.rpm x86_64: java-1.7.0-ibm-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-src-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.7.0-ibm-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-src-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.7.0-ibm-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-demo-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-devel-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-plugin-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-src-1.7.0.3.0-1jpp.2.el6_3.i686.rpm ppc64: java-1.7.0-ibm-1.7.0.3.0-1jpp.2.el6_3.ppc64.rpm java-1.7.0-ibm-demo-1.7.0.3.0-1jpp.2.el6_3.ppc64.rpm java-1.7.0-ibm-devel-1.7.0.3.0-1jpp.2.el6_3.ppc64.rpm java-1.7.0-ibm-jdbc-1.7.0.3.0-1jpp.2.el6_3.ppc64.rpm java-1.7.0-ibm-src-1.7.0.3.0-1jpp.2.el6_3.ppc64.rpm s390x: java-1.7.0-ibm-1.7.0.3.0-1jpp.2.el6_3.s390x.rpm java-1.7.0-ibm-demo-1.7.0.3.0-1jpp.2.el6_3.s390x.rpm java-1.7.0-ibm-devel-1.7.0.3.0-1jpp.2.el6_3.s390x.rpm java-1.7.0-ibm-jdbc-1.7.0.3.0-1jpp.2.el6_3.s390x.rpm java-1.7.0-ibm-src-1.7.0.3.0-1jpp.2.el6_3.s390x.rpm x86_64: java-1.7.0-ibm-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-src-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.7.0-ibm-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-demo-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-devel-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-plugin-1.7.0.3.0-1jpp.2.el6_3.i686.rpm java-1.7.0-ibm-src-1.7.0.3.0-1jpp.2.el6_3.i686.rpm x86_64: java-1.7.0-ibm-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm java-1.7.0-ibm-src-1.7.0.3.0-1jpp.2.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-1531.html https://www.redhat.com/security/data/cve/CVE-2012-1532.html https://www.redhat.com/security/data/cve/CVE-2012-1533.html https://www.redhat.com/security/data/cve/CVE-2012-1718.html https://www.redhat.com/security/data/cve/CVE-2012-3143.html https://www.redhat.com/security/data/cve/CVE-2012-3159.html https://www.redhat.com/security/data/cve/CVE-2012-3216.html https://www.redhat.com/security/data/cve/CVE-2012-4820.html https://www.redhat.com/security/data/cve/CVE-2012-4821.html https://www.redhat.com/security/data/cve/CVE-2012-4822.html https://www.redhat.com/security/data/cve/CVE-2012-4823.html https://www.redhat.com/security/data/cve/CVE-2012-5067.html https://www.redhat.com/security/data/cve/CVE-2012-5069.html https://www.redhat.com/security/data/cve/CVE-2012-5070.html https://www.redhat.com/security/data/cve/CVE-2012-5071.html https://www.redhat.com/security/data/cve/CVE-2012-5072.html https://www.redhat.com/security/data/cve/CVE-2012-5073.html https://www.redhat.com/security/data/cve/CVE-2012-5074.html https://www.redhat.com/security/data/cve/CVE-2012-5075.html https://www.redhat.com/security/data/cve/CVE-2012-5076.html https://www.redhat.com/security/data/cve/CVE-2012-5077.html https://www.redhat.com/security/data/cve/CVE-2012-5079.html https://www.redhat.com/security/data/cve/CVE-2012-5081.html https://www.redhat.com/security/data/cve/CVE-2012-5083.html https://www.redhat.com/security/data/cve/CVE-2012-5084.html https://www.redhat.com/security/data/cve/CVE-2012-5086.html https://www.redhat.com/security/data/cve/CVE-2012-5087.html https://www.redhat.com/security/data/cve/CVE-2012-5088.html https://www.redhat.com/security/data/cve/CVE-2012-5089.html https://access.redhat.com/security/updates/classification/#critical https://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQpV5tXlSAg2UNWIIRAsZ7AJ9lGD1a+zfQCmhn2W3eqIgd6kQKaQCgkeUx PQMWlg9hiYbk2R/9IZI5m2A= =9BkW -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 20 22:28:23 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 20 Nov 2012 22:28:23 +0000 Subject: [RHSA-2012:1481-01] Low: kernel security and bug fix update Message-ID: <201211202228.qAKMSNnB019417@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: kernel security and bug fix update Advisory ID: RHSA-2012:1481-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1481.html Issue date: 2012-11-20 CVE Names: CVE-2012-2313 ===================================================================== 1. Summary: Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux EUS (v. 5.6 server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) Red Hat would like to thank Stephan Mueller for reporting this issue. This update also fixes the following bugs: * The QLogic netxen_nic driver has been upgraded to version 4.0.75, which provides several bug fixes. This update also allows users to set speed and automatic negotiation parameters for Gigabit Ethernet (GbE) ports. Note that QLogic devices do not support half-duplex data transmission at the moment. (BZ#865304) * When the ext3_dx_add_entry() function had to split a directory index node, it had to ensure that the name_len variable of the new dx_node's fake_dirent structure was set to zero. Otherwise, the e2fsck tool did not recognize it as an intermediate htree node and considered the htree node to be corrupted. The dx_node's fake_dirent structure is now always explicitly set to zero, which prevents the corruption in this scenario. (BZ#866548) * Previously, the error cleanup logic was incorrect: once an error was detected, the same error was reported on every polling cycle (the default behavior is to poll every second). This caused an excessive amount of Error Detection And Correction (EDAC) messages to be logged in the /var/log/messages file. This update fixes the error cleanup logic, which prevents the unnecessary messages from being logged. (BZ#866796) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 818820 - CVE-2012-2313 kernel: unfiltered netdev rio_ioctl access by users 6. Package List: Red Hat Enterprise Linux EUS (v. 5.6 server): Source: kernel-2.6.18-238.47.1.el5.src.rpm i386: kernel-2.6.18-238.47.1.el5.i686.rpm kernel-PAE-2.6.18-238.47.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-238.47.1.el5.i686.rpm kernel-PAE-devel-2.6.18-238.47.1.el5.i686.rpm kernel-debug-2.6.18-238.47.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-238.47.1.el5.i686.rpm kernel-debug-devel-2.6.18-238.47.1.el5.i686.rpm kernel-debuginfo-2.6.18-238.47.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-238.47.1.el5.i686.rpm kernel-devel-2.6.18-238.47.1.el5.i686.rpm kernel-headers-2.6.18-238.47.1.el5.i386.rpm kernel-xen-2.6.18-238.47.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-238.47.1.el5.i686.rpm kernel-xen-devel-2.6.18-238.47.1.el5.i686.rpm ia64: kernel-2.6.18-238.47.1.el5.ia64.rpm kernel-debug-2.6.18-238.47.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-238.47.1.el5.ia64.rpm kernel-debug-devel-2.6.18-238.47.1.el5.ia64.rpm kernel-debuginfo-2.6.18-238.47.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-238.47.1.el5.ia64.rpm kernel-devel-2.6.18-238.47.1.el5.ia64.rpm kernel-headers-2.6.18-238.47.1.el5.ia64.rpm kernel-xen-2.6.18-238.47.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-238.47.1.el5.ia64.rpm kernel-xen-devel-2.6.18-238.47.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-238.47.1.el5.noarch.rpm ppc: kernel-2.6.18-238.47.1.el5.ppc64.rpm kernel-debug-2.6.18-238.47.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-238.47.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-238.47.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-238.47.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-238.47.1.el5.ppc64.rpm kernel-devel-2.6.18-238.47.1.el5.ppc64.rpm kernel-headers-2.6.18-238.47.1.el5.ppc.rpm kernel-headers-2.6.18-238.47.1.el5.ppc64.rpm kernel-kdump-2.6.18-238.47.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-238.47.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-238.47.1.el5.ppc64.rpm s390x: kernel-2.6.18-238.47.1.el5.s390x.rpm kernel-debug-2.6.18-238.47.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-238.47.1.el5.s390x.rpm kernel-debug-devel-2.6.18-238.47.1.el5.s390x.rpm kernel-debuginfo-2.6.18-238.47.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-238.47.1.el5.s390x.rpm kernel-devel-2.6.18-238.47.1.el5.s390x.rpm kernel-headers-2.6.18-238.47.1.el5.s390x.rpm kernel-kdump-2.6.18-238.47.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-238.47.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-238.47.1.el5.s390x.rpm x86_64: kernel-2.6.18-238.47.1.el5.x86_64.rpm kernel-debug-2.6.18-238.47.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-238.47.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-238.47.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-238.47.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-238.47.1.el5.x86_64.rpm kernel-devel-2.6.18-238.47.1.el5.x86_64.rpm kernel-headers-2.6.18-238.47.1.el5.x86_64.rpm kernel-xen-2.6.18-238.47.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-238.47.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-238.47.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-2313.html https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQrAP6XlSAg2UNWIIRAsP4AKCJhRTbpGL0kE0F4AEtfkjomfa0OQCfcklU m9cuSn6XZK5LR7VUDExOZZI= =mcOM -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 20 22:29:36 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 20 Nov 2012 22:29:36 +0000 Subject: [RHSA-2012:1482-01] Critical: firefox security update Message-ID: <201211202229.qAKMTb4U007304@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2012:1482-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1482.html Issue date: 2012-11-20 CVE Names: CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4210 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 ===================================================================== 1. Summary: Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Firefox handled GIF (Graphics Interchange Format) images. A web page containing a malicious GIF image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4202) A flaw was found in the way the Style Inspector tool in Firefox handled certain Cascading Style Sheets (CSS). Running the tool (Tools -> Web Developer -> Inspect) on malicious CSS could result in the execution of HTML and CSS content with chrome privileges. (CVE-2012-4210) A flaw was found in the way Firefox decoded the HZ-GB-2312 character encoding. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2012-4207) A flaw was found in the location object implementation in Firefox. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Firefox. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 10.0.11 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Abhishek Arya, miaubiz, Jesse Ruderman, Andrew McCreight, Bob Clary, Kyle Huey, Atte Kettunen, Mariusz Mlynski, Masato Kinugawa, Bobby Holley, and moz_bug_r_a4 as the original reporters of these issues. All Firefox users should upgrade to these updated packages, which contain Firefox version 10.0.11 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 877614 - CVE-2012-5842 Mozilla: Miscellaneous memory safety hazards (rv:10.0.11) (MFSA 2012-91) 877615 - CVE-2012-4202 Mozilla: Buffer overflow while rendering GIF images (MFSA 2012-92) 877616 - CVE-2012-4201 Mozilla: evalInSanbox location context incorrectly applied (MFSA 2012-93) 877628 - CVE-2012-5841 Mozilla: Improper security filtering for cross-origin wrappers (MFSA 2012-100) 877629 - CVE-2012-4207 Mozilla: Improper character decoding in HZ-GB-2312 charset (MFSA 2012-101) 877632 - CVE-2012-4209 Mozilla: Frames can shadow top.location (MFSA 2012-103) 877633 - CVE-2012-4210 Mozilla: CSS and HTML injection through Style Inspector (MFSA 2012-104) 877634 - CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5839 CVE-2012-5840 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105) 877635 - CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 Mozilla: Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer (MFSA 2012-106) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-10.0.11-1.el5_8.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-10.0.11-1.el5_8.src.rpm i386: firefox-10.0.11-1.el5_8.i386.rpm firefox-debuginfo-10.0.11-1.el5_8.i386.rpm xulrunner-10.0.11-1.el5_8.i386.rpm xulrunner-debuginfo-10.0.11-1.el5_8.i386.rpm x86_64: firefox-10.0.11-1.el5_8.i386.rpm firefox-10.0.11-1.el5_8.x86_64.rpm firefox-debuginfo-10.0.11-1.el5_8.i386.rpm firefox-debuginfo-10.0.11-1.el5_8.x86_64.rpm xulrunner-10.0.11-1.el5_8.i386.rpm xulrunner-10.0.11-1.el5_8.x86_64.rpm xulrunner-debuginfo-10.0.11-1.el5_8.i386.rpm xulrunner-debuginfo-10.0.11-1.el5_8.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-10.0.11-1.el5_8.src.rpm i386: xulrunner-debuginfo-10.0.11-1.el5_8.i386.rpm xulrunner-devel-10.0.11-1.el5_8.i386.rpm x86_64: xulrunner-debuginfo-10.0.11-1.el5_8.i386.rpm xulrunner-debuginfo-10.0.11-1.el5_8.x86_64.rpm xulrunner-devel-10.0.11-1.el5_8.i386.rpm xulrunner-devel-10.0.11-1.el5_8.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-10.0.11-1.el5_8.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xulrunner-10.0.11-1.el5_8.src.rpm i386: firefox-10.0.11-1.el5_8.i386.rpm firefox-debuginfo-10.0.11-1.el5_8.i386.rpm xulrunner-10.0.11-1.el5_8.i386.rpm xulrunner-debuginfo-10.0.11-1.el5_8.i386.rpm xulrunner-devel-10.0.11-1.el5_8.i386.rpm ia64: firefox-10.0.11-1.el5_8.ia64.rpm firefox-debuginfo-10.0.11-1.el5_8.ia64.rpm xulrunner-10.0.11-1.el5_8.ia64.rpm xulrunner-debuginfo-10.0.11-1.el5_8.ia64.rpm xulrunner-devel-10.0.11-1.el5_8.ia64.rpm ppc: firefox-10.0.11-1.el5_8.ppc.rpm firefox-debuginfo-10.0.11-1.el5_8.ppc.rpm xulrunner-10.0.11-1.el5_8.ppc.rpm xulrunner-10.0.11-1.el5_8.ppc64.rpm xulrunner-debuginfo-10.0.11-1.el5_8.ppc.rpm xulrunner-debuginfo-10.0.11-1.el5_8.ppc64.rpm xulrunner-devel-10.0.11-1.el5_8.ppc.rpm xulrunner-devel-10.0.11-1.el5_8.ppc64.rpm s390x: firefox-10.0.11-1.el5_8.s390.rpm firefox-10.0.11-1.el5_8.s390x.rpm firefox-debuginfo-10.0.11-1.el5_8.s390.rpm firefox-debuginfo-10.0.11-1.el5_8.s390x.rpm xulrunner-10.0.11-1.el5_8.s390.rpm xulrunner-10.0.11-1.el5_8.s390x.rpm xulrunner-debuginfo-10.0.11-1.el5_8.s390.rpm xulrunner-debuginfo-10.0.11-1.el5_8.s390x.rpm xulrunner-devel-10.0.11-1.el5_8.s390.rpm xulrunner-devel-10.0.11-1.el5_8.s390x.rpm x86_64: firefox-10.0.11-1.el5_8.i386.rpm firefox-10.0.11-1.el5_8.x86_64.rpm firefox-debuginfo-10.0.11-1.el5_8.i386.rpm firefox-debuginfo-10.0.11-1.el5_8.x86_64.rpm xulrunner-10.0.11-1.el5_8.i386.rpm xulrunner-10.0.11-1.el5_8.x86_64.rpm xulrunner-debuginfo-10.0.11-1.el5_8.i386.rpm xulrunner-debuginfo-10.0.11-1.el5_8.x86_64.rpm xulrunner-devel-10.0.11-1.el5_8.i386.rpm xulrunner-devel-10.0.11-1.el5_8.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/firefox-10.0.11-1.el6_3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-10.0.11-1.el6_3.src.rpm i386: firefox-10.0.11-1.el6_3.i686.rpm firefox-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-10.0.11-1.el6_3.i686.rpm xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm x86_64: firefox-10.0.11-1.el6_3.i686.rpm firefox-10.0.11-1.el6_3.x86_64.rpm firefox-debuginfo-10.0.11-1.el6_3.i686.rpm firefox-debuginfo-10.0.11-1.el6_3.x86_64.rpm xulrunner-10.0.11-1.el6_3.i686.rpm xulrunner-10.0.11-1.el6_3.x86_64.rpm xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-debuginfo-10.0.11-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-10.0.11-1.el6_3.src.rpm i386: xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-devel-10.0.11-1.el6_3.i686.rpm x86_64: xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-debuginfo-10.0.11-1.el6_3.x86_64.rpm xulrunner-devel-10.0.11-1.el6_3.i686.rpm xulrunner-devel-10.0.11-1.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/firefox-10.0.11-1.el6_3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/xulrunner-10.0.11-1.el6_3.src.rpm x86_64: firefox-10.0.11-1.el6_3.i686.rpm firefox-10.0.11-1.el6_3.x86_64.rpm firefox-debuginfo-10.0.11-1.el6_3.i686.rpm firefox-debuginfo-10.0.11-1.el6_3.x86_64.rpm xulrunner-10.0.11-1.el6_3.i686.rpm xulrunner-10.0.11-1.el6_3.x86_64.rpm xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-debuginfo-10.0.11-1.el6_3.x86_64.rpm xulrunner-devel-10.0.11-1.el6_3.i686.rpm xulrunner-devel-10.0.11-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/firefox-10.0.11-1.el6_3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-10.0.11-1.el6_3.src.rpm i386: firefox-10.0.11-1.el6_3.i686.rpm firefox-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-10.0.11-1.el6_3.i686.rpm xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm ppc64: firefox-10.0.11-1.el6_3.ppc.rpm firefox-10.0.11-1.el6_3.ppc64.rpm firefox-debuginfo-10.0.11-1.el6_3.ppc.rpm firefox-debuginfo-10.0.11-1.el6_3.ppc64.rpm xulrunner-10.0.11-1.el6_3.ppc.rpm xulrunner-10.0.11-1.el6_3.ppc64.rpm xulrunner-debuginfo-10.0.11-1.el6_3.ppc.rpm xulrunner-debuginfo-10.0.11-1.el6_3.ppc64.rpm s390x: firefox-10.0.11-1.el6_3.s390.rpm firefox-10.0.11-1.el6_3.s390x.rpm firefox-debuginfo-10.0.11-1.el6_3.s390.rpm firefox-debuginfo-10.0.11-1.el6_3.s390x.rpm xulrunner-10.0.11-1.el6_3.s390.rpm xulrunner-10.0.11-1.el6_3.s390x.rpm xulrunner-debuginfo-10.0.11-1.el6_3.s390.rpm xulrunner-debuginfo-10.0.11-1.el6_3.s390x.rpm x86_64: firefox-10.0.11-1.el6_3.i686.rpm firefox-10.0.11-1.el6_3.x86_64.rpm firefox-debuginfo-10.0.11-1.el6_3.i686.rpm firefox-debuginfo-10.0.11-1.el6_3.x86_64.rpm xulrunner-10.0.11-1.el6_3.i686.rpm xulrunner-10.0.11-1.el6_3.x86_64.rpm xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-debuginfo-10.0.11-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-10.0.11-1.el6_3.src.rpm i386: xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-devel-10.0.11-1.el6_3.i686.rpm ppc64: xulrunner-debuginfo-10.0.11-1.el6_3.ppc.rpm xulrunner-debuginfo-10.0.11-1.el6_3.ppc64.rpm xulrunner-devel-10.0.11-1.el6_3.ppc.rpm xulrunner-devel-10.0.11-1.el6_3.ppc64.rpm s390x: xulrunner-debuginfo-10.0.11-1.el6_3.s390.rpm xulrunner-debuginfo-10.0.11-1.el6_3.s390x.rpm xulrunner-devel-10.0.11-1.el6_3.s390.rpm xulrunner-devel-10.0.11-1.el6_3.s390x.rpm x86_64: xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-debuginfo-10.0.11-1.el6_3.x86_64.rpm xulrunner-devel-10.0.11-1.el6_3.i686.rpm xulrunner-devel-10.0.11-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/firefox-10.0.11-1.el6_3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-10.0.11-1.el6_3.src.rpm i386: firefox-10.0.11-1.el6_3.i686.rpm firefox-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-10.0.11-1.el6_3.i686.rpm xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm x86_64: firefox-10.0.11-1.el6_3.i686.rpm firefox-10.0.11-1.el6_3.x86_64.rpm firefox-debuginfo-10.0.11-1.el6_3.i686.rpm firefox-debuginfo-10.0.11-1.el6_3.x86_64.rpm xulrunner-10.0.11-1.el6_3.i686.rpm xulrunner-10.0.11-1.el6_3.x86_64.rpm xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-debuginfo-10.0.11-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-10.0.11-1.el6_3.src.rpm i386: xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-devel-10.0.11-1.el6_3.i686.rpm x86_64: xulrunner-debuginfo-10.0.11-1.el6_3.i686.rpm xulrunner-debuginfo-10.0.11-1.el6_3.x86_64.rpm xulrunner-devel-10.0.11-1.el6_3.i686.rpm xulrunner-devel-10.0.11-1.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-4201.html https://www.redhat.com/security/data/cve/CVE-2012-4202.html https://www.redhat.com/security/data/cve/CVE-2012-4207.html https://www.redhat.com/security/data/cve/CVE-2012-4209.html https://www.redhat.com/security/data/cve/CVE-2012-4210.html https://www.redhat.com/security/data/cve/CVE-2012-4214.html https://www.redhat.com/security/data/cve/CVE-2012-4215.html https://www.redhat.com/security/data/cve/CVE-2012-4216.html https://www.redhat.com/security/data/cve/CVE-2012-5829.html https://www.redhat.com/security/data/cve/CVE-2012-5830.html https://www.redhat.com/security/data/cve/CVE-2012-5833.html https://www.redhat.com/security/data/cve/CVE-2012-5835.html https://www.redhat.com/security/data/cve/CVE-2012-5839.html https://www.redhat.com/security/data/cve/CVE-2012-5840.html https://www.redhat.com/security/data/cve/CVE-2012-5841.html https://www.redhat.com/security/data/cve/CVE-2012-5842.html https://access.redhat.com/security/updates/classification/#critical http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQrAQhXlSAg2UNWIIRAoZOAKCKhpGeDkpysgcRxl8aukbRupko8wCgpSj5 sb5bZvy6STTsMSr7lG2E8nQ= =N5l8 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 20 22:30:26 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 20 Nov 2012 22:30:26 +0000 Subject: [RHSA-2012:1483-01] Critical: thunderbird security update Message-ID: <201211202230.qAKMUQTL014700@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: thunderbird security update Advisory ID: RHSA-2012:1483-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1483.html Issue date: 2012-11-20 CVE Names: CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 ===================================================================== 1. Summary: An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Thunderbird handled GIF (Graphics Interchange Format) images. Content containing a malicious GIF image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4202) A flaw was found in the way Thunderbird decoded the HZ-GB-2312 character encoding. Malicious content could cause Thunderbird to run JavaScript code with the permissions of different content. (CVE-2012-4207) A flaw was found in the location object implementation in Thunderbird. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Thunderbird. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Abhishek Arya, miaubiz, Jesse Ruderman, Andrew McCreight, Bob Clary, Kyle Huey, Atte Kettunen, Masato Kinugawa, Mariusz Mlynski, Bobby Holley, and moz_bug_r_a4 as the original reporters of these issues. Note: All issues except CVE-2012-4202 cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 10.0.11 ESR, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 877614 - CVE-2012-5842 Mozilla: Miscellaneous memory safety hazards (rv:10.0.11) (MFSA 2012-91) 877615 - CVE-2012-4202 Mozilla: Buffer overflow while rendering GIF images (MFSA 2012-92) 877616 - CVE-2012-4201 Mozilla: evalInSanbox location context incorrectly applied (MFSA 2012-93) 877628 - CVE-2012-5841 Mozilla: Improper security filtering for cross-origin wrappers (MFSA 2012-100) 877629 - CVE-2012-4207 Mozilla: Improper character decoding in HZ-GB-2312 charset (MFSA 2012-101) 877632 - CVE-2012-4209 Mozilla: Frames can shadow top.location (MFSA 2012-103) 877634 - CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5839 CVE-2012-5840 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105) 877635 - CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 Mozilla: Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer (MFSA 2012-106) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/thunderbird-10.0.11-1.el5_8.src.rpm i386: thunderbird-10.0.11-1.el5_8.i386.rpm thunderbird-debuginfo-10.0.11-1.el5_8.i386.rpm x86_64: thunderbird-10.0.11-1.el5_8.x86_64.rpm thunderbird-debuginfo-10.0.11-1.el5_8.x86_64.rpm RHEL Optional Productivity Applications (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/thunderbird-10.0.11-1.el5_8.src.rpm i386: thunderbird-10.0.11-1.el5_8.i386.rpm thunderbird-debuginfo-10.0.11-1.el5_8.i386.rpm x86_64: thunderbird-10.0.11-1.el5_8.x86_64.rpm thunderbird-debuginfo-10.0.11-1.el5_8.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/thunderbird-10.0.11-1.el6_3.src.rpm i386: thunderbird-10.0.11-1.el6_3.i686.rpm thunderbird-debuginfo-10.0.11-1.el6_3.i686.rpm x86_64: thunderbird-10.0.11-1.el6_3.x86_64.rpm thunderbird-debuginfo-10.0.11-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/thunderbird-10.0.11-1.el6_3.src.rpm i386: thunderbird-10.0.11-1.el6_3.i686.rpm thunderbird-debuginfo-10.0.11-1.el6_3.i686.rpm ppc64: thunderbird-10.0.11-1.el6_3.ppc64.rpm thunderbird-debuginfo-10.0.11-1.el6_3.ppc64.rpm s390x: thunderbird-10.0.11-1.el6_3.s390x.rpm thunderbird-debuginfo-10.0.11-1.el6_3.s390x.rpm x86_64: thunderbird-10.0.11-1.el6_3.x86_64.rpm thunderbird-debuginfo-10.0.11-1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/thunderbird-10.0.11-1.el6_3.src.rpm i386: thunderbird-10.0.11-1.el6_3.i686.rpm thunderbird-debuginfo-10.0.11-1.el6_3.i686.rpm x86_64: thunderbird-10.0.11-1.el6_3.x86_64.rpm thunderbird-debuginfo-10.0.11-1.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-4201.html https://www.redhat.com/security/data/cve/CVE-2012-4202.html https://www.redhat.com/security/data/cve/CVE-2012-4207.html https://www.redhat.com/security/data/cve/CVE-2012-4209.html https://www.redhat.com/security/data/cve/CVE-2012-4214.html https://www.redhat.com/security/data/cve/CVE-2012-4215.html https://www.redhat.com/security/data/cve/CVE-2012-4216.html https://www.redhat.com/security/data/cve/CVE-2012-5829.html https://www.redhat.com/security/data/cve/CVE-2012-5830.html https://www.redhat.com/security/data/cve/CVE-2012-5833.html https://www.redhat.com/security/data/cve/CVE-2012-5835.html https://www.redhat.com/security/data/cve/CVE-2012-5839.html https://www.redhat.com/security/data/cve/CVE-2012-5840.html https://www.redhat.com/security/data/cve/CVE-2012-5841.html https://www.redhat.com/security/data/cve/CVE-2012-5842.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQrARgXlSAg2UNWIIRApAhAJ9Mp/qqsr8aPnMJtqBXXaKny1QENQCgkLe7 O7c0fH935joqiTPj5neezQo= =umYQ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Nov 22 18:20:19 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 22 Nov 2012 18:20:19 +0000 Subject: [RHSA-2012:1485-01] Critical: java-1.4.2-ibm security update Message-ID: <201211221820.qAMIKJah009409@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.4.2-ibm security update Advisory ID: RHSA-2012:1485-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1485.html Issue date: 2012-11-22 CVE Names: CVE-2012-1531 CVE-2012-3216 CVE-2012-4820 CVE-2012-4822 CVE-2012-5073 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 ===================================================================== 1. Summary: Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. This is the last update of these packages for Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ia64, ppc, s390x, x86_64 3. Description: IBM J2SE version 1.4.2 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-1531, CVE-2012-3216, CVE-2012-4820, CVE-2012-4822, CVE-2012-5073, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084) This is the last update of the java-1.4.2-ibm packages in Red Hat Enterprise Linux 5 Supplementary. Customers are advised to migrate to later versions of Java at this time. More current versions of IBM Java SE continue to be available via the Red Hat Enterprise Linux 5 Supplementary channel. Customers should also consider OpenJDK which is the default Java development and runtime environment in Red Hat Enterprise Linux. In cases where it is not feasible to move to a later version of supported Java, customers are advised to contact IBM to evaluate other options. All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain the IBM J2SE 1.4.2 SR13-FP14 release. All running instances of IBM Java must be restarted for this update to take effect 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919) 867185 - CVE-2012-1531 Oracle JDK: unspecified vulnerability (2D) 867193 - CVE-2012-5083 Oracle JDK: unspecified vulnerability (2D) 876386 - CVE-2012-4820 IBM JDK: java.lang.reflect.Method invoke() code execution 876388 - CVE-2012-4822 IBM JDK: java.lang.class code execution 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.4.2-ibm-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-src-1.4.2.13.14-1jpp.1.el5_8.i386.rpm x86_64: java-1.4.2-ibm-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-1.4.2.13.14-1jpp.1.el5_8.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.14-1jpp.1.el5_8.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.14-1jpp.1.el5_8.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.14-1jpp.1.el5_8.x86_64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-src-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-src-1.4.2.13.14-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.4.2-ibm-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-src-1.4.2.13.14-1jpp.1.el5_8.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.14-1jpp.1.el5_8.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.14-1jpp.1.el5_8.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.14-1jpp.1.el5_8.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.14-1jpp.1.el5_8.ia64.rpm ppc: java-1.4.2-ibm-1.4.2.13.14-1jpp.1.el5_8.ppc.rpm java-1.4.2-ibm-1.4.2.13.14-1jpp.1.el5_8.ppc64.rpm java-1.4.2-ibm-demo-1.4.2.13.14-1jpp.1.el5_8.ppc.rpm java-1.4.2-ibm-demo-1.4.2.13.14-1jpp.1.el5_8.ppc64.rpm java-1.4.2-ibm-devel-1.4.2.13.14-1jpp.1.el5_8.ppc.rpm java-1.4.2-ibm-devel-1.4.2.13.14-1jpp.1.el5_8.ppc64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.14-1jpp.1.el5_8.ppc.rpm java-1.4.2-ibm-javacomm-1.4.2.13.14-1jpp.1.el5_8.ppc64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.14-1jpp.1.el5_8.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.14-1jpp.1.el5_8.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.14-1jpp.1.el5_8.ppc64.rpm s390x: java-1.4.2-ibm-1.4.2.13.14-1jpp.1.el5_8.s390.rpm java-1.4.2-ibm-1.4.2.13.14-1jpp.1.el5_8.s390x.rpm java-1.4.2-ibm-demo-1.4.2.13.14-1jpp.1.el5_8.s390.rpm java-1.4.2-ibm-demo-1.4.2.13.14-1jpp.1.el5_8.s390x.rpm java-1.4.2-ibm-devel-1.4.2.13.14-1jpp.1.el5_8.s390.rpm java-1.4.2-ibm-devel-1.4.2.13.14-1jpp.1.el5_8.s390x.rpm java-1.4.2-ibm-jdbc-1.4.2.13.14-1jpp.1.el5_8.s390.rpm java-1.4.2-ibm-src-1.4.2.13.14-1jpp.1.el5_8.s390.rpm java-1.4.2-ibm-src-1.4.2.13.14-1jpp.1.el5_8.s390x.rpm x86_64: java-1.4.2-ibm-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-1.4.2.13.14-1jpp.1.el5_8.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.14-1jpp.1.el5_8.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.14-1jpp.1.el5_8.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.14-1jpp.1.el5_8.x86_64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-src-1.4.2.13.14-1jpp.1.el5_8.i386.rpm java-1.4.2-ibm-src-1.4.2.13.14-1jpp.1.el5_8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-1531.html https://www.redhat.com/security/data/cve/CVE-2012-3216.html https://www.redhat.com/security/data/cve/CVE-2012-4820.html https://www.redhat.com/security/data/cve/CVE-2012-4822.html https://www.redhat.com/security/data/cve/CVE-2012-5073.html https://www.redhat.com/security/data/cve/CVE-2012-5079.html https://www.redhat.com/security/data/cve/CVE-2012-5081.html https://www.redhat.com/security/data/cve/CVE-2012-5083.html https://www.redhat.com/security/data/cve/CVE-2012-5084.html https://access.redhat.com/security/updates/classification/#critical http://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQrmzLXlSAg2UNWIIRAnLAAJ9r/bU/Tp224SHWU73D9ixH74D1pACdHDdW HBN36Dkh1xUVGA8gPap01BU= =HE28 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Nov 29 18:50:29 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 29 Nov 2012 18:50:29 +0000 Subject: [RHSA-2012:1511-01] Low: Red Hat Enterprise Linux Extended Update Support 6.1 6-Month EOL Notice Message-ID: <201211291850.qATIoUrZ010636@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux Extended Update Support 6.1 6-Month EOL Notice Advisory ID: RHSA-2012:1511-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1511.html Issue date: 2012-11-29 ===================================================================== 1. Summary: This is the 6-Month notification of the End Of Life plans for Red Hat Enterprise Linux Extended Update Support Add-On (EUS) 6.1. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server EUS (v. 6.1) - i386, ppc64, s390x, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 6.1 will end on 31st May, 2013. Note: This does not impact you unless you are subscribed to the Extended Update Support (EUS) channel for Red Hat Enterprise Linux 6.1. Details of the Red Hat Enterprise Linux life-cycle can be found on the Red Hat website: https://access.redhat.com/support/policy/updates/errata/ 4. Solution: This advisory contains an updated redhat-release-server package that provides a copy of this end of life notice in the "/usr/share/doc/" directory. 5. Package List: Red Hat Enterprise Linux Server EUS (v. 6.1): Source: redhat-release-server-6Server-6.1.0.3.el6_1.src.rpm i386: redhat-release-server-6Server-6.1.0.3.el6_1.i686.rpm ppc64: redhat-release-server-6Server-6.1.0.3.el6_1.ppc64.rpm s390x: redhat-release-server-6Server-6.1.0.3.el6_1.s390x.rpm x86_64: redhat-release-server-6Server-6.1.0.3.el6_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 6. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/support/policy/updates/errata/ 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQt65UXlSAg2UNWIIRAlENAJwOl7FhaCgBrl/nYwj0JJ6R5PP6wgCfeoMn KX6RFu7W5IQD7GpIAUUe8wA= =Kk/t -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Nov 29 18:52:15 2012 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 29 Nov 2012 18:52:15 +0000 Subject: [RHSA-2012:1512-01] Important: libxml2 security update Message-ID: <201211291852.qATIqFen018353@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: libxml2 security update Advisory ID: RHSA-2012:1512-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1512.html Issue date: 2012-11-29 CVE Names: CVE-2012-5134 ===================================================================== 1. Summary: Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 880466 - CVE-2012-5134 libxml2: Heap-buffer-underflow in xmlParseAttValueComplex 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libxml2-2.6.26-2.1.15.el5_8.6.src.rpm i386: libxml2-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-python-2.6.26-2.1.15.el5_8.6.i386.rpm x86_64: libxml2-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-2.6.26-2.1.15.el5_8.6.x86_64.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.x86_64.rpm libxml2-python-2.6.26-2.1.15.el5_8.6.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libxml2-2.6.26-2.1.15.el5_8.6.src.rpm i386: libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-devel-2.6.26-2.1.15.el5_8.6.i386.rpm x86_64: libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.x86_64.rpm libxml2-devel-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-devel-2.6.26-2.1.15.el5_8.6.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libxml2-2.6.26-2.1.15.el5_8.6.src.rpm i386: libxml2-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-devel-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-python-2.6.26-2.1.15.el5_8.6.i386.rpm ia64: libxml2-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-2.6.26-2.1.15.el5_8.6.ia64.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.ia64.rpm libxml2-devel-2.6.26-2.1.15.el5_8.6.ia64.rpm libxml2-python-2.6.26-2.1.15.el5_8.6.ia64.rpm ppc: libxml2-2.6.26-2.1.15.el5_8.6.ppc.rpm libxml2-2.6.26-2.1.15.el5_8.6.ppc64.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.ppc.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.ppc64.rpm libxml2-devel-2.6.26-2.1.15.el5_8.6.ppc.rpm libxml2-devel-2.6.26-2.1.15.el5_8.6.ppc64.rpm libxml2-python-2.6.26-2.1.15.el5_8.6.ppc.rpm s390x: libxml2-2.6.26-2.1.15.el5_8.6.s390.rpm libxml2-2.6.26-2.1.15.el5_8.6.s390x.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.s390.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.s390x.rpm libxml2-devel-2.6.26-2.1.15.el5_8.6.s390.rpm libxml2-devel-2.6.26-2.1.15.el5_8.6.s390x.rpm libxml2-python-2.6.26-2.1.15.el5_8.6.s390x.rpm x86_64: libxml2-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-2.6.26-2.1.15.el5_8.6.x86_64.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.6.x86_64.rpm libxml2-devel-2.6.26-2.1.15.el5_8.6.i386.rpm libxml2-devel-2.6.26-2.1.15.el5_8.6.x86_64.rpm libxml2-python-2.6.26-2.1.15.el5_8.6.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libxml2-2.7.6-8.el6_3.4.src.rpm i386: libxml2-2.7.6-8.el6_3.4.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-python-2.7.6-8.el6_3.4.i686.rpm x86_64: libxml2-2.7.6-8.el6_3.4.i686.rpm libxml2-2.7.6-8.el6_3.4.x86_64.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.x86_64.rpm libxml2-python-2.7.6-8.el6_3.4.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libxml2-2.7.6-8.el6_3.4.src.rpm i386: libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-devel-2.7.6-8.el6_3.4.i686.rpm libxml2-static-2.7.6-8.el6_3.4.i686.rpm x86_64: libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.x86_64.rpm libxml2-devel-2.7.6-8.el6_3.4.i686.rpm libxml2-devel-2.7.6-8.el6_3.4.x86_64.rpm libxml2-static-2.7.6-8.el6_3.4.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/libxml2-2.7.6-8.el6_3.4.src.rpm x86_64: libxml2-2.7.6-8.el6_3.4.i686.rpm libxml2-2.7.6-8.el6_3.4.x86_64.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.x86_64.rpm libxml2-python-2.7.6-8.el6_3.4.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/libxml2-2.7.6-8.el6_3.4.src.rpm x86_64: libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.x86_64.rpm libxml2-devel-2.7.6-8.el6_3.4.i686.rpm libxml2-devel-2.7.6-8.el6_3.4.x86_64.rpm libxml2-static-2.7.6-8.el6_3.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libxml2-2.7.6-8.el6_3.4.src.rpm i386: libxml2-2.7.6-8.el6_3.4.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-devel-2.7.6-8.el6_3.4.i686.rpm libxml2-python-2.7.6-8.el6_3.4.i686.rpm ppc64: libxml2-2.7.6-8.el6_3.4.ppc.rpm libxml2-2.7.6-8.el6_3.4.ppc64.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.ppc.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.ppc64.rpm libxml2-devel-2.7.6-8.el6_3.4.ppc.rpm libxml2-devel-2.7.6-8.el6_3.4.ppc64.rpm libxml2-python-2.7.6-8.el6_3.4.ppc64.rpm s390x: libxml2-2.7.6-8.el6_3.4.s390.rpm libxml2-2.7.6-8.el6_3.4.s390x.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.s390.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.s390x.rpm libxml2-devel-2.7.6-8.el6_3.4.s390.rpm libxml2-devel-2.7.6-8.el6_3.4.s390x.rpm libxml2-python-2.7.6-8.el6_3.4.s390x.rpm x86_64: libxml2-2.7.6-8.el6_3.4.i686.rpm libxml2-2.7.6-8.el6_3.4.x86_64.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.x86_64.rpm libxml2-devel-2.7.6-8.el6_3.4.i686.rpm libxml2-devel-2.7.6-8.el6_3.4.x86_64.rpm libxml2-python-2.7.6-8.el6_3.4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libxml2-2.7.6-8.el6_3.4.src.rpm i386: libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-static-2.7.6-8.el6_3.4.i686.rpm ppc64: libxml2-debuginfo-2.7.6-8.el6_3.4.ppc64.rpm libxml2-static-2.7.6-8.el6_3.4.ppc64.rpm s390x: libxml2-debuginfo-2.7.6-8.el6_3.4.s390x.rpm libxml2-static-2.7.6-8.el6_3.4.s390x.rpm x86_64: libxml2-debuginfo-2.7.6-8.el6_3.4.x86_64.rpm libxml2-static-2.7.6-8.el6_3.4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libxml2-2.7.6-8.el6_3.4.src.rpm i386: libxml2-2.7.6-8.el6_3.4.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-devel-2.7.6-8.el6_3.4.i686.rpm libxml2-python-2.7.6-8.el6_3.4.i686.rpm x86_64: libxml2-2.7.6-8.el6_3.4.i686.rpm libxml2-2.7.6-8.el6_3.4.x86_64.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.4.x86_64.rpm libxml2-devel-2.7.6-8.el6_3.4.i686.rpm libxml2-devel-2.7.6-8.el6_3.4.x86_64.rpm libxml2-python-2.7.6-8.el6_3.4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libxml2-2.7.6-8.el6_3.4.src.rpm i386: libxml2-debuginfo-2.7.6-8.el6_3.4.i686.rpm libxml2-static-2.7.6-8.el6_3.4.i686.rpm x86_64: libxml2-debuginfo-2.7.6-8.el6_3.4.x86_64.rpm libxml2-static-2.7.6-8.el6_3.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-5134.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQt66YXlSAg2UNWIIRAuFIAJ9txGFdpvgJfC/sBrUnpgHgntZmRwCeOyyH uM4okdoImE0phDpHIiSGSqg= =iW2h -----END PGP SIGNATURE-----