Red Hat 8852 Published by

Red Hat has published the following advisories: [RHSA-2011:1245-01] Important: httpd security update, [RHSA-2011:1244-01] Important: seamonkey security update, [RHSA-2011:1242-01] Important: firefox security update, [RHSA-2011:1241-01] Moderate: ecryptfs-utils security update, [RHSA-2011:1240-01] Low: Red Hat Enterprise Linux 4 - 6-Month End Of Life Notice, [RHSA-2011:1243-01] Important: thunderbird security update, and [RHSA-2011:1239-01] Low: Red Hat Enterprise Linux Extended Update Support 4.7 - End Of Life



[RHSA-2011:1245-01] Important: httpd security update

=====================================================================
Red Hat Security Advisory

Synopsis: Important: httpd security update
Advisory ID: RHSA-2011:1245-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1245.html
Issue date: 2011-08-31
CVE Names: CVE-2011-3192
=====================================================================

1. Summary:

Updated httpd packages that fix one security issue are now available for
Red Hat Enterprise Linux 4, 5, and 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64

3. Description:

The Apache HTTP Server is a popular web server.

A flaw was found in the way the Apache HTTP Server handled Range HTTP
headers. A remote attacker could use this flaw to cause httpd to use an
excessive amount of memory and CPU time via HTTP requests with a
specially-crafted Range header. (CVE-2011-3192)

All httpd users should upgrade to these updated packages, which contain a
backported patch to correct this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

732928 - CVE-2011-3192 httpd: multiple ranges DoS

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd-2.0.52-48.ent.src.rpm

i386:
httpd-2.0.52-48.ent.i386.rpm
httpd-debuginfo-2.0.52-48.ent.i386.rpm
httpd-devel-2.0.52-48.ent.i386.rpm
httpd-manual-2.0.52-48.ent.i386.rpm
httpd-suexec-2.0.52-48.ent.i386.rpm
mod_ssl-2.0.52-48.ent.i386.rpm

ia64:
httpd-2.0.52-48.ent.ia64.rpm
httpd-debuginfo-2.0.52-48.ent.ia64.rpm
httpd-devel-2.0.52-48.ent.ia64.rpm
httpd-manual-2.0.52-48.ent.ia64.rpm
httpd-suexec-2.0.52-48.ent.ia64.rpm
mod_ssl-2.0.52-48.ent.ia64.rpm

ppc:
httpd-2.0.52-48.ent.ppc.rpm
httpd-debuginfo-2.0.52-48.ent.ppc.rpm
httpd-devel-2.0.52-48.ent.ppc.rpm
httpd-manual-2.0.52-48.ent.ppc.rpm
httpd-suexec-2.0.52-48.ent.ppc.rpm
mod_ssl-2.0.52-48.ent.ppc.rpm

s390:
httpd-2.0.52-48.ent.s390.rpm
httpd-debuginfo-2.0.52-48.ent.s390.rpm
httpd-devel-2.0.52-48.ent.s390.rpm
httpd-manual-2.0.52-48.ent.s390.rpm
httpd-suexec-2.0.52-48.ent.s390.rpm
mod_ssl-2.0.52-48.ent.s390.rpm

s390x:
httpd-2.0.52-48.ent.s390x.rpm
httpd-debuginfo-2.0.52-48.ent.s390x.rpm
httpd-devel-2.0.52-48.ent.s390x.rpm
httpd-manual-2.0.52-48.ent.s390x.rpm
httpd-suexec-2.0.52-48.ent.s390x.rpm
mod_ssl-2.0.52-48.ent.s390x.rpm

x86_64:
httpd-2.0.52-48.ent.x86_64.rpm
httpd-debuginfo-2.0.52-48.ent.x86_64.rpm
httpd-devel-2.0.52-48.ent.x86_64.rpm
httpd-manual-2.0.52-48.ent.x86_64.rpm
httpd-suexec-2.0.52-48.ent.x86_64.rpm
mod_ssl-2.0.52-48.ent.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/httpd-2.0.52-48.ent.src.rpm

i386:
httpd-2.0.52-48.ent.i386.rpm
httpd-debuginfo-2.0.52-48.ent.i386.rpm
httpd-devel-2.0.52-48.ent.i386.rpm
httpd-manual-2.0.52-48.ent.i386.rpm
httpd-suexec-2.0.52-48.ent.i386.rpm
mod_ssl-2.0.52-48.ent.i386.rpm

x86_64:
httpd-2.0.52-48.ent.x86_64.rpm
httpd-debuginfo-2.0.52-48.ent.x86_64.rpm
httpd-devel-2.0.52-48.ent.x86_64.rpm
httpd-manual-2.0.52-48.ent.x86_64.rpm
httpd-suexec-2.0.52-48.ent.x86_64.rpm
mod_ssl-2.0.52-48.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/httpd-2.0.52-48.ent.src.rpm

i386:
httpd-2.0.52-48.ent.i386.rpm
httpd-debuginfo-2.0.52-48.ent.i386.rpm
httpd-devel-2.0.52-48.ent.i386.rpm
httpd-manual-2.0.52-48.ent.i386.rpm
httpd-suexec-2.0.52-48.ent.i386.rpm
mod_ssl-2.0.52-48.ent.i386.rpm

ia64:
httpd-2.0.52-48.ent.ia64.rpm
httpd-debuginfo-2.0.52-48.ent.ia64.rpm
httpd-devel-2.0.52-48.ent.ia64.rpm
httpd-manual-2.0.52-48.ent.ia64.rpm
httpd-suexec-2.0.52-48.ent.ia64.rpm
mod_ssl-2.0.52-48.ent.ia64.rpm

x86_64:
httpd-2.0.52-48.ent.x86_64.rpm
httpd-debuginfo-2.0.52-48.ent.x86_64.rpm
httpd-devel-2.0.52-48.ent.x86_64.rpm
httpd-manual-2.0.52-48.ent.x86_64.rpm
httpd-suexec-2.0.52-48.ent.x86_64.rpm
mod_ssl-2.0.52-48.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/httpd-2.0.52-48.ent.src.rpm

i386:
httpd-2.0.52-48.ent.i386.rpm
httpd-debuginfo-2.0.52-48.ent.i386.rpm
httpd-devel-2.0.52-48.ent.i386.rpm
httpd-manual-2.0.52-48.ent.i386.rpm
httpd-suexec-2.0.52-48.ent.i386.rpm
mod_ssl-2.0.52-48.ent.i386.rpm

ia64:
httpd-2.0.52-48.ent.ia64.rpm
httpd-debuginfo-2.0.52-48.ent.ia64.rpm
httpd-devel-2.0.52-48.ent.ia64.rpm
httpd-manual-2.0.52-48.ent.ia64.rpm
httpd-suexec-2.0.52-48.ent.ia64.rpm
mod_ssl-2.0.52-48.ent.ia64.rpm

x86_64:
httpd-2.0.52-48.ent.x86_64.rpm
httpd-debuginfo-2.0.52-48.ent.x86_64.rpm
httpd-devel-2.0.52-48.ent.x86_64.rpm
httpd-manual-2.0.52-48.ent.x86_64.rpm
httpd-suexec-2.0.52-48.ent.x86_64.rpm
mod_ssl-2.0.52-48.ent.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/httpd-2.2.3-53.el5_7.1.src.rpm

i386:
httpd-2.2.3-53.el5_7.1.i386.rpm
httpd-debuginfo-2.2.3-53.el5_7.1.i386.rpm
mod_ssl-2.2.3-53.el5_7.1.i386.rpm

x86_64:
httpd-2.2.3-53.el5_7.1.x86_64.rpm
httpd-debuginfo-2.2.3-53.el5_7.1.x86_64.rpm
mod_ssl-2.2.3-53.el5_7.1.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/httpd-2.2.3-53.el5_7.1.src.rpm

i386:
httpd-debuginfo-2.2.3-53.el5_7.1.i386.rpm
httpd-devel-2.2.3-53.el5_7.1.i386.rpm
httpd-manual-2.2.3-53.el5_7.1.i386.rpm

x86_64:
httpd-debuginfo-2.2.3-53.el5_7.1.i386.rpm
httpd-debuginfo-2.2.3-53.el5_7.1.x86_64.rpm
httpd-devel-2.2.3-53.el5_7.1.i386.rpm
httpd-devel-2.2.3-53.el5_7.1.x86_64.rpm
httpd-manual-2.2.3-53.el5_7.1.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/httpd-2.2.3-53.el5_7.1.src.rpm

i386:
httpd-2.2.3-53.el5_7.1.i386.rpm
httpd-debuginfo-2.2.3-53.el5_7.1.i386.rpm
httpd-devel-2.2.3-53.el5_7.1.i386.rpm
httpd-manual-2.2.3-53.el5_7.1.i386.rpm
mod_ssl-2.2.3-53.el5_7.1.i386.rpm

ia64:
httpd-2.2.3-53.el5_7.1.ia64.rpm
httpd-debuginfo-2.2.3-53.el5_7.1.ia64.rpm
httpd-devel-2.2.3-53.el5_7.1.ia64.rpm
httpd-manual-2.2.3-53.el5_7.1.ia64.rpm
mod_ssl-2.2.3-53.el5_7.1.ia64.rpm

ppc:
httpd-2.2.3-53.el5_7.1.ppc.rpm
httpd-debuginfo-2.2.3-53.el5_7.1.ppc.rpm
httpd-debuginfo-2.2.3-53.el5_7.1.ppc64.rpm
httpd-devel-2.2.3-53.el5_7.1.ppc.rpm
httpd-devel-2.2.3-53.el5_7.1.ppc64.rpm
httpd-manual-2.2.3-53.el5_7.1.ppc.rpm
mod_ssl-2.2.3-53.el5_7.1.ppc.rpm

s390x:
httpd-2.2.3-53.el5_7.1.s390x.rpm
httpd-debuginfo-2.2.3-53.el5_7.1.s390.rpm
httpd-debuginfo-2.2.3-53.el5_7.1.s390x.rpm
httpd-devel-2.2.3-53.el5_7.1.s390.rpm
httpd-devel-2.2.3-53.el5_7.1.s390x.rpm
httpd-manual-2.2.3-53.el5_7.1.s390x.rpm
mod_ssl-2.2.3-53.el5_7.1.s390x.rpm

x86_64:
httpd-2.2.3-53.el5_7.1.x86_64.rpm
httpd-debuginfo-2.2.3-53.el5_7.1.i386.rpm
httpd-debuginfo-2.2.3-53.el5_7.1.x86_64.rpm
httpd-devel-2.2.3-53.el5_7.1.i386.rpm
httpd-devel-2.2.3-53.el5_7.1.x86_64.rpm
httpd-manual-2.2.3-53.el5_7.1.x86_64.rpm
mod_ssl-2.2.3-53.el5_7.1.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm

i386:
httpd-2.2.15-9.el6_1.2.i686.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm
httpd-tools-2.2.15-9.el6_1.2.i686.rpm

x86_64:
httpd-2.2.15-9.el6_1.2.x86_64.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm
httpd-tools-2.2.15-9.el6_1.2.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm

i386:
httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm
httpd-devel-2.2.15-9.el6_1.2.i686.rpm
mod_ssl-2.2.15-9.el6_1.2.i686.rpm

noarch:
httpd-manual-2.2.15-9.el6_1.2.noarch.rpm

x86_64:
httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm
httpd-devel-2.2.15-9.el6_1.2.i686.rpm
httpd-devel-2.2.15-9.el6_1.2.x86_64.rpm
mod_ssl-2.2.15-9.el6_1.2.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm

x86_64:
httpd-2.2.15-9.el6_1.2.x86_64.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm
httpd-tools-2.2.15-9.el6_1.2.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm

noarch:
httpd-manual-2.2.15-9.el6_1.2.noarch.rpm

x86_64:
httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm
httpd-devel-2.2.15-9.el6_1.2.i686.rpm
httpd-devel-2.2.15-9.el6_1.2.x86_64.rpm
mod_ssl-2.2.15-9.el6_1.2.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm

i386:
httpd-2.2.15-9.el6_1.2.i686.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm
httpd-devel-2.2.15-9.el6_1.2.i686.rpm
httpd-tools-2.2.15-9.el6_1.2.i686.rpm
mod_ssl-2.2.15-9.el6_1.2.i686.rpm

noarch:
httpd-manual-2.2.15-9.el6_1.2.noarch.rpm

ppc64:
httpd-2.2.15-9.el6_1.2.ppc64.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.ppc.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.ppc64.rpm
httpd-devel-2.2.15-9.el6_1.2.ppc.rpm
httpd-devel-2.2.15-9.el6_1.2.ppc64.rpm
httpd-tools-2.2.15-9.el6_1.2.ppc64.rpm
mod_ssl-2.2.15-9.el6_1.2.ppc64.rpm

s390x:
httpd-2.2.15-9.el6_1.2.s390x.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.s390.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.s390x.rpm
httpd-devel-2.2.15-9.el6_1.2.s390.rpm
httpd-devel-2.2.15-9.el6_1.2.s390x.rpm
httpd-tools-2.2.15-9.el6_1.2.s390x.rpm
mod_ssl-2.2.15-9.el6_1.2.s390x.rpm

x86_64:
httpd-2.2.15-9.el6_1.2.x86_64.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm
httpd-devel-2.2.15-9.el6_1.2.i686.rpm
httpd-devel-2.2.15-9.el6_1.2.x86_64.rpm
httpd-tools-2.2.15-9.el6_1.2.x86_64.rpm
mod_ssl-2.2.15-9.el6_1.2.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm

i386:
httpd-2.2.15-9.el6_1.2.i686.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm
httpd-devel-2.2.15-9.el6_1.2.i686.rpm
httpd-tools-2.2.15-9.el6_1.2.i686.rpm
mod_ssl-2.2.15-9.el6_1.2.i686.rpm

noarch:
httpd-manual-2.2.15-9.el6_1.2.noarch.rpm

x86_64:
httpd-2.2.15-9.el6_1.2.x86_64.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm
httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm
httpd-devel-2.2.15-9.el6_1.2.i686.rpm
httpd-devel-2.2.15-9.el6_1.2.x86_64.rpm
httpd-tools-2.2.15-9.el6_1.2.x86_64.rpm
mod_ssl-2.2.15-9.el6_1.2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-3192.html
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
[RHSA-2011:1244-01] Important: seamonkey security update

=====================================================================
Red Hat Security Advisory

Synopsis: Important: seamonkey security update
Advisory ID: RHSA-2011:1244-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1244.html
Issue date: 2011-08-31
=====================================================================

1. Summary:

Updated seamonkey packages that fix one security issue are now available
for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having
important security impact.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source web browser, email and newsgroup client, IRC
chat client, and HTML editor.

It was found that a Certificate Authority (CA) issued a fraudulent HTTPS
certificate. This update renders any HTTPS certificates signed by that
CA as untrusted, except for a select few. The now untrusted certificates
that were issued before July 1, 2011 can be manually re-enabled and used
again at your own risk in SeaMonkey; however, affected certificates issued
after this date cannot be re-enabled or used. (BZ#734316)

All SeaMonkey users should upgrade to these updated packages, which correct
this issue. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

734316 - Fraudulent certificates signed by DigiNotar CA certificate (MFSA 2011-34)

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-74.el4.src.rpm

i386:
seamonkey-1.0.9-74.el4.i386.rpm
seamonkey-chat-1.0.9-74.el4.i386.rpm
seamonkey-debuginfo-1.0.9-74.el4.i386.rpm
seamonkey-devel-1.0.9-74.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-74.el4.i386.rpm
seamonkey-js-debugger-1.0.9-74.el4.i386.rpm
seamonkey-mail-1.0.9-74.el4.i386.rpm

ia64:
seamonkey-1.0.9-74.el4.ia64.rpm
seamonkey-chat-1.0.9-74.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-74.el4.ia64.rpm
seamonkey-devel-1.0.9-74.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-74.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-74.el4.ia64.rpm
seamonkey-mail-1.0.9-74.el4.ia64.rpm

ppc:
seamonkey-1.0.9-74.el4.ppc.rpm
seamonkey-chat-1.0.9-74.el4.ppc.rpm
seamonkey-debuginfo-1.0.9-74.el4.ppc.rpm
seamonkey-devel-1.0.9-74.el4.ppc.rpm
seamonkey-dom-inspector-1.0.9-74.el4.ppc.rpm
seamonkey-js-debugger-1.0.9-74.el4.ppc.rpm
seamonkey-mail-1.0.9-74.el4.ppc.rpm

s390:
seamonkey-1.0.9-74.el4.s390.rpm
seamonkey-chat-1.0.9-74.el4.s390.rpm
seamonkey-debuginfo-1.0.9-74.el4.s390.rpm
seamonkey-devel-1.0.9-74.el4.s390.rpm
seamonkey-dom-inspector-1.0.9-74.el4.s390.rpm
seamonkey-js-debugger-1.0.9-74.el4.s390.rpm
seamonkey-mail-1.0.9-74.el4.s390.rpm

s390x:
seamonkey-1.0.9-74.el4.s390x.rpm
seamonkey-chat-1.0.9-74.el4.s390x.rpm
seamonkey-debuginfo-1.0.9-74.el4.s390x.rpm
seamonkey-devel-1.0.9-74.el4.s390x.rpm
seamonkey-dom-inspector-1.0.9-74.el4.s390x.rpm
seamonkey-js-debugger-1.0.9-74.el4.s390x.rpm
seamonkey-mail-1.0.9-74.el4.s390x.rpm

x86_64:
seamonkey-1.0.9-74.el4.x86_64.rpm
seamonkey-chat-1.0.9-74.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-74.el4.x86_64.rpm
seamonkey-devel-1.0.9-74.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-74.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-74.el4.x86_64.rpm
seamonkey-mail-1.0.9-74.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-74.el4.src.rpm

i386:
seamonkey-1.0.9-74.el4.i386.rpm
seamonkey-chat-1.0.9-74.el4.i386.rpm
seamonkey-debuginfo-1.0.9-74.el4.i386.rpm
seamonkey-devel-1.0.9-74.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-74.el4.i386.rpm
seamonkey-js-debugger-1.0.9-74.el4.i386.rpm
seamonkey-mail-1.0.9-74.el4.i386.rpm

x86_64:
seamonkey-1.0.9-74.el4.x86_64.rpm
seamonkey-chat-1.0.9-74.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-74.el4.x86_64.rpm
seamonkey-devel-1.0.9-74.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-74.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-74.el4.x86_64.rpm
seamonkey-mail-1.0.9-74.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-74.el4.src.rpm

i386:
seamonkey-1.0.9-74.el4.i386.rpm
seamonkey-chat-1.0.9-74.el4.i386.rpm
seamonkey-debuginfo-1.0.9-74.el4.i386.rpm
seamonkey-devel-1.0.9-74.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-74.el4.i386.rpm
seamonkey-js-debugger-1.0.9-74.el4.i386.rpm
seamonkey-mail-1.0.9-74.el4.i386.rpm

ia64:
seamonkey-1.0.9-74.el4.ia64.rpm
seamonkey-chat-1.0.9-74.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-74.el4.ia64.rpm
seamonkey-devel-1.0.9-74.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-74.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-74.el4.ia64.rpm
seamonkey-mail-1.0.9-74.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-74.el4.x86_64.rpm
seamonkey-chat-1.0.9-74.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-74.el4.x86_64.rpm
seamonkey-devel-1.0.9-74.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-74.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-74.el4.x86_64.rpm
seamonkey-mail-1.0.9-74.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-74.el4.src.rpm

i386:
seamonkey-1.0.9-74.el4.i386.rpm
seamonkey-chat-1.0.9-74.el4.i386.rpm
seamonkey-debuginfo-1.0.9-74.el4.i386.rpm
seamonkey-devel-1.0.9-74.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-74.el4.i386.rpm
seamonkey-js-debugger-1.0.9-74.el4.i386.rpm
seamonkey-mail-1.0.9-74.el4.i386.rpm

ia64:
seamonkey-1.0.9-74.el4.ia64.rpm
seamonkey-chat-1.0.9-74.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-74.el4.ia64.rpm
seamonkey-devel-1.0.9-74.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-74.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-74.el4.ia64.rpm
seamonkey-mail-1.0.9-74.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-74.el4.x86_64.rpm
seamonkey-chat-1.0.9-74.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-74.el4.x86_64.rpm
seamonkey-devel-1.0.9-74.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-74.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-74.el4.x86_64.rpm
seamonkey-mail-1.0.9-74.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
[RHSA-2011:1242-01] Important: firefox security update

=====================================================================
Red Hat Security Advisory

Synopsis: Important: firefox security update
Advisory ID: RHSA-2011:1242-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1242.html
Issue date: 2011-08-31
=====================================================================

1. Summary:

Updated firefox packages that fix one security issue are now available for
Red Hat Enterprise Linux 4, 5, and 6.

The Red Hat Security Response Team has rated this update as having
important security impact.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

Mozilla Firefox is an open source web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.

It was found that a Certificate Authority (CA) issued a fraudulent HTTPS
certificate. This update renders any HTTPS certificates signed by that
CA as untrusted, except for a select few. The now untrusted certificates
that were issued before July 1, 2011 can be manually re-enabled and used
again at your own risk in Firefox; however, affected certificates issued
after this date cannot be re-enabled or used. (BZ#734316)

All Firefox users should upgrade to these updated packages, which contain
a backported patch. After installing the update, Firefox must be restarted
for the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

734316 - Fraudulent certificates signed by DigiNotar CA certificate (MFSA 2011-34)

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-3.6.20-3.el4.src.rpm

i386:
firefox-3.6.20-3.el4.i386.rpm
firefox-debuginfo-3.6.20-3.el4.i386.rpm

ia64:
firefox-3.6.20-3.el4.ia64.rpm
firefox-debuginfo-3.6.20-3.el4.ia64.rpm

ppc:
firefox-3.6.20-3.el4.ppc.rpm
firefox-debuginfo-3.6.20-3.el4.ppc.rpm

s390:
firefox-3.6.20-3.el4.s390.rpm
firefox-debuginfo-3.6.20-3.el4.s390.rpm

s390x:
firefox-3.6.20-3.el4.s390x.rpm
firefox-debuginfo-3.6.20-3.el4.s390x.rpm

x86_64:
firefox-3.6.20-3.el4.x86_64.rpm
firefox-debuginfo-3.6.20-3.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-3.6.20-3.el4.src.rpm

i386:
firefox-3.6.20-3.el4.i386.rpm
firefox-debuginfo-3.6.20-3.el4.i386.rpm

x86_64:
firefox-3.6.20-3.el4.x86_64.rpm
firefox-debuginfo-3.6.20-3.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-3.6.20-3.el4.src.rpm

i386:
firefox-3.6.20-3.el4.i386.rpm
firefox-debuginfo-3.6.20-3.el4.i386.rpm

ia64:
firefox-3.6.20-3.el4.ia64.rpm
firefox-debuginfo-3.6.20-3.el4.ia64.rpm

x86_64:
firefox-3.6.20-3.el4.x86_64.rpm
firefox-debuginfo-3.6.20-3.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-3.6.20-3.el4.src.rpm

i386:
firefox-3.6.20-3.el4.i386.rpm
firefox-debuginfo-3.6.20-3.el4.i386.rpm

ia64:
firefox-3.6.20-3.el4.ia64.rpm
firefox-debuginfo-3.6.20-3.el4.ia64.rpm

x86_64:
firefox-3.6.20-3.el4.x86_64.rpm
firefox-debuginfo-3.6.20-3.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-1.9.2.20-3.el5_7.src.rpm

i386:
xulrunner-1.9.2.20-3.el5_7.i386.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.i386.rpm

x86_64:
xulrunner-1.9.2.20-3.el5_7.i386.rpm
xulrunner-1.9.2.20-3.el5_7.x86_64.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.i386.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-1.9.2.20-3.el5_7.src.rpm

i386:
xulrunner-debuginfo-1.9.2.20-3.el5_7.i386.rpm
xulrunner-devel-1.9.2.20-3.el5_7.i386.rpm

x86_64:
xulrunner-debuginfo-1.9.2.20-3.el5_7.i386.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.x86_64.rpm
xulrunner-devel-1.9.2.20-3.el5_7.i386.rpm
xulrunner-devel-1.9.2.20-3.el5_7.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xulrunner-1.9.2.20-3.el5_7.src.rpm

i386:
xulrunner-1.9.2.20-3.el5_7.i386.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.i386.rpm
xulrunner-devel-1.9.2.20-3.el5_7.i386.rpm

ia64:
xulrunner-1.9.2.20-3.el5_7.ia64.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.ia64.rpm
xulrunner-devel-1.9.2.20-3.el5_7.ia64.rpm

ppc:
xulrunner-1.9.2.20-3.el5_7.ppc.rpm
xulrunner-1.9.2.20-3.el5_7.ppc64.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.ppc.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.ppc64.rpm
xulrunner-devel-1.9.2.20-3.el5_7.ppc.rpm
xulrunner-devel-1.9.2.20-3.el5_7.ppc64.rpm

s390x:
xulrunner-1.9.2.20-3.el5_7.s390.rpm
xulrunner-1.9.2.20-3.el5_7.s390x.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.s390.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.s390x.rpm
xulrunner-devel-1.9.2.20-3.el5_7.s390.rpm
xulrunner-devel-1.9.2.20-3.el5_7.s390x.rpm

x86_64:
xulrunner-1.9.2.20-3.el5_7.i386.rpm
xulrunner-1.9.2.20-3.el5_7.x86_64.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.i386.rpm
xulrunner-debuginfo-1.9.2.20-3.el5_7.x86_64.rpm
xulrunner-devel-1.9.2.20-3.el5_7.i386.rpm
xulrunner-devel-1.9.2.20-3.el5_7.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-1.9.2.20-3.el6_1.src.rpm

i386:
xulrunner-1.9.2.20-3.el6_1.i686.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm

x86_64:
xulrunner-1.9.2.20-3.el6_1.i686.rpm
xulrunner-1.9.2.20-3.el6_1.x86_64.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-1.9.2.20-3.el6_1.src.rpm

i386:
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
xulrunner-devel-1.9.2.20-3.el6_1.i686.rpm

x86_64:
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.x86_64.rpm
xulrunner-devel-1.9.2.20-3.el6_1.i686.rpm
xulrunner-devel-1.9.2.20-3.el6_1.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/xulrunner-1.9.2.20-3.el6_1.src.rpm

x86_64:
xulrunner-1.9.2.20-3.el6_1.i686.rpm
xulrunner-1.9.2.20-3.el6_1.x86_64.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.x86_64.rpm
xulrunner-devel-1.9.2.20-3.el6_1.i686.rpm
xulrunner-devel-1.9.2.20-3.el6_1.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-1.9.2.20-3.el6_1.src.rpm

i386:
xulrunner-1.9.2.20-3.el6_1.i686.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm

ppc64:
xulrunner-1.9.2.20-3.el6_1.ppc.rpm
xulrunner-1.9.2.20-3.el6_1.ppc64.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.ppc.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.ppc64.rpm

s390x:
xulrunner-1.9.2.20-3.el6_1.s390.rpm
xulrunner-1.9.2.20-3.el6_1.s390x.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.s390.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.s390x.rpm

x86_64:
xulrunner-1.9.2.20-3.el6_1.i686.rpm
xulrunner-1.9.2.20-3.el6_1.x86_64.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-1.9.2.20-3.el6_1.src.rpm

i386:
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
xulrunner-devel-1.9.2.20-3.el6_1.i686.rpm

ppc64:
xulrunner-debuginfo-1.9.2.20-3.el6_1.ppc.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.ppc64.rpm
xulrunner-devel-1.9.2.20-3.el6_1.ppc.rpm
xulrunner-devel-1.9.2.20-3.el6_1.ppc64.rpm

s390x:
xulrunner-debuginfo-1.9.2.20-3.el6_1.s390.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.s390x.rpm
xulrunner-devel-1.9.2.20-3.el6_1.s390.rpm
xulrunner-devel-1.9.2.20-3.el6_1.s390x.rpm

x86_64:
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.x86_64.rpm
xulrunner-devel-1.9.2.20-3.el6_1.i686.rpm
xulrunner-devel-1.9.2.20-3.el6_1.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-1.9.2.20-3.el6_1.src.rpm

i386:
xulrunner-1.9.2.20-3.el6_1.i686.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm

x86_64:
xulrunner-1.9.2.20-3.el6_1.i686.rpm
xulrunner-1.9.2.20-3.el6_1.x86_64.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-1.9.2.20-3.el6_1.src.rpm

i386:
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
xulrunner-devel-1.9.2.20-3.el6_1.i686.rpm

x86_64:
xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
xulrunner-debuginfo-1.9.2.20-3.el6_1.x86_64.rpm
xulrunner-devel-1.9.2.20-3.el6_1.i686.rpm
xulrunner-devel-1.9.2.20-3.el6_1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
[RHSA-2011:1241-01] Moderate: ecryptfs-utils security update

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: ecryptfs-utils security update
Advisory ID: RHSA-2011:1241-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1241.html
Issue date: 2011-08-31
CVE Names: CVE-2011-1831 CVE-2011-1832 CVE-2011-1834
CVE-2011-1835 CVE-2011-1837 CVE-2011-3145
=====================================================================

1. Summary:

Updated ecryptfs-utils packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

eCryptfs is a stacked, cryptographic file system. It is transparent to the
underlying file system and provides per-file granularity. eCryptfs is
released as a Technology Preview for Red Hat Enterprise Linux 5 and 6.

The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs
file system. This utility can only be run by users in the "ecryptfs" group.

A race condition flaw was found in the way mount.ecryptfs_private checked
the permissions of a requested mount point when mounting an encrypted file
system. A local attacker could possibly use this flaw to escalate their
privileges by mounting over an arbitrary directory. (CVE-2011-1831)

A race condition flaw in umount.ecryptfs_private could allow a local
attacker to unmount an arbitrary file system. (CVE-2011-1832)

It was found that mount.ecryptfs_private did not handle certain errors
correctly when updating the mtab (mounted file systems table) file,
allowing a local attacker to corrupt the mtab file and possibly unmount an
arbitrary file system. (CVE-2011-1834)

An insecure temporary file use flaw was found in the ecryptfs-setup-private
script. A local attacker could use this script to insert their own key that
will subsequently be used by a new user, possibly giving the attacker
access to the user's encrypted data if existing file permissions allow
access. (CVE-2011-1835)

A race condition flaw in mount.ecryptfs_private could allow a local
attacker to overwrite arbitrary files. (CVE-2011-1837)

A race condition flaw in the way temporary files were accessed in
mount.ecryptfs_private could allow a malicious, local user to make
arbitrary modifications to the mtab file. (CVE-2011-3145)

A race condition flaw was found in the way mount.ecryptfs_private checked
the permissions of the directory to mount. A local attacker could use this
flaw to mount (and then access) a directory they would otherwise not have
access to. Note: The fix for this issue is incomplete until a kernel-space
change is made. Future Red Hat Enterprise Linux 5 and 6 kernel updates
will correct this issue. (CVE-2011-1833)

Red Hat would like to thank the Ubuntu Security Team for reporting these
issues. The Ubuntu Security Team acknowledges Vasiliy Kulikov of Openwall
and Dan Rosenberg as the original reporters of CVE-2011-1831,
CVE-2011-1832, and CVE-2011-1833; Dan Rosenberg and Marc Deslauriers as the
original reporters of CVE-2011-1834; Marc Deslauriers as the original
reporter of CVE-2011-1835; and Vasiliy Kulikov of Openwall as the original
reporter of CVE-2011-1837.

Users of ecryptfs-utils are advised to upgrade to these updated packages,
which contain backported patches to correct these issues.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

729465 - CVE-2011-1831 CVE-2011-1832 CVE-2011-1834 CVE-2011-1835 CVE-2011-1837 ecryptfs: multiple flaws to mount/umount arbitrary locations and possibly disclose confidential information
732607 - CVE-2011-3145 ecryptfs-utils: incorrect mtab group ownership

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/ecryptfs-utils-75-5.el5_7.2.src.rpm

i386:
ecryptfs-utils-75-5.el5_7.2.i386.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.i386.rpm
ecryptfs-utils-gui-75-5.el5_7.2.i386.rpm

x86_64:
ecryptfs-utils-75-5.el5_7.2.i386.rpm
ecryptfs-utils-75-5.el5_7.2.x86_64.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.i386.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.x86_64.rpm
ecryptfs-utils-gui-75-5.el5_7.2.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/ecryptfs-utils-75-5.el5_7.2.src.rpm

i386:
ecryptfs-utils-debuginfo-75-5.el5_7.2.i386.rpm
ecryptfs-utils-devel-75-5.el5_7.2.i386.rpm

x86_64:
ecryptfs-utils-debuginfo-75-5.el5_7.2.i386.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.x86_64.rpm
ecryptfs-utils-devel-75-5.el5_7.2.i386.rpm
ecryptfs-utils-devel-75-5.el5_7.2.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/ecryptfs-utils-75-5.el5_7.2.src.rpm

i386:
ecryptfs-utils-75-5.el5_7.2.i386.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.i386.rpm
ecryptfs-utils-devel-75-5.el5_7.2.i386.rpm
ecryptfs-utils-gui-75-5.el5_7.2.i386.rpm

ia64:
ecryptfs-utils-75-5.el5_7.2.ia64.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.ia64.rpm
ecryptfs-utils-devel-75-5.el5_7.2.ia64.rpm
ecryptfs-utils-gui-75-5.el5_7.2.ia64.rpm

ppc:
ecryptfs-utils-75-5.el5_7.2.ppc.rpm
ecryptfs-utils-75-5.el5_7.2.ppc64.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.ppc.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.ppc64.rpm
ecryptfs-utils-devel-75-5.el5_7.2.ppc.rpm
ecryptfs-utils-devel-75-5.el5_7.2.ppc64.rpm
ecryptfs-utils-gui-75-5.el5_7.2.ppc.rpm

s390x:
ecryptfs-utils-75-5.el5_7.2.s390.rpm
ecryptfs-utils-75-5.el5_7.2.s390x.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.s390.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.s390x.rpm
ecryptfs-utils-devel-75-5.el5_7.2.s390.rpm
ecryptfs-utils-devel-75-5.el5_7.2.s390x.rpm
ecryptfs-utils-gui-75-5.el5_7.2.s390x.rpm

x86_64:
ecryptfs-utils-75-5.el5_7.2.i386.rpm
ecryptfs-utils-75-5.el5_7.2.x86_64.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.i386.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.x86_64.rpm
ecryptfs-utils-devel-75-5.el5_7.2.i386.rpm
ecryptfs-utils-devel-75-5.el5_7.2.x86_64.rpm
ecryptfs-utils-gui-75-5.el5_7.2.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/ecryptfs-utils-82-6.el6_1.3.src.rpm

i386:
ecryptfs-utils-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm

x86_64:
ecryptfs-utils-82-6.el6_1.3.i686.rpm
ecryptfs-utils-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/ecryptfs-utils-82-6.el6_1.3.src.rpm

i386:
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-devel-82-6.el6_1.3.i686.rpm
ecryptfs-utils-python-82-6.el6_1.3.i686.rpm

x86_64:
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-devel-82-6.el6_1.3.i686.rpm
ecryptfs-utils-devel-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-python-82-6.el6_1.3.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/ecryptfs-utils-82-6.el6_1.3.src.rpm

x86_64:
ecryptfs-utils-82-6.el6_1.3.i686.rpm
ecryptfs-utils-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/ecryptfs-utils-82-6.el6_1.3.src.rpm

x86_64:
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-devel-82-6.el6_1.3.i686.rpm
ecryptfs-utils-devel-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-python-82-6.el6_1.3.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/ecryptfs-utils-82-6.el6_1.3.src.rpm

i386:
ecryptfs-utils-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm

ppc64:
ecryptfs-utils-82-6.el6_1.3.ppc.rpm
ecryptfs-utils-82-6.el6_1.3.ppc64.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.ppc.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.ppc64.rpm

s390x:
ecryptfs-utils-82-6.el6_1.3.s390.rpm
ecryptfs-utils-82-6.el6_1.3.s390x.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.s390.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.s390x.rpm

x86_64:
ecryptfs-utils-82-6.el6_1.3.i686.rpm
ecryptfs-utils-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/ecryptfs-utils-82-6.el6_1.3.src.rpm

i386:
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-devel-82-6.el6_1.3.i686.rpm
ecryptfs-utils-python-82-6.el6_1.3.i686.rpm

ppc64:
ecryptfs-utils-debuginfo-82-6.el6_1.3.ppc.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.ppc64.rpm
ecryptfs-utils-devel-82-6.el6_1.3.ppc.rpm
ecryptfs-utils-devel-82-6.el6_1.3.ppc64.rpm
ecryptfs-utils-python-82-6.el6_1.3.ppc64.rpm

s390x:
ecryptfs-utils-debuginfo-82-6.el6_1.3.s390.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.s390x.rpm
ecryptfs-utils-devel-82-6.el6_1.3.s390.rpm
ecryptfs-utils-devel-82-6.el6_1.3.s390x.rpm
ecryptfs-utils-python-82-6.el6_1.3.s390x.rpm

x86_64:
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-devel-82-6.el6_1.3.i686.rpm
ecryptfs-utils-devel-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-python-82-6.el6_1.3.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/ecryptfs-utils-82-6.el6_1.3.src.rpm

i386:
ecryptfs-utils-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm

x86_64:
ecryptfs-utils-82-6.el6_1.3.i686.rpm
ecryptfs-utils-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/ecryptfs-utils-82-6.el6_1.3.src.rpm

i386:
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-devel-82-6.el6_1.3.i686.rpm
ecryptfs-utils-python-82-6.el6_1.3.i686.rpm

x86_64:
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-devel-82-6.el6_1.3.i686.rpm
ecryptfs-utils-devel-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-python-82-6.el6_1.3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-1831.html
https://www.redhat.com/security/data/cve/CVE-2011-1832.html
https://www.redhat.com/security/data/cve/CVE-2011-1834.html
https://www.redhat.com/security/data/cve/CVE-2011-1835.html
https://www.redhat.com/security/data/cve/CVE-2011-1837.html
https://www.redhat.com/security/data/cve/CVE-2011-3145.html
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/support/offerings/techpreview/

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
[RHSA-2011:1240-01] Low: Red Hat Enterprise Linux 4 - 6-Month End Of Life Notice

=====================================================================
Red Hat Security Advisory

Synopsis: Low: Red Hat Enterprise Linux 4 - 6-Month End Of Life Notice
Advisory ID: RHSA-2011:1240-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1240.html
Issue date: 2011-08-31
=====================================================================

1. Summary:

This is the 6-month notification of the End Of Life plans for Red Hat
Enterprise Linux 4.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

In accordance with the Red Hat Enterprise Linux Errata Support Policy, the
regular 7 year life-cycle of Red Hat Enterprise Linux 4 will end on
February 29, 2012.

After this date, Red Hat will discontinue the regular subscription services
for Red Hat Enterprise Linux 4. Therefore, new bug fix, enhancement, and
security errata updates, as well as technical support services will no
longer be available for the following products:

* Red Hat Enterprise Linux AS 4
* Red Hat Enterprise Linux ES 4
* Red Hat Enterprise Linux WS 4
* Red Hat Enterprise Linux Extras 4
* Red Hat Desktop 4
* Red Hat Global File System 4
* Red Hat Cluster Suite 4

Customers still running production workloads on Red Hat Enterprise Linux 4
are advised to begin planning the upgrade to Red Hat Enterprise Linux 5 or
6. Active subscribers of Red Hat Enterprise Linux already have access to
all currently maintained versions of Red Hat Enterprise Linux, as part of
their subscription without additional fees.

For customers who are unable to migrate off Red Hat Enterprise Linux 4
before its end-of-life date, Red Hat intends to offer a limited, optional
extension program. For more information, contact your Red Hat sales
representative or channel partner.

Details of the Red Hat Enterprise Linux life-cycle can be found on the Red
Hat website: https://access.redhat.com/support/policy/updates/errata/

4. Solution:

This advisory contains an updated redhat-release package, that provides a
copy of this end of life notice in the "/usr/share/doc/" directory.

5. Bugs fixed (http://bugzilla.redhat.com/):

732722 - Send Out RHEL 4 6-Month EOL Notice

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/redhat-release-4AS-10.2.src.rpm

i386:
redhat-release-4AS-10.2.i386.rpm

ia64:
redhat-release-4AS-10.2.ia64.rpm

ppc:
redhat-release-4AS-10.2.ppc.rpm

s390:
redhat-release-4AS-10.2.s390.rpm

s390x:
redhat-release-4AS-10.2.s390x.rpm

x86_64:
redhat-release-4AS-10.2.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/redhat-release-4Desktop-10.2.src.rpm

i386:
redhat-release-4Desktop-10.2.i386.rpm

x86_64:
redhat-release-4Desktop-10.2.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/redhat-release-4ES-10.2.src.rpm

i386:
redhat-release-4ES-10.2.i386.rpm

ia64:
redhat-release-4ES-10.2.ia64.rpm

x86_64:
redhat-release-4ES-10.2.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/redhat-release-4WS-10.2.src.rpm

i386:
redhat-release-4WS-10.2.i386.rpm

ia64:
redhat-release-4WS-10.2.ia64.rpm

x86_64:
redhat-release-4WS-10.2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/support/policy/updates/errata/

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
[RHSA-2011:1243-01] Important: thunderbird security update

=====================================================================
Red Hat Security Advisory

Synopsis: Important: thunderbird security update
Advisory ID: RHSA-2011:1243-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1243.html
Issue date: 2011-08-31
=====================================================================

1. Summary:

An updated thunderbird package that fixes one security issue is now
available for Red Hat Enterprise Linux 4, 5, and 6.

The Red Hat Security Response Team has rated this update as having
important security impact.

2. Relevant releases/architectures:

RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

It was found that a Certificate Authority (CA) issued a fraudulent HTTPS
certificate. This update renders any HTTPS certificates signed by that
CA as untrusted, except for a select few. The now untrusted certificates
that were issued before July 1, 2011 can be manually re-enabled and used
again at your own risk in Thunderbird; however, affected certificates
issued after this date cannot be re-enabled or used. (BZ#734316)

All Thunderbird users should upgrade to this updated package, which
resolves this issue. All running instances of Thunderbird must be
restarted for the update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

734316 - Fraudulent certificates signed by DigiNotar CA certificate (MFSA 2011-34)

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/thunderbird-1.5.0.12-42.el4.src.rpm

i386:
thunderbird-1.5.0.12-42.el4.i386.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.i386.rpm

ia64:
thunderbird-1.5.0.12-42.el4.ia64.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.ia64.rpm

ppc:
thunderbird-1.5.0.12-42.el4.ppc.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.ppc.rpm

s390:
thunderbird-1.5.0.12-42.el4.s390.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.s390.rpm

s390x:
thunderbird-1.5.0.12-42.el4.s390x.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.s390x.rpm

x86_64:
thunderbird-1.5.0.12-42.el4.x86_64.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/thunderbird-1.5.0.12-42.el4.src.rpm

i386:
thunderbird-1.5.0.12-42.el4.i386.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.i386.rpm

x86_64:
thunderbird-1.5.0.12-42.el4.x86_64.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/thunderbird-1.5.0.12-42.el4.src.rpm

i386:
thunderbird-1.5.0.12-42.el4.i386.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.i386.rpm

ia64:
thunderbird-1.5.0.12-42.el4.ia64.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.ia64.rpm

x86_64:
thunderbird-1.5.0.12-42.el4.x86_64.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/thunderbird-1.5.0.12-42.el4.src.rpm

i386:
thunderbird-1.5.0.12-42.el4.i386.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.i386.rpm

ia64:
thunderbird-1.5.0.12-42.el4.ia64.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.ia64.rpm

x86_64:
thunderbird-1.5.0.12-42.el4.x86_64.rpm
thunderbird-debuginfo-1.5.0.12-42.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/thunderbird-2.0.0.24-24.el5.src.rpm

i386:
thunderbird-2.0.0.24-24.el5.i386.rpm
thunderbird-debuginfo-2.0.0.24-24.el5.i386.rpm

x86_64:
thunderbird-2.0.0.24-24.el5.x86_64.rpm
thunderbird-debuginfo-2.0.0.24-24.el5.x86_64.rpm

RHEL Optional Productivity Applications (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/thunderbird-2.0.0.24-24.el5.src.rpm

i386:
thunderbird-2.0.0.24-24.el5.i386.rpm
thunderbird-debuginfo-2.0.0.24-24.el5.i386.rpm

x86_64:
thunderbird-2.0.0.24-24.el5.x86_64.rpm
thunderbird-debuginfo-2.0.0.24-24.el5.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/thunderbird-3.1.12-2.el6_1.src.rpm

i386:
thunderbird-3.1.12-2.el6_1.i686.rpm
thunderbird-debuginfo-3.1.12-2.el6_1.i686.rpm

x86_64:
thunderbird-3.1.12-2.el6_1.x86_64.rpm
thunderbird-debuginfo-3.1.12-2.el6_1.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/thunderbird-3.1.12-2.el6_1.src.rpm

i386:
thunderbird-3.1.12-2.el6_1.i686.rpm
thunderbird-debuginfo-3.1.12-2.el6_1.i686.rpm

ppc64:
thunderbird-3.1.12-2.el6_1.ppc64.rpm
thunderbird-debuginfo-3.1.12-2.el6_1.ppc64.rpm

s390x:
thunderbird-3.1.12-2.el6_1.s390x.rpm
thunderbird-debuginfo-3.1.12-2.el6_1.s390x.rpm

x86_64:
thunderbird-3.1.12-2.el6_1.x86_64.rpm
thunderbird-debuginfo-3.1.12-2.el6_1.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/thunderbird-3.1.12-2.el6_1.src.rpm

i386:
thunderbird-3.1.12-2.el6_1.i686.rpm
thunderbird-debuginfo-3.1.12-2.el6_1.i686.rpm

x86_64:
thunderbird-3.1.12-2.el6_1.x86_64.rpm
thunderbird-debuginfo-3.1.12-2.el6_1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
[RHSA-2011:1239-01] Low: Red Hat Enterprise Linux Extended Update Support 4.7 - End Of Life

=====================================================================
Red Hat Security Advisory

Synopsis: Low: Red Hat Enterprise Linux Extended Update Support 4.7 - End Of Life
Advisory ID: RHSA-2011:1239-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1239.html
Issue date: 2011-08-31
=====================================================================

1. Summary:

This is the End of Life notification for Red Hat Enterprise Linux Extended
Update Support Add-On (EUS) 4.7.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4.7.z - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 4.7.z - i386, ia64, x86_64

3. Description:

In accordance with the Red Hat Enterprise Linux Errata Support Policy, the
Extended Update Support for Red Hat Enterprise Linux 4 Update 7 has ended.

Note: This does not impact you unless you are subscribed to the Extended
Update Support (EUS) channel for Red Hat Enterprise Linux 4.7.

Details of the Red Hat Enterprise Linux life-cycle can be found on the Red
Hat website: https://access.redhat.com/support/policy/updates/errata/

4. Solution:

This advisory contains an updated redhat-release package that provides a
copy of this end of life notice in the "/usr/share/doc/" directory.

5. Package List:

Red Hat Enterprise Linux AS version 4.7.z:

Source:
redhat-release-4AS-8.0.el4_7.4.src.rpm

i386:
redhat-release-4AS-8.0.el4_7.4.i386.rpm
redhat-release-debuginfo-4AS-8.0.el4_7.4.i386.rpm

ia64:
redhat-release-4AS-8.0.el4_7.4.ia64.rpm
redhat-release-debuginfo-4AS-8.0.el4_7.4.ia64.rpm

ppc:
redhat-release-4AS-8.0.el4_7.4.ppc.rpm
redhat-release-debuginfo-4AS-8.0.el4_7.4.ppc.rpm

s390:
redhat-release-4AS-8.0.el4_7.4.s390.rpm
redhat-release-debuginfo-4AS-8.0.el4_7.4.s390.rpm

s390x:
redhat-release-4AS-8.0.el4_7.4.s390x.rpm
redhat-release-debuginfo-4AS-8.0.el4_7.4.s390x.rpm

x86_64:
redhat-release-4AS-8.0.el4_7.4.x86_64.rpm
redhat-release-debuginfo-4AS-8.0.el4_7.4.x86_64.rpm

Red Hat Enterprise Linux ES version 4.7.z:

Source:
redhat-release-4ES-8.0.el4_7.4.src.rpm

i386:
redhat-release-4ES-8.0.el4_7.4.i386.rpm
redhat-release-debuginfo-4ES-8.0.el4_7.4.i386.rpm

ia64:
redhat-release-4ES-8.0.el4_7.4.ia64.rpm
redhat-release-debuginfo-4ES-8.0.el4_7.4.ia64.rpm

x86_64:
redhat-release-4ES-8.0.el4_7.4.x86_64.rpm
redhat-release-debuginfo-4ES-8.0.el4_7.4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

6. References:

https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/support/policy/updates/errata/

7. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.