Linux Compatible - Red Hat (Page 10)

RHSA-2004:429-01: Netscape 4.8 contains security flaws

Red Hat 9442 Published 2004-08-18 16:37 by Philipp Esselbach 0

The Netscape 4.8 package in Red Hat Enterprise Linux 2.1 contain security flaws and should not be used.

---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Netscape 4.8 contains security flaws
Advisory ID: RHSA-2004:429-01
Issue date: 2004-08-18
Updated on: 2004-08-18
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0597 CAN-2004-0598 CAN-2004-0599
----------------------------------------------------------------------

1. Summary:

Netscape Navigator and Netscape Communicator 4.8 as distributed with Red Hat Enterprise Linux 2.1 contain security flaws and should not be used.

2. Problem description:

Netscape Navigator and Netscape Communicator have been removed from the Red Hat Enterprise Linux 2.1 CD-ROM distribution as part of Update 5. These packages were based on Netscape 4.8, which is known to be vulnerable to recent critical security issues, such as CAN-2004-0597, CAN-2004-0598, and CAN-2004-0599.

RHSA-2004:344-01: Updated semi packages fix flim vulnerability

Red Hat 9442 Published 2004-08-18 16:35 by Philipp Esselbach 0

Updated semi packages are available for Red Hat Enterprise Linux 2.1

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated semi packages fix flim vulnerability
Advisory ID: RHSA-2004:344-01
Issue date: 2004-08-18
Updated on: 2004-08-18
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0422
----------------------------------------------------------------------

1. Summary:

Updated semi packages that fix vulnerabilities in flim temporary file handling are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - noarch
Red Hat Linux Advanced Workstation 2.1 - noarch
Red Hat Enterprise Linux ES version 2.1 - noarch
Red Hat Enterprise Linux WS version 2.1 - noarch

3. Problem description:

The semi package includes a MIME library for GNU Emacs and XEmacs used by the wl mail package.

Tatsuya Kinoshita discovered a vulnerability in flim, an emacs library for working with Internet messages included in the semi package. Temporary files were being created without taking adequate precautions, and therefore a local user could potentially overwrite files with the privileges of the user running emacs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0422 to this issue.

Users of semi are advised to upgrade to these packages, which contain a backported patch fixing this issue.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):

124396 - CAN-2004-0422 flim temporary file vulnerability affects semi packages

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/semi-1.14.3-8.72.EL.1.src.rpm
dfcfc66f790902402b72eedd3a806284 semi-1.14.3-8.72.EL.1.src.rpm

noarch:
23c1b96f8d9fc3d3aefa21812adbd5a1 semi-1.14.3-8.72.EL.1.noarch.rpm
2e5dc06d5aadf594ae7222706e230e0e semi-xemacs-1.14.3-8.72.EL.1.noarch.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/semi-1.14.3-8.72.EL.1.src.rpm
dfcfc66f790902402b72eedd3a806284 semi-1.14.3-8.72.EL.1.src.rpm

noarch:
23c1b96f8d9fc3d3aefa21812adbd5a1 semi-1.14.3-8.72.EL.1.noarch.rpm
2e5dc06d5aadf594ae7222706e230e0e semi-xemacs-1.14.3-8.72.EL.1.noarch.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/semi-1.14.3-8.72.EL.1.src.rpm
dfcfc66f790902402b72eedd3a806284 semi-1.14.3-8.72.EL.1.src.rpm

noarch:
23c1b96f8d9fc3d3aefa21812adbd5a1 semi-1.14.3-8.72.EL.1.noarch.rpm
2e5dc06d5aadf594ae7222706e230e0e semi-xemacs-1.14.3-8.72.EL.1.noarch.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/semi-1.14.3-8.72.EL.1.src.rpm
dfcfc66f790902402b72eedd3a806284 semi-1.14.3-8.72.EL.1.src.rpm

noarch:
23c1b96f8d9fc3d3aefa21812adbd5a1 semi-1.14.3-8.72.EL.1.noarch.rpm
2e5dc06d5aadf594ae7222706e230e0e semi-xemacs-1.14.3-8.72.EL.1.noarch.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key.html#package

7. References:

http://www.debian.org/security/2004/dsa-500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0422

8. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://www.redhat.com/security/team/contact.html

Copyright 2004 Red Hat, Inc.

RHSA-2004:327-01: Updated Itanium kernel packages resolve security issues

Red Hat 9442 Published 2004-08-18 16:34 by Philipp Esselbach 0

Updated Itanium kernel packages are available for Red Hat Enterprise Linux 2.1

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated Itanium kernel packages resolve security issues
Advisory ID: RHSA-2004:327-01
Issue date: 2004-08-18
Updated on: 2004-08-18
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0415 CAN-2004-0427 CAN-2004-0495 CAN-2004-0497 CAN-2004-0535 CAN-2004-0587
----------------------------------------------------------------------

1. Summary:

Updated Itanium kernel packages that fix a number of security issues are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - ia64
Red Hat Linux Advanced Workstation 2.1 - ia64

RHSA-2004:304-01: Updated pam packages

Red Hat 9442 Published 2004-08-18 16:30 by Philipp Esselbach 0

Updated pam packages are available for Red Hat Enterprise Linux 2.1

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated pam packages
Advisory ID: RHSA-2004:304-01
Issue date: 2004-08-18
Updated on: 2004-08-18
Product: Red Hat Enterprise Linux
Keywords: pam pam_wheel pam_lastlog
CVE Names: CAN-2003-0388
- ---------------------------------------------------------------------

1. Summary:

Updated pam packages that fix a security vulnerability are now available for Red Hat Enterprise Linux 2.1.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386

RHSA-2004:378-01: Updated Ethereal packages fix security issues

Red Hat 9442 Published 2004-08-05 16:18 by Philipp Esselbach 0

Updated Ethereal packages has been released for Red Hat Enterprise Linux

---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated Ethereal packages fix security issues
Advisory ID: RHSA-2004:378-01
Issue date: 2004-08-05
Updated on: 2004-08-05
Product: Red Hat Enterprise Linux
Obsoletes: RHSA-2004:234
CVE Names: CAN-2004-0633 CAN-2004-0634 CAN-2004-0635
----------------------------------------------------------------------

1. Summary:

Updated Ethereal packages that fix various security vulnerabilities are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

RHSA-2004:421-01: Updated mozilla packages fix security issues

Red Hat 9442 Published 2004-08-04 19:31 by Philipp Esselbach 0

Updated Mozilla packages has been released for Red Hat Enterprise Linux

---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated mozilla packages fix security issues
Advisory ID: RHSA-2004:421-01
Issue date: 2004-08-04
Updated on: 2004-08-04
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0597 CAN-2004-0599 CAN-2004-0718 CAN-2004-0722 CAN-2004-0757 CAN-2004-0758 CAN-2004-0759 CAN-2004-0760 CAN-2004-0761 CAN-2004-0762 CAN-2004-0763 CAN-2004-0764 CAN-2004-0765
----------------------------------------------------------------------

1. Summary:

Updated mozilla packages based on version 1.4.3 that fix a number of security issues for Red Hat Enterprise Linux are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

RHSA-2004:383-01: Updated glibc packages fix flaws

Red Hat 9442 Published 2004-08-04 19:29 by Philipp Esselbach 0

Red Hat has released updated glibc packages for Red Hat Enterprise Linux 2.1

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated glibc packages fix flaws
Advisory ID: RHSA-2004:383-01
Issue date: 2004-08-04
Updated on: 2004-08-04
Product: Red Hat Enterprise Linux
Keywords: glibc libdl ld.so dlclose umount
CVE Names: CAN-2002-0029
----------------------------------------------------------------------

1. Summary:

Updated glibc packages that fix a security flaw in the resolver as well as dlclose handling are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, i686, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386, i686
Red Hat Enterprise Linux WS version 2.1 - i386, i686

RHSA-2004:373-01: GNOME VFS updates address extfs vulnerability

Red Hat 9442 Published 2004-08-04 11:25 by Philipp Esselbach 0

Updated GNOME VFS packages has been released for Red Hat Enterprise Linux

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: GNOME VFS updates address extfs vulnerability
Advisory ID: RHSA-2004:373-01
Issue date: 2004-08-04
Updated on: 2004-08-04
Product: Red Hat Enterprise Linux
Keywords: gnome-vfs gnome-vfs2 extfs
CVE Names: CAN-2004-0494
----------------------------------------------------------------------

1. Summary:

Updated GNOME VFS packages that remove potential extfs-related vulnerabilities are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

RHSA-2004:402-01: Updated libpng packages fix security issues

Red Hat 9442 Published 2004-08-04 11:23 by Philipp Esselbach 0

Updated libpng packages has been released for Red Hat Enterprise Linux

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated libpng packages fix security issues
Advisory ID: RHSA-2004:402-01
Issue date: 2004-08-04
Updated on: 2004-08-04
Product: Red Hat Enterprise Linux
Obsoletes: RHSA-2004:249
CVE Names: CAN-2002-1363 CAN-2004-0597 CAN-2004-0598 CAN-2004-0599
----------------------------------------------------------------------

1. Summary:

Updated libpng packages that fix several issues are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

RHSA-2004:413-01: Updated kernel packages fix security vulnerabilities

Red Hat 9442 Published 2004-08-03 20:40 by Philipp Esselbach 0

Updated kernel packages has been released for Red Hat Enterprise Linux 3

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated kernel packages fix security vulnerabilities
Advisory ID: RHSA-2004:413-01
Issue date: 2004-08-03
Updated on: 2004-08-03
Product: Red Hat Enterprise Linux
Keywords: taroon kernel security errata
Obsoletes: RHSA-2004:360
CVE Names: CAN-2004-0178 CAN-2004-0415 CAN-2004-0447 CAN-2004-0535 CAN-2004-0587
----------------------------------------------------------------------

1. Summary:

Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 3 are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - athlon, i386, i686, ia32e, ia64, ppc64, ppc64iseries, ppc64pseries, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 3 - athlon, i386, i686, ia32e, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - athlon, i386, i686, ia32e, ia64, x86_64

RHSA-2004:418-01: Updated kernel packages fix security issues

Red Hat 9442 Published 2004-08-03 20:38 by Philipp Esselbach 0

Updated kernel packages has been released for Red Hat Enterprise Linux 2.1

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated kernel packages fix security issues
Advisory ID: RHSA-2004:418-01
Issue date: 2004-08-03
Updated on: 2004-08-03
Product: Red Hat Enterprise Linux
Obsoletes: RHSA-2004:354
CVE Names: CAN-2004-0415 CAN-2004-0535 CAN-2004-0587
----------------------------------------------------------------------

1. Summary:

Updated kernel packages that fix potential information leaks and a incorrect driver permission for Red Hat Enterprise Linux 2.1 are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - athlon, i386, i686
Red Hat Enterprise Linux ES version 2.1 - athlon, i386, i686
Red Hat Enterprise Linux WS version 2.1 - athlon, i386, i686

Red Hat chief calls for idealism, reform, sharing

Red Hat 9442 Published 2004-08-03 16:30 by Philipp Esselbach 0

What's wrong with the United States? It's too much like the New York Yankees, says CEO Matthew Szulik.

Read more

RHSA-2004:308-01: Updated ipsec-tools package

Red Hat 9442 Published 2004-07-29 17:39 by Philipp Esselbach 0

Updated ipsec-tools packages has been released for Red Hat Enterprise Linux 3

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated ipsec-tools package
Advisory ID: RHSA-2004:308-01
Issue date: 2004-07-29
Updated on: 2004-07-29
Product: Red Hat Enterprise Linux
Keywords: IKE racoon X.509
Obsoletes: RHSA-2004:165
CVE Names: CAN-2004-0607
----------------------------------------------------------------------

1. Summary:

An updated ipsec-tools package that fixes verification of X.509 certificates in racoon is now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

RHSA-2004:409-01: Updated sox packages fix buffer overflows

Red Hat 9442 Published 2004-07-29 17:37 by Philipp Esselbach 0

Updated sox packages has been released for Red Hat Enterprise Linux 3

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated sox packages fix buffer overflows
Advisory ID: RHSA-2004:409-01
Issue date: 2004-07-29
Updated on: 2004-07-29
Product: Red Hat Enterprise Linux
Keywords: sox wav
CVE Names: CAN-2004-0557
----------------------------------------------------------------------

1. Summary:

Updated sox packages that fix buffer overflows in the WAV file handling code are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

Red Hat to launch Java app server Monday

Red Hat 9442 Published 2004-07-29 13:01 by Philipp Esselbach 0

Red Hat Inc. plans to release its first Java application server at the LinuxWorld conference in San Francisco on Monday, broadening its business beyond the Linux open source operating system, industry sources said.

Read more

Red Hat Execs Talk on Profiting from 'Free Software'

Red Hat 9442 Published 2004-07-29 05:24 by Philipp Esselbach 0

They delve into the company's revised business model, touting incremental improvement to programs and a "certify, repair and maintain" message for customers.

Read more

Red Hat Exec: Linux Desktops Must Stand Out to Thrive

Red Hat 9442 Published 2004-07-28 17:45 by Philipp Esselbach 0

To persuade Windows users to make the switch, Linux desktops need to "provide something different and more useful," says the company's technical lead for desktop engineering.

Read more

Red Hat adds module to ease use of Microsoft Exchange with Linux

Red Hat 9442 Published 2004-07-26 07:37 by Philipp Esselbach 0

Red Hat has included the open-source Connector for Exchange in its latest quarterly beta update of its Red Hat Enterprise Linux operating system.

Read more

RHSA-2004:404-01: Updated samba packages fix vulnerability

Red Hat 9442 Published 2004-07-26 05:54 by Philipp Esselbach 0

Updated samba packages are available for Red Hat Enterprise Linux 2.1

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated samba packages fix vulnerability
Advisory ID: RHSA-2004:404-01
Issue date: 2004-07-26
Updated on: 2004-07-26
Product: Red Hat Enterprise Linux
Keywords: smb
CVE Names: CAN-2004-0686
----------------------------------------------------------------------

1. Summary:

Updated samba packages that fix a buffer overflow issue are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386

Red Hat adopts Novell e-mail software

Red Hat 9442 Published 2004-07-23 06:35 by Philipp Esselbach 0

Upcoming update to Linux seller's enterprise offering includes mail program, more server support and security enhancements.

Read more