An updated xpdf package is available for Red Hat Enterprise Linux 2.1 and 3
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated xpdf package fixes security flaws
Advisory ID: RHSA-2004:592-01
Issue date: 2004-10-27
Updated on: 2004-10-27
Product: Red Hat Enterprise Linux
Obsoletes: RHSA-2004:197
CVE Names: CAN-2004-0888
----------------------------------------------------------------------
1. Summary:
An updated xpdf package that fixes a number of integer overflow security flaws is now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
An updated xchat package is available for Red Hat Enterprise Linux 2.1 and 3
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated xchat package fixes SOCKSv5 proxy security issue
Advisory ID: RHSA-2004:585-01
Issue date: 2004-10-27
Updated on: 2004-10-27
Product: Red Hat Enterprise Linux
Keywords: X-Chat
CVE Names: CAN-2004-0409
----------------------------------------------------------------------
1. Summary:
An updated xchat package that fixes a stack buffer overflow in the SOCKSv5 proxy code.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
An updated mysql-server package is available for Red Hat Enterprise Linux 3
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated mysql-server package
Advisory ID: RHSA-2004:611-01
Issue date: 2004-10-27
Updated on: 2004-10-27
Product: Red Hat Enterprise Linux LACD
Cross references: RHSA-2004:569
CVE Names: CAN-2004-0835 CAN-2004-0836 CAN-2004-0837 CAN-2004-0957
----------------------------------------------------------------------
1. Summary:
An updated mysql-server package that fixes various security issues is now available in the Red Hat Enterprise Linux 3 Extras channel of Red Hat Network.
2. Relevant releases/architectures:
Red Hat Enterprise Linux LACD 3AS - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux LACD 3Desktop - i386, x86_64
Red Hat Enterprise Linux LACD 3ES - i386, ia64, x86_64
Red Hat Enterprise Linux LACD 3WS - i386, ia64, x86_64
Updated glibc packages are available for Red Hat Linux 7.3
-----------------------------------------------------------------------
Fedora Legacy Update Advisory
Synopsis: Updated glibc packages fix flaws
Advisory ID: FLSA:1947
Issue date: 2004-10-23
Product: Red Hat Linux
Keywords: Bugfix
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=1947
CVE Names: CAN-2002-0029
-----------------------------------------------------------------------
-----------------------------------------------------------------------
1. Topic:
Updated glibc packages that fix a security flaw in the resolver as well as dlclose handling are now available.
The GNU libc packages (known as glibc) contain the standard C libraries used by applications.
2. Relevant releases/architectures:
Red Hat Linux 7.3 - i386
Updated Tripware packages are available for Red Hat Linux 7.3 and 9
-----------------------------------------------------------------------
Fedora Legacy Update Advisory
Synopsis: Updated Tripwire packages fix security flaw
Advisory ID: FLSA:1719
Issue date: 2004-10-23
Product: Red Hat Linux
Keywords: Security
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=1719
CVE Names: CAN-2004-0536
-----------------------------------------------------------------------
-----------------------------------------------------------------------
1. Topic:
Updated Tripwire packages that fix a format string security vulnerability are now available.
2. Relevant releases/architectures:
Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Private data-mining software maker scoops up Kevin Thomson, who resigned from Linux maker in July.
Read more
Updated libtiff packages are available for Red Hat Enterprise Linux 2.1 and 3
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated libtiff packages
Advisory ID: RHSA-2004:577-01
Issue date: 2004-10-22
Updated on: 2004-10-22
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0803 CAN-2004-0886 CAN-2004-0804
----------------------------------------------------------------------
1. Summary:
Updated libtiff packages that fix various buffer and integer overflows are now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Updated cups packages are available for Red Hat Enterprise Linux 3
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated CUPS packages fix security issues
Advisory ID: RHSA-2004:543-01
Issue date: 2004-10-22
Updated on: 2004-10-22
Product: Red Hat Enterprise Linux
Obsoletes: RHSA-2004:449
CVE Names: CAN-2004-0888 CAN-2004-0923
----------------------------------------------------------------------
1. Summary:
Updated cups packages that fix denial of service issues, a security information leak, as well as other various bugs are now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Updated gaim packages are available for Red Hat Enterprise Linux 3
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated gaim package fixes security issues and bugs
Advisory ID: RHSA-2004:604-01
Issue date: 2004-10-20
Updated on: 2004-10-20
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0891
----------------------------------------------------------------------
1. Summary:
An updated gaim package that fixes security issues, fixes various bugs, and includes various enhancements for Red Hat Enterprise Linux 3 is now avaliable.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Updated mysql packages are available for Red Hat Enterprise Linux 2.1
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated mysql packages fix security issues and bugs
Advisory ID: RHSA-2004:597-01
Issue date: 2004-10-20
Updated on: 2004-10-20
Product: Red Hat Enterprise Linux
Obsoletes: RHSA-2003:282
CVE Names: CAN-2004-0381 CAN-2004-0388 CAN-2004-0457 CAN-2004-0835 CAN-2004-0836 CAN-2004-0837 CAN-2004-0957
----------------------------------------------------------------------
1. Summary:
Updated mysql packages that fix various security issues, as well as a number of bugs, are now available for Red Hat Enterprise Linux 2.1.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Updated squid packages are available for Red Hat Enterprise Linux 2.1 and 3
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated squid package fixes vulnerability
Advisory ID: RHSA-2004:591-01
Issue date: 2004-10-20
Updated on: 2004-10-20
Product: Red Hat Enterprise Linux
Obsoletes: RHSA-2004:462
CVE Names: CAN-2004-0918
----------------------------------------------------------------------
1. Summary:
An updated squid package that fixes a remote denial of service vulnerability is now avaliable.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Updated mysql packages are available for Red Hat Enterprise Linux 3
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated mysql packages fix minor security issues and bugs
Advisory ID: RHSA-2004:569-01
Issue date: 2004-10-20
Updated on: 2004-10-20
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0381 CAN-2004-0388 CAN-2004-0457
----------------------------------------------------------------------
1. Summary:
Updated mysql packages that fix various temporary file security issues, as well as a number of bugs, are now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Updated ImageMagick packages are available for Red Hat Enterprise Linux 2.1
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated ImageMagick packages fix security vulnerabilities
Advisory ID: RHSA-2004:494-01
Issue date: 2004-10-20
Updated on: 2004-10-20
Product: Red Hat Enterprise Linux
CVE Names: CAN-2003-0455 CAN-2004-0827
----------------------------------------------------------------------
1. Summary:
Updated ImageMagick packages that fix various security vulnerabilities are now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Updated ImageMagick packages are available for Red Hat Enterprise Linux 3
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated ImageMagick packages fix security vulnerability
Advisory ID: RHSA-2004:480-01
Issue date: 2004-10-20
Updated on: 2004-10-20
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0827
- ---------------------------------------------------------------------
1. Summary:
Updated ImageMagick packages that fix a BMP loader vulnerability are now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Java engineer Karen Tegan-Padir resigns to head up Red Hat's bid to get the open-source operating system on desktop systems.
Read more
The biggest challenge for the open source community is that there are too few open source developers, according to Michael Tiemann, vice president of Open Source Affairs at Red Hat Inc.
Read more
An updated kernel has been released for Red Hat Linux 7.3 and 9
-----------------------------------------------------------------------
Fedora Legacy Update Advisory
Synopsis: Updated kernel resolves security vulnerabilities
Advisory ID: FLSA:1804
Issue date: 2004-10-18
Product: Red Hat Linux
Keywords: Security
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=1804
CVE Names: CAN-2004-0619, CAN-2004-0497, CAN-2004-0587,
CAN-2004-0658, CAN-2004-0415, CAN-2004-0427,
CAN-2004-0495, CAN-2004-0535, CAN-2004-0554,
CAN-2004-0228, CAN-2004-0178, CAN-2004-0181,
CAN-2004-0394, CAN-2004-0003, CAN-2004-0109,
CAN-2004-0133
-----------------------------------------------------------------------
---------------------------------------------------------------------
1. Topic:
Updated kernel packages that fix security vulnerabilities which may allow local users to gain root privileges are now available. These packages also resolve other minor issues.
2. Relevent releases/architectures:
Red Hat Linux 7.3 - i386, i586, i686, athlon
Red Hat Linux 9 - i386, i586, i686, athlon
Updated gaim packages are available for Red Hat Linux 7.3 and 9
-----------------------------------------------------------------------
Fedora Legacy Update Advisory
Synopsis: Updated gaim package resolves security issues
Advisory ID: FLSA:1237
Issue date: 2004-10-16
Product: Red Hat Linux
Keywords: Bugfix
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=1237
CVE Names: CAN-2004-0006 CAN-2004-0007 CAN-2004-0008
CAN-2004-0500 CAN-2004-0754 CAN-2004-0784
CAN-2004-0785
-----------------------------------------------------------------------
-----------------------------------------------------------------------
1. Topic:
An updated gaim package that fixes several security issues is now available.
2. Relevant releases/architectures:
Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Updated CUPS packages are available for Red Hat Linux 9 and Fedora Core 1
-----------------------------------------------------------------------
Fedora Legacy Update Advisory
Synopsis: Updated CUPS packages fix security vulnerability
Advisory ID: FLSA:2072
Issue date: 2004-10-16
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=2072
CVE Names: CAN-2004-0558
-----------------------------------------------------------------------
-----------------------------------------------------------------------
1. Topic:
Updated cups packages that fix a denial of service vulnerability are now available.
The Common UNIX Printing System (CUPS) is a print spooler.
2. Relevant releases/architectures:
Red Hat Linux 9 - i386
Fedora Core 1 - i386
An updated Samba package has been released for Red Hat Linux 7.3 and 9
-----------------------------------------------------------------------
Fedora Legacy Update Advisory
Synopsis: Updated samba resolves security vulnerabilities
Advisory ID: FLSA:2102
Issue date: 2004-10-14
Product: Red Hat Linux
Keywords: Security
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=2102
CVE Names: CAN-2004-0686, CAN-2004-0815
-----------------------------------------------------------------------
-----------------------------------------------------------------------
1. Topic:
[Updated 14th October to correct broken packages and document further fixes]
Updated samba packages that fix an input validation vulnerability are now available.
Samba provides file and printer sharing services to SMB/CIFS clients.
2. Relevant releases/architectures:
Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
