Linux Compatible - Red Hat (Page 6)

FLSA-2004:1268: Updated libtool resolves security vulnerability

Red Hat 9313 Published 2004-05-19 03:49 by Philipp Esselbach 0

An updated libtool package has been released for Red Hat Linux 7.2 - 8.0

------------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated libtool resolves security vulnerability
Advisory ID: FLSA:1268
Issue date: 2004-05-18
Product: Red Hat Linux
Keywords: Security
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=1268
------------------------------------------------------------------------

----------------------------------------------------------------------
1. Topic:

Updated libtool packages that fix local tmp vulnerabilities are now available.

2. Relevent releases/architectures:

Red Hat Linux 7.2 - i386
Red Hat Linux 7.3 - i386
Red Hat Linux 8.0 - i386

Red Hat adds legal firepower

Red Hat 9313 Published 2004-05-18 04:12 by Philipp Esselbach 0

The Linux seller taps the former associate general counsel of IBM to be its top lawyer as its legal attack against SCO heats up.

Read more

RHSA-2004:222-01: Updated kdelibs packages resolve URI security issues

Red Hat 9313 Published 2004-05-18 03:35 by Philipp Esselbach 0

Updated kdelibs packages are available for Red Hat Enterprise Linux

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated kdelibs packages resolve URI security issues
Advisory ID: RHSA-2004:222-01
Issue date: 2004-05-17
Updated on: 2004-05-17
Product: Red Hat Enterprise Linux
Keywords:
Cross references:
Obsoletes: RHSA-2004:074
CVE Names: CAN-2004-0411
----------------------------------------------------------------------

1. Topic:

Updated kdelibs packages that fix telnet URI handler and mailto URI handler file vulnerabilities are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

Red Hat updating both Linux versions

Red Hat 9313 Published 2004-05-14 15:34 by Philipp Esselbach 0

The update for the company's Enterprise Linux product was released Wednesday, with added support for x86 chips and IBM JS20 blade servers. Up next, the new release of the cutting edge Fedora.

Read more

DSA 503-1: New mah-jong packages fix denial of service

Red Hat 9313 Published 2004-05-14 03:09 by Philipp Esselbach 0

An updated mah-jong package has been released for Debian GNU/Linux

---------------------------------------------------------------------------
Debian Security Advisory DSA 503-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
May 13th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------

Package : mah-jong
Vulnerability : missing argument check
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0458

A problem has been discovered in mah-jong, a variant of the original Mah-Jong game, that can be utilised to crash the game server after dereferencing a NULL pointer. This bug be exploited by any client that connects to the mah-jong server.

For the stable distribution (woody) this problem has been fixed in version 1.4-3.

For the unstable distribution (sid) this problem has been fixed in version 1.6.2-1.

We recommend that you upgrade your mah-jong package.

RHSA-2004:165-01: Updated ipsec-tools package

Red Hat 9313 Published 2004-05-12 04:59 by Philipp Esselbach 0

An updated ipsec-tools package is available for Red Hat Enterprise Linux 3

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated ipsec-tools package fixes vulnerabilities in ISAKMP daemon
Advisory ID: RHSA-2004:165-01
Issue date: 2004-05-11
Updated on: 2004-05-11
Product: Red Hat Enterprise Linux
Keywords: SA x509
Cross references:
Obsoletes:
CVE Names: CAN-2004-0155 CAN-2004-0164 CAN-2004-0403
----------------------------------------------------------------------

1. Topic:

An updated ipsec-tools package that fixes vulnerabilities in racoon (the ISAKMP daemon) is now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 3 - i386
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

RHSA-2004:188-01: Updated kernel packages available

Red Hat 9313 Published 2004-05-12 04:57 by Philipp Esselbach 0

Updated kernel packages are available for Red Hat Enterprise Linux 3 Update 2

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated kernel packages available for Red Hat Enterprise Linux 3 Update 2
Advisory ID: RHSA-2004:188-01
Issue date: 2004-05-11
Updated on: 2004-05-11
Product: Red Hat Enterprise Linux
Keywords: taroon kernel update
Cross references:
Obsoletes: RHSA-2004:017 RHSA-2004:183
CVE Names: CAN-2003-0461 CAN-2003-0465 CAN-2003-0984 CAN-2004-0003 CAN-2004-0010
----------------------------------------------------------------------

1. Topic:

Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the second regular update.

FLSA-2004:1395: Updated OpenSSL resolves security vulnerability

Red Hat 9313 Published 2004-05-08 15:05 by Philipp Esselbach 0

Updated OpenSSL packages has been released for Red Hat Linux 7.2 - 8.0

------------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated OpenSSL resolves security vulnerability
Advisory ID: FLSA:1395
Issue date: 2004-05-08
Product: Red Hat Linux
Keywords: Security
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=1395
CVE Names: CAN-2003-0851 CAN-2004-0081
------------------------------------------------------------------------

----------------------------------------------------------------------
1. Topic:

Updated OpenSSL packages that fix remote denial of service vulnerabilities are now available.

2. Relevent releases/architectures:

Red Hat Linux 7.2 - i386 i686
Red Hat Linux 7.3 - i386 i686
Red Hat Linux 8.0 - i386 i686

3. Problem description:

OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a bug in older versions of OpenSSL 0.9.6 prior to 0.9.6d that can lead to a denial of service attack (infinite loop). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0081 to this issue.

Testing performed by Novell using a test suite provided by NISCC uncovered an issue in the ASN.1 parser in versions of OpenSSL 0.9.6 prior to 0.9.6l which could cause large recursion and possibly lead to a denial of service attack if used where stack space is limited. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0851 to this issue.

These updated packages contain patches provided by the OpenSSL group that protect against these issues.

NOTE: Because server applications are affected by this issue, users are advised to either restart all services using OpenSSL functionality or restart their system after installing these updated packages.

Fedora Legacy would like to thank Michal Jaegermann for bringing this issue to our attention.

Red Hat dons new desktop Linux

Red Hat 9313 Published 2004-05-08 04:48 by Philipp Esselbach 0

Red Hat unveiled a new version of the Linux operating system designed for the corporate desktop.

Read more

Red Hat aims desktop Linux at Microsoft

Red Hat 9313 Published 2004-05-04 10:12 by Philipp Esselbach 0

Opening a new chapter in its 10-year history and a new front in its war against Microsoft, the leading Linux seller plans to announce its first version of the open-source OS for the desktop.

Read more

IBM cuts Red Hat Linux price for Power servers

Red Hat 9313 Published 2004-04-30 05:53 by Philipp Esselbach 0

While Red Hat's list prices remain unchanged, IBM says new pricing lets it sell the operating system for Big Blue customers for $700-$1,000 less.

Read more

Red Hat gains security certification

Red Hat 9313 Published 2004-04-29 17:26 by Philipp Esselbach 0

The company's newest version of Linux has been granted a significant security certification, bringing the company a step closer to competitors.

Read more

RHSA-2004:183-01: Updated kernel packages fix security vulnerabilities

Red Hat 9313 Published 2004-04-22 18:30 by Philipp Esselbach 0

An kernel update has been released for Red Hat Enterprise Linux 3

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated kernel packages fix security vulnerabilities
Advisory ID: RHSA-2004:183-01
Issue date: 2004-04-22
Updated on: 2004-04-22
Product: Red Hat Enterprise Linux
Keywords:
Cross references:
Obsoletes: RHSA-2004:066
CVE Names: CAN-2004-0109 CAN-2004-0424
----------------------------------------------------------------------

1. Topic:

Updated kernel packages that fix two privilege escalation vulnerabilities are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - athlon, i386, i686, ia64, ppc64, ppc64iseries, ppc64pseries, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 3 - athlon, i386, i686
Red Hat Enterprise Linux WS version 3 - athlon, i386, i686, ia64, x86_64

RHSA-2004:152-01: Updated XFree86 packages fix minor security issue

Red Hat 9313 Published 2004-04-22 11:56 by Philipp Esselbach 0

Updated XFree86 packages has been released for Red Hat Enterprise Linux

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated XFree86 packages fix minor security issue
Advisory ID: RHSA-2004:152-01
Issue date: 2004-04-21
Updated on: 2004-04-21
Product: Red Hat Enterprise Linux
Keywords: DoS
Cross references:
Obsoletes: RHSA-2004:060
CVE Names: CAN-2004-0093 CAN-2004-0094
----------------------------------------------------------------------

1. Topic:

Updated XFree86 packages that fix a minor denial of service vulnerability are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386

RHSA-2004:106-01: Updated IA64 kernel packages resolve security vulnerabilities

Red Hat 9313 Published 2004-04-22 11:53 by Philipp Esselbach 0

Updated IA64 kernel packages has been released for Red Hat Enterprise Linux

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated IA64 kernel packages resolve security vulnerabilities
Advisory ID: RHSA-2004:106-01
Issue date: 2004-04-21
Updated on: 2004-04-21
Product: Red Hat Enterprise Linux
Keywords:
Cross references:
Obsoletes: RHSA-2003:368
CVE Names: CAN-2002-1574 CAN-2004-0003 CAN-2004-0010 CAN-2004-0077 CAN-2004-0109
----------------------------------------------------------------------

1. Topic:

Updated IA64 kernel packages are now available that fix a security vulnerability which may allow local users to gain root privileges and other vulnerabilities.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - ia64
Red Hat Linux Advanced Workstation 2.1 - ia64

RHSA-2004:105-01: Updated kernel packages fix security vulnerability

Red Hat 9313 Published 2004-04-22 11:51 by Philipp Esselbach 0

Updated kernel packages has been released for Red Hat Enterprise Linux

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated kernel packages fix security vulnerability
Advisory ID: RHSA-2004:105-01
Issue date: 2004-04-21
Updated on: 2004-04-21
Product: Red Hat Enterprise Linux
Keywords: kernel update
Cross references:
Obsoletes: RHSA-2004:044
CVE Names: CAN-2004-0109
----------------------------------------------------------------------

1. Topic:

Updated kernel packages that fix a security vulnerability which may allow local users to gain root privileges are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - athlon, i386, i686
Red Hat Enterprise Linux ES version 2.1 - athlon, i386, i686
Red Hat Enterprise Linux WS version 2.1 - athlon, i386, i686

RHSA-2004:160-01: Updated OpenOffice packages

Red Hat 9313 Published 2004-04-14 15:15 by Philipp Esselbach 0

An updated OpenOffice package has been released for Red Hat Enterprise Linux 3

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated OpenOffice packages fix security vulnerability in neon
Advisory ID: RHSA-2004:160-01
Issue date: 2004-04-14
Updated on: 2004-04-14
Product: Red Hat Enterprise Linux
Keywords:
Cross references:
Obsoletes:
CVE Names: CAN-2004-0179
----------------------------------------------------------------------

1. Topic:

Updated OpenOffice packages that fix a vulnerability in neon exploitable by a malicious DAV server are now available.

RHSA-2004:157-01: Updated cadaver package fixes security vulnerability in neon

Red Hat 9313 Published 2004-04-14 12:03 by Philipp Esselbach 0

An updated cadaver package has been released for Red Hat Enterprise Linux

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated cadaver package fixes security vulnerability in neon
Advisory ID: RHSA-2004:157-01
Issue date: 2004-04-14
Updated on: 2004-04-14
Product: Red Hat Enterprise Linux
Keywords:
Cross references:
Obsoletes:
CVE Names: CAN-2004-0179
----------------------------------------------------------------------

1. Topic:

An updated cadaver package that fixes a vulnerability in neon exploitable by a malicious DAV server is now available.

RHSA-2004:156-01: Updated mailman package closes DoS vulnerability

Red Hat 9313 Published 2004-04-14 12:01 by Philipp Esselbach 0

An updated mailman package has been released for Red Hat Enterprise Linux

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated mailman package closes DoS vulnerability
Advisory ID: RHSA-2004:156-01
Issue date: 2004-04-14
Updated on: 2004-04-14
Product: Red Hat Enterprise Linux
Keywords:
Cross references:
Obsoletes: RHSA-2004:019
CVE Names: CAN-2004-0182
----------------------------------------------------------------------

1. Topic:

An updated mailman package that closes a DoS vulnerability in mailman introduced by RHSA-2004:019 is now available.

RHSA-2004:153-01: Updated CVS packages fix security issue

Red Hat 9313 Published 2004-04-14 11:59 by Philipp Esselbach 0

Updated CVS packages has been released for Red Hat Enterprise Linux

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated CVS packages fix security issue
Advisory ID: RHSA-2004:153-01
Issue date: 2004-04-14
Updated on: 2004-04-14
Product: Red Hat Enterprise Linux
Keywords:
Cross references:
Obsoletes: RHSA-2004:004
CVE Names: CAN-2004-0180
----------------------------------------------------------------------

1. Topic:

Updated cvs packages that fix a client vulnerability that could be exploited by a malicious server are now available.