Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections: Blog - Developer - High Performance - Infrastructure - IT Management - Security - Storage -
Linux Today Navigation
LT Home
Preferences
Contribute
Link to Us
Search
Linux Jobs

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Technology Jobs

JustTechJobs.com

LinuxToday Newsletters
Server Daily
IT Management Daily
Subscribe News
Subscribe PR
Subscribe Security

internet.com
Internet News
Small Business

Advertise
Newsletters
Tech Jobs
E-mail Offers

 






Current Newswire:

Malware devs embrace open-source

A tale of two distros: Ubuntu and Linux Mint

Raspberry Pi benchmarked against Beagleboard, low price is long term

20 popular Ubuntu Linux apps you may want to try

A Selection of the Very Best Open Source Tutorials and Tools

Android Ice Cream Sandwich ported to x86 tablets, netbooks and notebooks

SECURITY: Google Chrome 17 Improves Security

How to read a CSV file in Perl?

Red Hat Brings Gluster to Amazon Cloud

New Linux kernel fixes power-saving issues



Applications Management Engineer Sr (NYC)
Next Step Systems
US-NY-New York

Justtechjobs.com Post A Job | Post A Resume
:Advisories: October 11, 2005
Advisories: October 11, 2005
Oct 12, 2005, 04 :45 UTC (0 Talkback[s]) (2365 reads)

Debian GNU/Linux

Debian Security Advisory DSA 860-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
October 11th, 2005 http://www.debian.org/security/faq

Package : ruby
Vulnerability : programming error
Problem type : local
Debian-specific: no
CVE ID : CAN-2005-2337
CERT advisory : VU#160012
Debian Bug : 332742

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The following matrix lists the fixed versions in our distributions:
 old stable (woody)stable (sarge)unstable (sid)
ruby1.6.7-3woody5n/an/a
ruby1.6n/a1.6.8-12sarge11.6.8-13
ruby1.8n/a1.8.2-7sarge21.8.3-1

We recommend that you upgrade your ruby packages.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5.dsc
      Size/MD5 checksum: 952 551966d3fda510ab6609efc34d6bd8c3
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5.diff.gz
      Size/MD5 checksum: 45214 d4c661766b9dc68b5d242b132aacbf71
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7.orig.tar.gz
      Size/MD5 checksum: 996835 a8859c679ee9acbfdf5056cdf26fcad3

Architecture independent components:

    http://security.debian.org/pool/updates/main/r/ruby/irb_1.6.7-3woody5_all.deb
      Size/MD5 checksum: 51388 bdec8679bf80535ec7a3bbd49c4ed6e1
    http://security.debian.org/pool/updates/main/r/ruby/ruby-elisp_1.6.7-3woody5_all.deb
      Size/MD5 checksum: 30438 b172a832ca173372ababd59babf102cc
    http://security.debian.org/pool/updates/main/r/ruby/ruby-examples_1.6.7-3woody5_all.deb
      Size/MD5 checksum: 38018 4bb23549b9b4981886f37d70aa028993

Alpha architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 129594 5addf6eb42dde52eea7e0b7e0951be94
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 128700 16024eb4c9d88b3c1880a4f8bf792efc
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 130080 ac62e8e089060e2cd737840ad77ab271
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 134978 4e0df5a3e650ee59f755b3bf58c7d572
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 132018 aa03506125ab54056057d27a61af202e
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 128584 ed5002f3927814c0e08ab5f85d6ba9e5
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 644604 db64bd84fd323881f465a49d3179ff14
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 132470 802403def99ca35d674d808192cd146e
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 129070 6450e83dcf8c4ba3d794a04f1379b323
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 147602 d09ddb9cecb955a56fb7c42f4349b57f
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 161582 cd611b93c6e4220d0ffff99fb2556618
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 142760 3622426c392f9fca540ff1a44d5deed1
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_alpha.deb
      Size/MD5 checksum: 626082 e08e2e93602ac95abd45833a2eb92821

ARM architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 128584 43c7e57f3a4f5e594221d4bf4c7dfb7f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 127460 2eda8af9bb8b722d0e6bd1b50ad89f4d
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 128420 f01f4da2eb89ec6c6ffd50c461177ffc
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 134588 bf7ac7c6d01120e64bb4cb35aa9f3f5a
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 131328 216e67b0e333c046fadc659b6ff4c397
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 127470 b116cc920991c4188ec2226c39af1002
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 602774 b9ff70c418ddbf3b1b620301b4c36c56
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 130602 f2aaadd527b7daede43307e158f283dc
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 128296 18492115821c42676e3d8a78e5db009e
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 146828 535237cacf1940c3ebc7de247d113abc
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 161390 ab9a10b1778b37db459addc5de1e4566
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 142410 204b041fff5bd5bc6e1bd294ae2bc892
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_arm.deb
      Size/MD5 checksum: 572716 e026e5c3452b42d455a2eec4d165d79e

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 128068 08725c4eb2ed019492b0341dd0a5330d
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 127282 32a6e3ef5466ce4731d36461eaa17972
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 128072 2755301286c11c942d990d4700df4d7f
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 132820 16f1188a52b0066c782aac16d0066b2c
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 131126 98f642c1695aa85660e01b85da94221b
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 127234 425551af222de3aafefa24abbac7562b
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 561442 6711cd3d3dfa633741763af9a937aa23
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 130096 522ad7b8d2d01afc5967df01590945e8
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 127540 17b99f9bb7656a84da6291d98de82d99
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 146466 718cc8a23c00a6c17551e8cc32a635e3
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 161430 86da7a51ab1d8670d0ba975b63a17599
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 142466 4c09dee6dca063b3a3129fba9ec5e2ff
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_i386.deb
      Size/MD5 checksum: 492656 870934b923271ea29f4dcd6d301a7230

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 133220 e79b7c824bf1b4d35fd32fe9f7fa792b
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 132740 c4542e3a1b6e042f44b18c1aa1acc1f8
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 134746 0caff55bf479b72a3955225f8a0554b7
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 139956 845ddc646096f8b83c2b7a17349eadb5
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 134108 c2c54195aa3afde5240bb700495e431f
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 131684 0d2bce7ea27bb42c04c5e57c9d427eba
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 854376 f9bbc7a3e2c24e5feea248d83a33cf45
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 140440 65338e07df3a04450a3ce77b56e349e6
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 130830 2f798f1dd5d1bab5430e053886f16f1a
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 150428 f9a529ac7f458e2a8b955cf045ede5ef
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 162432 f0faff2a31be069bc3725d91e3dfcf5e
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 143282 84ccf19fff6e067abacdeee5b53cfd62
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_ia64.deb
      Size/MD5 checksum: 755134 39d4e135ed7d41d7cf36c02fc65e40d8

HP Precision architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 130620 18824711592d38afb46c3bbe88b7000d
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 129342 b7604fa4086a3a2c087d22fce52d6926
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 130844 df54e9181c4cdb66b1eb3004757ed615
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 136100 66fa8cd3f735d490ac744ee8c8e065cc
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 132326 d7041eef1502d1f03800f36bf07c5d31
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 128682 153364a5308c6297d8ab052f58aede17
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 686092 c8c31e0dfd459134f4483c25ecb1605e
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 133000 e835d5bea37629a7c030f41f7727bd30
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 129138 fa5bd080276b3420e65e18dbf28b58db
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 148062 5438497f33bf13a89763ffcfad7e8307
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 161918 6a134229fe5bd8805a7eb1fb9f70fb7b
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 142682 ad86a668a0fdce652f82ecbc860642d4
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_hppa.deb
      Size/MD5 checksum: 667184 75525766980d720ef9466dc5084f0aad

Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 128462 8b53b52b9d172ec8a4c2ca273ad2e50c
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 127274 22ea934d90e831ecb7301f770e4d4e4c
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 128422 b481bb5dbf7d8a93d564bf8ce2d3c8c9
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 132854 0762b8fd6b1a854cc8f8019cea72a4be
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 131388 17cbfe8113ded65e73296458b6c55e43
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 127460 b57b7ce7916bd449155859a12d5f36e3
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 561566 20c1f429ce0801de8fbccc42af9070fe
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 129810 a2a33ad6f2e99e2b02bf2a54bab0e639
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 128268 063cfc2ede7a7ddd2c468af73c241a84
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 146694 2a19f465b91bb3437c8af442c59e6421
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 161466 649623cc5642cd95376dbd79c0f07526
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 142414 c232d7bb1658e342ee111eacb36174bc
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_m68k.deb
      Size/MD5 checksum: 470866 59c178ae18b0b24f68ac9604251e3002

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 128320 aefd47e6723cc63ff4fbf7362c149c8f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 126996 a7cf134385bb6b9f4c7816efce108b75
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 128158 8e41685e563713c121ccbc4bf402d9db
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 133776 f58298154540c36c03034ec05fa47197
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 131022 981dbeab5f95af5fbd03701d33dc78f9
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 127268 00fb08327c8ec736425ac8bbb8a59602
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 581962 ae286a7d6af2b63c32e5c83221e037a3
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 130500 61ed7a947ed21291986c550e582e7893
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 127880 df2365ad710056bf5adf583599553769
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 146632 f14e29848521e87c99eb831fa38aeaea
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 161494 91f17ebfc8f2312ccd8de4b48f044fc5
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 142794 6158778b805819770ae450c7be6cc636
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_mips.deb
      Size/MD5 checksum: 587476 56e3a663bed556c62245f44fb842a260

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 128270 51cdcfce40d81d6638dc5911a53af74f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 127010 0a920aa47f080a9b7a013d9be6c4893d
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 128170 6754cef3b431913af6beadc9d6b5c992
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 133782 c12e182534e982c17748052456d2c63b
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 130994 30c478fdee5b2b816f5cde1de1c9ce9a
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 127204 e3d3b6570b9e466cb00422894b89f272
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 581506 b440b99e2f4e22def3fb16acb53c2789
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 130492 61b91e3644804b7930ef242bd7eaec00
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 127860 b79131a39645af7ff39d28a46caf2281
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 146560 9217697a7f9d61e8fa7afde70b05cb46
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 161480 e2fd66dc33a7fef5774c0e9e206439b1
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 142794 24f322a483564685309ec237564cb6d5
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_mipsel.deb
      Size/MD5 checksum: 578040 a3e73feefcefc2ba5a395d22988465ed

PowerPC architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 128440 4aab33c5e3b67bb9587157ee92d54b59
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 127652 43cea2b0744fb18d534a198ab378e56b
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 128736 be8c8a5e89f4869b0cfb7fe2f459c0e0
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 134484 41b2c0ac000cf39c6939044be278c901
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 131380 9a9768cbd57fea5ffd213b5e3704477b
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 127538 fd92851b186db9671b9f7ca5ae45becf
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 607244 d8708b9ace56768e8d0f04fdaa73383d
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 130610 ca66d341fa806e4134f28651d268a303
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 128350 a15ae783638e26b5a8e304e1e5604ab5
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 147064 91ca064abd335e40f9f4e78938031a06
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 161490 0789a5a2db577b8a5e4f382ee021df5d
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 142502 2985b64774c866d8ea9d696caec05d2d
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_powerpc.deb
      Size/MD5 checksum: 529288 f1524421a9e6dc8e6923f75bfc8f7db5

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 128658 5e577aab56fda2c047e3dba9339c68e0
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 127854 4339a54fcc69ea122b828823780f9898
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 128914 81334959c6f199176b33f21dd7e78554
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 133690 9dc2189e5874e459739a644add67adc6
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 131850 8579274c8888e4a1d6fba0dd19118242
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 127940 087559fad36518eeb6fd44a01ed912c4
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 600770 3eeca259d6d6e5daf060048ae1c8c519
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 130864 d2a839f6b33c2e7020218fd23ac7f6a1
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 127924 72df0f116934d714d32def89277a970a
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 147222 e6778fca82f71b5d43fb03d4cbb03fe9
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 161560 668c35f9c33acdd9f3a994a0bc927d1a
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 142670 ae3246594cfa2e3285bcd636f984386f
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_s390.deb
      Size/MD5 checksum: 532308 445a8016212e5b787625097127b4a1a4

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 128412 87c7feb58f11785c1af6f9a51d987a2f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 127468 c34d8ed252a8d1ef5051a17e3fbd743e
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 128918 b24361084a9998be8f7fb84393221c19
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 134320 9015a2988d0f5305d996f5fb387f2bc4
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 131362 8272893400574f4f0934f2b04072ce09
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 127438 0b36fe5c0f86ba2334cc91013f366688
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 603136 07188840adfada3ac0af455668f7a908
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 130212 8d41c72d9695b44afe1e67369fd1ce46
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 128284 3be2192cc38ab41907c7a2331069b286
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 146774 3f65f580c669efb932f31411b58c4c4c
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 161528 76ca94791c147efc9a7beb85c526cfdf
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 142452 a606854f0cf791b868b2821d4bed54f2
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_sparc.deb
      Size/MD5 checksum: 561276 e1e23af9f2a36746bdcdf5f8e24769b6

These files will probably be moved into the stable distribution on its next update.

Debian Security Advisory DSA 861-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
October 11th, 2005 http://www.debian.org/security/faq

Package : uw-imap
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CAN-2005-2933

"infamous41md" discovered a buffer overflow in uw-imap, the University of Washington's IMAP Server that allows attackers to execute arbitrary code.

The old stable distribution (woody) is not affected by this problem.

For the stable distribution (sarge) this problem has been fixed in version 2002edebian1-11sarge1.

For the unstable distribution (sid) this problem has been fixed in version 2002edebian1-11sarge1.

We recommend that you upgrade your uw-imap packages.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imap_2002edebian1-11sarge1.dsc
      Size/MD5 checksum: 785 bf3e532a78669fd66c329a46ea11809d
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imap_2002edebian1-11sarge1.diff.gz
      Size/MD5 checksum: 85400 b295b9c10972cb78f3b4d25394b4b31d
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imap_2002edebian1.orig.tar.gz
      Size/MD5 checksum: 1517069 8ff277e7831326988d0ee0bfeca7c8ff

Architecture independent components:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd-ssl_2002edebian1-11sarge1_all.deb
      Size/MD5 checksum: 19982 ee7e9d78916253bef43c0513b1fa2df3
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd-ssl_2002edebian1-11sarge1_all.deb
      Size/MD5 checksum: 19968 01cd3a699013ba2679af4cd4c4c97ee7

Alpha architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_alpha.deb
      Size/MD5 checksum: 45316 8eff87a5d99f8514a97ba925f64cc29c
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_alpha.deb
      Size/MD5 checksum: 1400536 508b3322c04aba6a16ccd8360bcb2c8f
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_alpha.deb
      Size/MD5 checksum: 623866 007e483d0f71e26d88135ebd621cf913
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_alpha.deb
      Size/MD5 checksum: 26112 1512b9c49a9e67222c42e1e1a3161f62
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_alpha.deb
      Size/MD5 checksum: 76068 d3f6e63d18eee660aec45970c75a1e9f
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_alpha.deb
      Size/MD5 checksum: 50388 7915af40dc8454ed9c28b8210785b4b2

AMD64 architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_amd64.deb
      Size/MD5 checksum: 43842 9ee07ca885ad0a760624ee9ac3359573
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_amd64.deb
      Size/MD5 checksum: 1241462 a04eea3b29ce844bd36e882c358ec589
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_amd64.deb
      Size/MD5 checksum: 585262 43379b991740461a5247103be7bb481c
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_amd64.deb
      Size/MD5 checksum: 25256 b46f5e4f874df2b1c64e46d4d179753f
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_amd64.deb
      Size/MD5 checksum: 71862 9ea5e627919c4dc40db2ed70047da69c
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_amd64.deb
      Size/MD5 checksum: 47526 607377887f83ed71a87264bc85317bf3

ARM architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_arm.deb
      Size/MD5 checksum: 43908 cbb7163d6976c804f7f7dde0eba82e8f
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_arm.deb
      Size/MD5 checksum: 1218296 e942c426a47bfa5fe43b269040dc259d
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_arm.deb
      Size/MD5 checksum: 572074 325eab596c707493b112c4157192fd7d
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_arm.deb
      Size/MD5 checksum: 25284 aeedc4004a68ceb78d705c44cce7bd2b
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_arm.deb
      Size/MD5 checksum: 71378 611cd65efdeebdc3aba327482a966109
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_arm.deb
      Size/MD5 checksum: 46240 48f471e616eb16cb6682ef206eff68b5

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_i386.deb
      Size/MD5 checksum: 42640 222b9d6cfae656aeb0995b6b742a8018
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_i386.deb
      Size/MD5 checksum: 1192272 a641726681b49cbf4a59d15a992c3307
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_i386.deb
      Size/MD5 checksum: 580390 70951fce39878d16e551d0a3d20b1396
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_i386.deb
      Size/MD5 checksum: 25354 f72ec8b8f6c62b1c0185582387624fd3
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_i386.deb
      Size/MD5 checksum: 69812 9f7ef54531d8a7f98302526ba0395b93
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_i386.deb
      Size/MD5 checksum: 46514 07f09150e567ab8628e66b81ac4eef45

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_ia64.deb
      Size/MD5 checksum: 49584 cf5a3f4db538e69659eba3464ded819b
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_ia64.deb
      Size/MD5 checksum: 1392282 8ad6f8db3031f8f312cdac57b423d9a6
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_ia64.deb
      Size/MD5 checksum: 692648 0b9c67065ef7dc2bd19781778df56411
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_ia64.deb
      Size/MD5 checksum: 26856 253449914d0ebea21699f939ea21823b
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_ia64.deb
      Size/MD5 checksum: 82692 4803d5030e4521f010e28ba0129528e0
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_ia64.deb
      Size/MD5 checksum: 57218 5015cfcc9c0a4ec7100e31c86874feb4

HP Precision architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_hppa.deb
      Size/MD5 checksum: 45482 e9ae3633401d343357ef2ede9b5dcfde
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_hppa.deb
      Size/MD5 checksum: 1290012 79d3092981ccf2fa5f6770e68ec494a9
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_hppa.deb
      Size/MD5 checksum: 621964 9090bf13ad38d5d2584d1a2497aa59b0
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_hppa.deb
      Size/MD5 checksum: 26102 6df6311df18609d071cc918568b481ec
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_hppa.deb
      Size/MD5 checksum: 74376 e6ddda3b2f8765ef20d307888da4bb79
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_hppa.deb
      Size/MD5 checksum: 48796 a16164bb8d33476cb5ab8e9bc8bd851f

Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_m68k.deb
      Size/MD5 checksum: 42198 0c460fb08a6baf8597d588b06c0eb866
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_m68k.deb
      Size/MD5 checksum: 1202760 bcfd325de3b1ae80142fd40863c98480
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_m68k.deb
      Size/MD5 checksum: 557322 355de85312016eee76b442f617a1fa7b
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_m68k.deb
      Size/MD5 checksum: 25282 7a22722226b591ddd992b340eed62a79
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_m68k.deb
      Size/MD5 checksum: 67800 b78499f7aedee1af72a0abdce500bf1b
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_m68k.deb
      Size/MD5 checksum: 45972 6d387a13b396d2af4fb9c3a0a739e703

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_mips.deb
      Size/MD5 checksum: 45198 64a47c0e7299d4b9c2fabf9f5dbcd270
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_mips.deb
      Size/MD5 checksum: 1293040 0de4a01dd9aa001d0c9e3970add39139
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_mips.deb
      Size/MD5 checksum: 584784 b9981e6e319358c956ee8038e7ea70b5
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_mips.deb
      Size/MD5 checksum: 26032 91f708c3c2aaac1ff684a0067761479f
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_mips.deb
      Size/MD5 checksum: 70504 a77dc274b6df53c30e13aa54f933fda1
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_mips.deb
      Size/MD5 checksum: 51994 b03effecefe81dab0d9523bcd4d31287

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_mipsel.deb
      Size/MD5 checksum: 45138 d8319d4a2e984218582a2afcd3cd1f61
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_mipsel.deb
      Size/MD5 checksum: 1266374 12718fcede276595c4f6060adc06e50c
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_mipsel.deb
      Size/MD5 checksum: 584592 574d31724a1022e62a4c4954c4744b4b
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_mipsel.deb
      Size/MD5 checksum: 26024 60437f28a8d255810fc33b215fe124ca
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_mipsel.deb
      Size/MD5 checksum: 70396 8b11bea999587f10987960d36d122739
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_mipsel.deb
      Size/MD5 checksum: 52042 7f1f9bd83e7e82f3e3df8ae0a505f222

PowerPC architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_powerpc.deb
      Size/MD5 checksum: 44714 3be1ef718719a94a9755ac2492bf4736
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_powerpc.deb
      Size/MD5 checksum: 1367392 5140873290e9c5eceeb81adb45b4cfbe
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_powerpc.deb
      Size/MD5 checksum: 584320 b249e6621e1b6835eb2d19c5307706ed
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_powerpc.deb
      Size/MD5 checksum: 25724 ad84786248356abddf83822e32fad4e1
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_powerpc.deb
      Size/MD5 checksum: 70054 3b49efb35b29fe1383d77acc99e77220
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_powerpc.deb
      Size/MD5 checksum: 49518 16be979ed27da72276922377cfe4e63f

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_s390.deb
      Size/MD5 checksum: 45220 f0f89e4980b1ae8d016a18a4465d5daa
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_s390.deb
      Size/MD5 checksum: 1605558 ab2145e4e5ed815eac6b535ed852a075
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_s390.deb
      Size/MD5 checksum: 598718 d65ae25a64e58b9657e4d289c426aa8d
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_s390.deb
      Size/MD5 checksum: 25794 5958825b0b8f38b1768c0172d70f7a92
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_s390.deb
      Size/MD5 checksum: 73032 7c90176a07024e8d4103b3c53da66d7c
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_s390.deb
      Size/MD5 checksum: 48286 d0b533d1d55562880e2830e6d9840b97

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_sparc.deb
      Size/MD5 checksum: 43512 2769984cb6ade49615903339399f76fc
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_sparc.deb
      Size/MD5 checksum: 1230520 b2fb2513b5a3e244c8dcddfc0e944c59
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_sparc.deb
      Size/MD5 checksum: 578812 1e99dac1bb48e24cc2dfc68e32be3a0b
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_sparc.deb
      Size/MD5 checksum: 25348 b763253c4b4767fcfffcefea7f708245
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_sparc.deb
      Size/MD5 checksum: 71438 a9f91e6c21f28a5a2ff630913d85a2aa
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_sparc.deb
      Size/MD5 checksum: 46204 bc1f2368bfddcde27cc20ee264234122

These files will probably be moved into the stable distribution on its next update.

Debian Security Advisory DSA 862-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
October 11th, 2005 http://www.debian.org/security/faq

Package : ruby1.8
Vulnerability : programming error
Problem type : local
Debian-specific: no
CVE ID : CAN-2005-2337
CERT advisory : VU#160012
Debian Bug : 332742

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The following matrix lists the fixed versions in our distributions:
 old stable (woody)stable (sarge)unstable (sid)
ruby1.6.7-3woody5n/an/a
ruby1.6n/a1.6.8-12sarge11.6.8-13
ruby1.8n/a1.8.2-7sarge21.8.3-1

We recommend that you upgrade your ruby packages.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1.dsc
      Size/MD5 checksum: 995 e613b3e49e65dd6001cf69b2d1dcd02a
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1.diff.gz
      Size/MD5 checksum: 77597 1501c9f27a55bc85d7acef46fe4c4cc6
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8.orig.tar.gz
      Size/MD5 checksum: 1022364 aa1e272added83a5206c565d62c9c8ed

Architecture independent components:

    http://security.debian.org/pool/updates/main/r/ruby1.6/irb1.6_1.6.8-12sarge1_all.deb
      Size/MD5 checksum: 174586 2a9851bd0af6614dda24588455074ff1
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-elisp_1.6.8-12sarge1_all.deb
      Size/MD5 checksum: 152398 d695298a1a0a68502be9447e6bec21fd
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-examples_1.6.8-12sarge1_all.deb
      Size/MD5 checksum: 160090 36f37b50ac679829dd40a15c0dbc473a

Alpha architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 146272 830999406560e426388906bed6fc32f0
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 144768 8cc291975b2028ffa664014e457aef51
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 146272 ed776465141513435c7acd651a515771
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 148336 1b77918342617fd5d4e0dedc925947b7
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 144624 679c1efd1d5f72340204c5138c47a394
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 687886 f4ed9f39d03136054e133003d181811b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 726048 6872073af42d36e7c55cfe89ff80294d
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 148838 a07c2f788d657792689d26a7eb7a0767
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 144750 c425a6f852f34a4ae36b9909abc39fe8
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 165262 3299987425ccde3d8c7d63e4c68a9419
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 178364 cdb82c24909c956502e7a164b8a5cfbf
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 159012 64269aef2e9ef5e41c6d4a685d698ef1
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_alpha.deb
      Size/MD5 checksum: 699520 cc9b4b545800d24736c0aa61eae7b7ed

AMD64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 145214 62f6775a96a52c992009e7ae78870857
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 144048 bc43d68ce732701e49e5f718ed3a1250
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 145600 4c1e65809496c716c402e8e36df61ff2
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 147742 2b4938f3482593cee9e2f2237771b085
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 144008 7f87c6d385866e425225ab2111922222
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 641870 fc06992c575a42ab7bec4c451e399b2b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 687588 12aa68b51a965709d07b66b2ae468fe7
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 147486 849ab6e15f230955b3fe2811c4c5bbbe
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 144274 9e9e5e282235b023663377a922c12e8c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 164534 6ffe869fe587eeb8af0afa85e59ba04c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 178106 1c99808fc26ee57524b325f23bc954b7
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 158718 04e41efde4ff5bc65e318a329bc58a0e
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_amd64.deb
      Size/MD5 checksum: 576640 8ecc9bc9d98f5cc6252669cb4226a8d2

ARM architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 144204 f1645645feb3afbdb4d2b05414338246
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 143178 d0f47d2993103dd0374f122bc9581acc
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 144118 0d292e323905542ace2fcff80ce7a96b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 147034 9c4e1e6234c99aaf9a5c6a7567cf0eaf
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 143214 2f9a1d7392f4404caec61be544212b58
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 616070 46cce24fb6f8517b44b5116f9fca82d8
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 657706 ad063f27e515e00fa054dae13afe3b0b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 146276 3c13f593a6b9105b37725133cc404f37
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 143842 92d5e50b479aafc91b1dbcaf9cc84630
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 163706 681543bf91f9e6cb3429f124946f81d0
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 178038 9ae24accb6bee6ce912f300cf220d465
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 158484 23481ba5c2c3fc25f08826dd44e3b3df
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_arm.deb
      Size/MD5 checksum: 581472 f33a2034bb5834b388ff7a34b2eba076

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 144606 1c7f814e73111b9c7e278c646a493c9e
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 143786 4422413479fb4ec1ff2a1ce539f6fa9a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 144840 9d920a52efe0ed2d9fff9f2e7e9e31d3
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 147172 b0fa56144fca3904cf94367256aa2958
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 143386 97620abbd856d284be4e11ccd70cfc30
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 616208 43df4e31f759d0693580601a419d46e8
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 669234 c53d3fd003fbe35bf5003b896905735b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 146982 9588d68679bc1436f1030275e63e66f1
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 143706 8d19c9b3e2c07eaf00fdafbd8966bf0c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 163964 5b4c2033f0f48bc922e90438c77785c5
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 178024 5fa725579a6d816aac3e4dd54fe5414d
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 158492 25bcbc16181918c7f3b20d90eeb8c61c
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_i386.deb
      Size/MD5 checksum: 551580 d0fcca5bc2ff091a57fb8b2e2a89e6a7

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 148064 b14fa6d594e3c9f415075886c59efc91
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 146936 31e49c117bf65ddc43589d5bbd513c0a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 148966 990625da55b6e7209685a0f89e76f9ef
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 150416 d7108c6c559af7a6291619d1f732174c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 146798 c3f6984e76608a9b977e5836319ea0c1
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 820242 4ddff67147676d5cbc830b230c5b4402
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 874392 06b2241fbd41959490366790ff331313
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 153986 c5e2caa2d199e15525ebd5bb23a4c37b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 146256 70af049f3475c7a90743b265945202cf
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 167436 eeec3779c043bc4b4d7bffd0ae6d4b6c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 179064 b344581902e348080d335305164b70ff
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 159436 b4ed63ae8c85d96e7fb4b44f8d21a68d
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_ia64.deb
      Size/MD5 checksum: 761782 389aeb10ae44b9d25f40de130e2982de

HP Precision architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 146312 3e20478abb95835da131825bc2988b73
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 145254 4150ecda48bb95ec672a0acc8ed49d6d
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 146752 7a88dd5c944d6b70a62771b756a52fea
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 148694 150a7aec78e0db67e91833bf8279ecfb
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 144862 a611079fc01763bd37a58d8aab20ba37
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 702356 28fc0e042bb8f2bc2069411ac0ba0f54
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 740460 a503abdabdfcf61969491ca7547e6b0e
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 148658 55fc1849954f9cb974bbac9869e0077a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 145380 1bc8d041dc148f66847854cb6793a399
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 166084 e6eac2b99b584abe67612fedea626d42
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 178814 c5206bc7bbf8e308d365a05dc5a9c992
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 159076 31e740218b0084a74b8260e8dbf60f6f
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_hppa.deb
      Size/MD5 checksum: 650322 fcee80e774dfe9de2b278b2b8ffb2adc

Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 144534 caffa585178c88b5fcf8fc214cb8308b
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 143220 8e44dafd97bcf0a0f8afe93c0b01de27
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 144432 6b714c1ab2f0fa4071edb9deb465fe57
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 147360 ee206d81469da1c6f7736ac51845ba5f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 143474 bcee1f58c2ca9057c2a411a0740e0573
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 602716 24d9bd038d628c1db384bfb7aa4cd773
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 647806 971b47d4fae8ccb0f53f7e829ba0544f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 145680 3f5aad29b03a85dca9a4f72dbd44a5c6
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 144260 4dcb803b3ec95fef747d89ae4fae94fa
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 163888 751e9a821575b3c77232c3d35911f7af
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 178018 28fbfbe7376779ca8386891f930d6765
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 158428 3ec10442a3d8f8f28953f8e6924971d7
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_m68k.deb
      Size/MD5 checksum: 493178 a6d69685e82ebc824817822d88698cc9

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 144242 4f8ed87a6e2976008b08b7eabfff755f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 143152 cfc383910f43654f09b8ee6eeb2489ee
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 144340 2dbf9353884f300828f575fb21de190d
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 147512 64c25b9a7e0c67d49b7790e6f171bdb4
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 143394 6ccdd3e605ea67f5e034033515c36225
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 626520 7c8b4354f567869f1372d7244fa38fcf
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 675786 796fca31a249c630afb9f062c07872fb
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 146698 70318712fdf70fd552440737766988f0
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 143686 8f47673723d2442b4d4f31949f2b5c82
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 163360 d7ac01193e37eb475ceb73d5497986e7
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 178126 b1bd10d219f1865d50a416477425f835
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 159248 4e285dbfb07335958986f5c2d89707df
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_mips.deb
      Size/MD5 checksum: 603820 d7fac4c7a792ee77f63215e9ba964348

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 144214 671e6ee5dadd9d1f17c8cadacc4a3fa0
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 143134 37278795594c78aa9d0149a75d0f2f07
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 144336 ab0fc506cd0e48174f03c103d82cc17c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 147442 034fca9d3ec1edcc7ea392b5a5f7b1dc
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 143336 f7f8a1c7939e76caa21b5a459711e588
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 626868 a07abe6c151ee0d6cbe68243ed67c772
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 669678 22fd298c6e8f937240f08a1267734853
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 146724 dc9f2c30aba80e93eed5c28f9c457b48
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 143676 687d27e46d90ba1f6230f9449b831f64
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 163300 5d04b6ad98189d3d33eda25e845d8983
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 178114 178a5a76059b4283296fdf3506fbd411
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 159234 ebd830bd191a2b57b303cd4386820fbe
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_mipsel.deb
      Size/MD5 checksum: 597128 53bccd3908f546a3f7a0dee384a86160

PowerPC architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 146082 29d498883a7e119aaa7e2f4686a8a150
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 145600 2d7e763c8df7c32a43eea2d0b340d271
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 146624 53b861a0d56ca164448c7f54eedcc997
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 149280 e943df99c3446492674e72d9115b02a6
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 145264 903c6ab6388f3c8b789bdbb0c79c3cc1
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 650948 e0d59d1d6b367785e46b421de716a6ce
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 857840 0386239944c697c4795374c92b79b3ca
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 148638 446de38974e1ae8975b3690726b3cc46
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 145856 29bfa85722e178918c0af0736150a589
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 165454 4517c79531d330a4ca5017378e7e7d55
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 180046 14656cefb29bdc971d2868f16f91b296
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 160406 028694ae18a64e504b48882441118dec
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 554456 e6a2e7b958723c6db21d61aaadf4f57c

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 145594 6e4dd004f179021b0abc04becce5cb42
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 144478 450e600c71e9b02b230e9fd4b9cf1bd4
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 145884 e6366a34175091fa0a784639a82b24dc
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 148244 681cbb886fb1de22c0f62f716204e036
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 144452 185f29d21fec0491749ff76834bfe4a2
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 665724 910c194a43c021d7ea4225f880efe925
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 794702 b431c1c0c10697aa06a9e2635d86489d
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 147978 3a6393d860d3bc3a83ba123a5e4d1646
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 144456 295ef46485f7192c12800cd576fa2f1c
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 165022 131a76337cfc3b10bcef1154ace8db87
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 178322 066bc3fdc9add59974a853c742958898
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 158748 e4d4fefe7665e96d5c1cfc981a58ddb7
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_s390.deb
      Size/MD5 checksum: 596304 f942722704b9a8f90228d03755b2cc9e

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/r/ruby1.6/libcurses-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 144338 5332edabace9de394a21fb16dd68fc00
    http://security.debian.org/pool/updates/main/r/ruby1.6/libdbm-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 143362 03b589c0a518b0f44e16cbe4361028f4
    http://security.debian.org/pool/updates/main/r/ruby1.6/libgdbm-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 144576 acc39c3ba4b4bd2497732a3862ca957f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libpty-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 147296 5a8c72ddd29daa72ff4c41d145b47e0a
    http://security.debian.org/pool/updates/main/r/ruby1.6/libreadline-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 143426 eefa9293af5d7bc1a48230d7f99ad214
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 632062 4870dbbbc0eee377fd47e103eb709fd1
    http://security.debian.org/pool/updates/main/r/ruby1.6/libruby1.6-dbg_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 662146 3a3b701fc2ab97a5d8f3ce2163a85e38
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsdbm-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 146136 1c917b26ddca3363bb0dace0a88b118f
    http://security.debian.org/pool/updates/main/r/ruby1.6/libsyslog-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 144176 08d3ccecd5906ccb786d1f4cc357c876
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtcltk-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 164110 4ad811d916642b4c163fb15cb47553e3
    http://security.debian.org/pool/updates/main/r/ruby1.6/libtk-ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 178084 03ee561cda0e95ffc8aeae1273d3ce91
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 158504 ad024bd45125b917ad22eba95404d0a5
    http://security.debian.org/pool/updates/main/r/ruby1.6/ruby1.6-dev_1.6.8-12sarge1_sparc.deb
      Size/MD5 checksum: 573712 4da39b6b64fbcd25256fd5d7e1ca1fe2

These files will probably be moved into the stable distribution on its next update.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Red Hat Linux

Red Hat Security Advisory

Synopsis: Low: binutils security update
Advisory ID: RHSA-2005:763-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-763.html
Issue date: 2005-10-11
Updated on: 2005-10-11
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-1704

1. Summary:

An updated binutils package that fixes minor security issues is now available.

This update has been rated as having low security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386

3. Problem description:

Binutils is a collection of utilities used for the creation of executable code. A number of bugs were found in various binutils tools.

Several integer overflow bugs were found in binutils. If a user is tricked into processing a specially crafted executable with utilities such as readelf, size, strings, objdump, or nm, it may allow the execution of arbitrary code as the user running the utility. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-1704 to this issue.

All users of binutils should upgrade to this updated package, which contains backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

164666 - CAN-2005-1704 Integer overflow in the Binary File Descriptor (BFD) library

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/binutils-2.11.90.0.8-12.5.src.rpm
f981c9ab886387de6d68ef508e528952 binutils-2.11.90.0.8-12.5.src.rpm

i386:
84f0f3790e0ad8e889777af528e8fe32 binutils-2.11.90.0.8-12.5.i386.rpm

ia64:
29a30b2e10daa96cd73d40c992db3a69 binutils-2.11.90.0.8-12.5.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/binutils-2.11.90.0.8-12.5.src.rpm
f981c9ab886387de6d68ef508e528952 binutils-2.11.90.0.8-12.5.src.rpm

ia64:
29a30b2e10daa96cd73d40c992db3a69 binutils-2.11.90.0.8-12.5.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/binutils-2.11.90.0.8-12.5.src.rpm
f981c9ab886387de6d68ef508e528952 binutils-2.11.90.0.8-12.5.src.rpm

i386:
84f0f3790e0ad8e889777af528e8fe32 binutils-2.11.90.0.8-12.5.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/binutils-2.11.90.0.8-12.5.src.rpm
f981c9ab886387de6d68ef508e528952 binutils-2.11.90.0.8-12.5.src.rpm

i386:
84f0f3790e0ad8e889777af528e8fe32 binutils-2.11.90.0.8-12.5.i386.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1704

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

Red Hat Security Advisory

Synopsis: Low: libuser security update
Advisory ID: RHSA-2005:770-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-770.html
Issue date: 2005-10-11
Updated on: 2005-10-11
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-2392

1. Summary:

Updated libuser packages that fix various security issues are now available.

This update has been rated as having low security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386

3. Problem description:

The libuser library implements a standardized interface for manipulating and administering user and group accounts. The library uses pluggable back-ends to interface to its data sources. Sample applications that are modeled after applications from the shadow password suite are included in the package.

Several denial of service bugs were discovered in libuser. Under certain conditions it is possible for an application linked against libuser to crash or operate irregularly. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-2392 to these issues.

All users of libuser are advised to upgrade to these updated packages, which contain a backported fix and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

167113 - CAN-2004-2392 libuser serious programming bugs

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/libuser-0.32-1.el2.1.src.rpm
5e0f990b6bd85505365e57885021f427 libuser-0.32-1.el2.1.src.rpm

i386:
94fa396fe3e070b6a669c28001663b72 libuser-0.32-1.el2.1.i386.rpm
3d30b7d22091eb982939b2db8b28486c libuser-devel-0.32-1.el2.1.i386.rpm

ia64:
394a1089155f809af30b190bc3ac2cf6 libuser-0.32-1.el2.1.ia64.rpm
4888f35290a8d15ae47ecf63964e32e4 libuser-devel-0.32-1.el2.1.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/libuser-0.32-1.el2.1.src.rpm
5e0f990b6bd85505365e57885021f427 libuser-0.32-1.el2.1.src.rpm

ia64:
394a1089155f809af30b190bc3ac2cf6 libuser-0.32-1.el2.1.ia64.rpm
4888f35290a8d15ae47ecf63964e32e4 libuser-devel-0.32-1.el2.1.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/libuser-0.32-1.el2.1.src.rpm
5e0f990b6bd85505365e57885021f427 libuser-0.32-1.el2.1.src.rpm

i386:
94fa396fe3e070b6a669c28001663b72 libuser-0.32-1.el2.1.i386.rpm
3d30b7d22091eb982939b2db8b28486c libuser-devel-0.32-1.el2.1.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/libuser-0.32-1.el2.1.src.rpm
5e0f990b6bd85505365e57885021f427 libuser-0.32-1.el2.1.src.rpm

i386:
94fa396fe3e070b6a669c28001663b72 libuser-0.32-1.el2.1.i386.rpm
3d30b7d22091eb982939b2db8b28486c libuser-devel-0.32-1.el2.1.i386.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2392

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

Red Hat Security Advisory

Synopsis: Moderate: util-linux and mount security update
Advisory ID: RHSA-2005:782-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-782.html
Issue date: 2005-10-11
Updated on: 2005-10-11
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-2876 CAN-2001-1494

1. Summary:

Updated util-linux and mount packages that fix two security issues are now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function.

The mount package contains the mount, umount, swapon and swapoff programs.

A bug was found in the way the umount command is executed by normal users. It may be possible for a user to gain elevated privileges if the user is able to execute the "umount -r" command on a mounted file system. The file system will be re-mounted only with the "readonly" flag set, clearing flags such as "nosuid" and "noexec". The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-2876 to this issue.

This update also fixes a hardlink bug in the script command for Red Hat Enterprise Linux 2.1. If a local user places a hardlinked file named "typescript" in a directory they have write access to, the file will be overwritten if the user running script has write permissions to the destination file. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2001-1494 to this issue.

All users of util-linux and mount should upgrade to these updated packages, which contain backported patches to correct these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

161337 - CAN-2001-1494 hardlink vulnerability in 'script' command
168206 - CAN-2005-2876 umount unsafe -r usage
168209 - CAN-2005-2876 umount unsafe -r usage

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mount-2.11g-9.src.rpm
d3282353910c50c68ebfb44cacb6c30f mount-2.11g-9.src.rpm

ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/util-linux-2.11f-20.8.src.rpm
8a7547d3dd15711353a976fd47e04176 util-linux-2.11f-20.8.src.rpm

i386:
7e1c7b7c2c2fa29085e7e6897e88078d losetup-2.11g-9.i386.rpm
ffaa56d9acad22b210f2f4ea509b5ec1 mount-2.11g-9.i386.rpm
3e64e8635bd18d364511ad564dab373f util-linux-2.11f-20.8.i386.rpm

ia64:
6f83321e29bfe52139ae9255dead0f9c losetup-2.11g-9.ia64.rpm
8ce58c073113458c7a35df7912ea3746 mount-2.11g-9.ia64.rpm
ea0ede106e89ece2883f5dfa545c1429 util-linux-2.11f-20.8.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mount-2.11g-9.src.rpm
d3282353910c50c68ebfb44cacb6c30f mount-2.11g-9.src.rpm

ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/util-linux-2.11f-20.8.src.rpm
8a7547d3dd15711353a976fd47e04176 util-linux-2.11f-20.8.src.rpm

ia64:
6f83321e29bfe52139ae9255dead0f9c losetup-2.11g-9.ia64.rpm
8ce58c073113458c7a35df7912ea3746 mount-2.11g-9.ia64.rpm
ea0ede106e89ece2883f5dfa545c1429 util-linux-2.11f-20.8.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mount-2.11g-9.src.rpm
d3282353910c50c68ebfb44cacb6c30f mount-2.11g-9.src.rpm

ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/util-linux-2.11f-20.8.src.rpm
8a7547d3dd15711353a976fd47e04176 util-linux-2.11f-20.8.src.rpm

i386:
7e1c7b7c2c2fa29085e7e6897e88078d losetup-2.11g-9.i386.rpm
ffaa56d9acad22b210f2f4ea509b5ec1 mount-2.11g-9.i386.rpm
3e64e8635bd18d364511ad564dab373f util-linux-2.11f-20.8.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mount-2.11g-9.src.rpm
d3282353910c50c68ebfb44cacb6c30f mount-2.11g-9.src.rpm

ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/util-linux-2.11f-20.8.src.rpm
8a7547d3dd15711353a976fd47e04176 util-linux-2.11f-20.8.src.rpm

i386:
7e1c7b7c2c2fa29085e7e6897e88078d losetup-2.11g-9.i386.rpm
ffaa56d9acad22b210f2f4ea509b5ec1 mount-2.11g-9.i386.rpm
3e64e8635bd18d364511ad564dab373f util-linux-2.11f-20.8.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/util-linux-2.11y-31.11.src.rpm
7a562d571237203634c8009d2c506921 util-linux-2.11y-31.11.src.rpm

i386:
b89a7d466e3cead507c00776aae3b437 losetup-2.11y-31.11.i386.rpm
df678149ef9fe3c088f7ca6af1697337 mount-2.11y-31.11.i386.rpm
e5fa25f4caa04749eb39430e45ab7bd3 util-linux-2.11y-31.11.i386.rpm

ia64:
ebbb6f700b72357c03220f32a1e8a164 losetup-2.11y-31.11.ia64.rpm
67526f76a9e66c74faad8ce7ce290a9d mount-2.11y-31.11.ia64.rpm
00657fbd14ab30ddec29724783288fb1 util-linux-2.11y-31.11.ia64.rpm

ppc:
b4fb144ebf8ba11e59fbac9de6bd2b95 losetup-2.11y-31.11.ppc.rpm
2638872b02dd777c17bc30e2f6489f04 mount-2.11y-31.11.ppc.rpm
70a8b932588c3c36232b9e447c4bb9c3 util-linux-2.11y-31.11.ppc.rpm

s390:
e4f001ff1d9fd90e0c582031fa3b0216 losetup-2.11y-31.11.s390.rpm
a6a1ca2a10b378fb25d4a862ef3cb645 mount-2.11y-31.11.s390.rpm
068f5f2c4f13dd5b45af98a9ea3c9da5 util-linux-2.11y-31.11.s390.rpm

s390x:
303c1e4eb9a401bb562e95f112cb86ad losetup-2.11y-31.11.s390x.rpm
5ad992ec8f902bced723a7b06c5febb2 mount-2.11y-31.11.s390x.rpm
b0d09f13c674c79fb04a389765517473 util-linux-2.11y-31.11.s390x.rpm

x86_64:
d7a946efdfbf418dad33828622c9f550 losetup-2.11y-31.11.x86_64.rpm
b90e15d4e39913757550b9362a98bfb2 mount-2.11y-31.11.x86_64.rpm
6f2df633740943a84fa5f06d3ff41f54 util-linux-2.11y-31.11.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/util-linux-2.11y-31.11.src.rpm
7a562d571237203634c8009d2c506921 util-linux-2.11y-31.11.src.rpm

i386:
b89a7d466e3cead507c00776aae3b437 losetup-2.11y-31.11.i386.rpm
df678149ef9fe3c088f7ca6af1697337 mount-2.11y-31.11.i386.rpm
e5fa25f4caa04749eb39430e45ab7bd3 util-linux-2.11y-31.11.i386.rpm

x86_64:
d7a946efdfbf418dad33828622c9f550 losetup-2.11y-31.11.x86_64.rpm
b90e15d4e39913757550b9362a98bfb2 mount-2.11y-31.11.x86_64.rpm
6f2df633740943a84fa5f06d3ff41f54 util-linux-2.11y-31.11.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/util-linux-2.11y-31.11.src.rpm
7a562d571237203634c8009d2c506921 util-linux-2.11y-31.11.src.rpm

i386:
b89a7d466e3cead507c00776aae3b437 losetup-2.11y-31.11.i386.rpm
df678149ef9fe3c088f7ca6af1697337 mount-2.11y-31.11.i386.rpm
e5fa25f4caa04749eb39430e45ab7bd3 util-linux-2.11y-31.11.i386.rpm

ia64:
ebbb6f700b72357c03220f32a1e8a164 losetup-2.11y-31.11.ia64.rpm
67526f76a9e66c74faad8ce7ce290a9d mount-2.11y-31.11.ia64.rpm
00657fbd14ab30ddec29724783288fb1 util-linux-2.11y-31.11.ia64.rpm

x86_64:
d7a946efdfbf418dad33828622c9f550 losetup-2.11y-31.11.x86_64.rpm
b90e15d4e39913757550b9362a98bfb2 mount-2.11y-31.11.x86_64.rpm
6f2df633740943a84fa5f06d3ff41f54 util-linux-2.11y-31.11.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/util-linux-2.11y-31.11.src.rpm
7a562d571237203634c8009d2c506921 util-linux-2.11y-31.11.src.rpm

i386:
b89a7d466e3cead507c00776aae3b437 losetup-2.11y-31.11.i386.rpm
df678149ef9fe3c088f7ca6af1697337 mount-2.11y-31.11.i386.rpm
e5fa25f4caa04749eb39430e45ab7bd3 util-linux-2.11y-31.11.i386.rpm

ia64:
ebbb6f700b72357c03220f32a1e8a164 losetup-2.11y-31.11.ia64.rpm
67526f76a9e66c74faad8ce7ce290a9d mount-2.11y-31.11.ia64.rpm
00657fbd14ab30ddec29724783288fb1 util-linux-2.11y-31.11.ia64.rpm

x86_64:
d7a946efdfbf418dad33828622c9f550 losetup-2.11y-31.11.x86_64.rpm
b90e15d4e39913757550b9362a98bfb2 mount-2.11y-31.11.x86_64.rpm
6f2df633740943a84fa5f06d3ff41f54 util-linux-2.11y-31.11.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/util-linux-2.12a-16.EL4.12.src.rpm
fbbc6f06d4675b42e2bd0ba1bd1d6c57 util-linux-2.12a-16.EL4.12.src.rpm

i386:
beb2444974794726ad73218c92ca2336 util-linux-2.12a-16.EL4.12.i386.rpm

ia64:
811dcc7c533e68518555267c9c793b6e util-linux-2.12a-16.EL4.12.ia64.rpm

ppc:
deedcd5da6fcedff331a3e71b09b74c6 util-linux-2.12a-16.EL4.12.ppc.rpm

s390:
390077578fdd458b402328d53ab574b8 util-linux-2.12a-16.EL4.12.s390.rpm

s390x:
c3324d5388df1577789df5b486ec810b util-linux-2.12a-16.EL4.12.s390x.rpm

x86_64:
f8f59f58506acb3ba4c3ce9b5a8cebc0 util-linux-2.12a-16.EL4.12.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/util-linux-2.12a-16.EL4.12.src.rpm
fbbc6f06d4675b42e2bd0ba1bd1d6c57 util-linux-2.12a-16.EL4.12.src.rpm

i386:
beb2444974794726ad73218c92ca2336 util-linux-2.12a-16.EL4.12.i386.rpm

x86_64:
f8f59f58506acb3ba4c3ce9b5a8cebc0 util-linux-2.12a-16.EL4.12.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/util-linux-2.12a-16.EL4.12.src.rpm
fbbc6f06d4675b42e2bd0ba1bd1d6c57 util-linux-2.12a-16.EL4.12.src.rpm

i386:
beb2444974794726ad73218c92ca2336 util-linux-2.12a-16.EL4.12.i386.rpm

ia64:
811dcc7c533e68518555267c9c793b6e util-linux-2.12a-16.EL4.12.ia64.rpm

x86_64:
f8f59f58506acb3ba4c3ce9b5a8cebc0 util-linux-2.12a-16.EL4.12.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/util-linux-2.12a-16.EL4.12.src.rpm
fbbc6f06d4675b42e2bd0ba1bd1d6c57 util-linux-2.12a-16.EL4.12.src.rpm

i386:
beb2444974794726ad73218c92ca2336 util-linux-2.12a-16.EL4.12.i386.rpm

ia64:
811dcc7c533e68518555267c9c793b6e util-linux-2.12a-16.EL4.12.ia64.rpm

x86_64:
f8f59f58506acb3ba4c3ce9b5a8cebc0 util-linux-2.12a-16.EL4.12.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1494

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

Red Hat Security Advisory

Synopsis: Moderate: ruby security update
Advisory ID: RHSA-2005:799-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-799.html
Issue date: 2005-10-11
Updated on: 2005-10-11
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-2337

1. Summary:

Updated ruby packages that fix an arbitrary command execution issue are now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386
Red Hat Linux Advanced Workstation 2.1 -
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

Ruby is an interpreted scripting language for object-oriented programming.

A bug was found in the way ruby handles eval statements. It is possible for a malicious script to call eval in such a way that can allow the bypass of certain safe-level restrictions. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-2337 to this issue.

Users of Ruby should update to these erratum packages, which contain a backported patch and are not vulnerable to this issue.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

169575 - CAN-2005-2337 ruby safe-level mode bypass

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ruby-1.6.4-2.AS21.2.src.rpm
512be4c5347af63f6a58b8fa84bbfef5 ruby-1.6.4-2.AS21.2.src.rpm

i386:
b160d0ec2044a95b7efb61f95900e00a irb-1.6.4-2.AS21.2.i386.rpm
9f3ef7ba6f5f8d4507ec02461cb4013d ruby-1.6.4-2.AS21.2.i386.rpm
afa4bf7f0f24ce7fa33cb98a909a0745 ruby-devel-1.6.4-2.AS21.2.i386.rpm
d9113fbe1d2786026ac5592218e83155 ruby-docs-1.6.4-2.AS21.2.i386.rpm
0f6fbc236a0e5579d56fcab0069a0898 ruby-libs-1.6.4-2.AS21.2.i386.rpm
a15b7a985249c3154b698d2d173dc76b ruby-tcltk-1.6.4-2.AS21.2.i386.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/ruby-1.6.4-2.AS21.2.src.rpm
512be4c5347af63f6a58b8fa84bbfef5 ruby-1.6.4-2.AS21.2.src.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ruby-1.6.4-2.AS21.2.src.rpm
512be4c5347af63f6a58b8fa84bbfef5 ruby-1.6.4-2.AS21.2.src.rpm

i386:
b160d0ec2044a95b7efb61f95900e00a irb-1.6.4-2.AS21.2.i386.rpm
9f3ef7ba6f5f8d4507ec02461cb4013d ruby-1.6.4-2.AS21.2.i386.rpm
afa4bf7f0f24ce7fa33cb98a909a0745 ruby-devel-1.6.4-2.AS21.2.i386.rpm
d9113fbe1d2786026ac5592218e83155 ruby-docs-1.6.4-2.AS21.2.i386.rpm
0f6fbc236a0e5579d56fcab0069a0898 ruby-libs-1.6.4-2.AS21.2.i386.rpm
a15b7a985249c3154b698d2d173dc76b ruby-tcltk-1.6.4-2.AS21.2.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ruby-1.6.4-2.AS21.2.src.rpm
512be4c5347af63f6a58b8fa84bbfef5 ruby-1.6.4-2.AS21.2.src.rpm

i386:
b160d0ec2044a95b7efb61f95900e00a irb-1.6.4-2.AS21.2.i386.rpm
9f3ef7ba6f5f8d4507ec02461cb4013d ruby-1.6.4-2.AS21.2.i386.rpm
afa4bf7f0f24ce7fa33cb98a909a0745 ruby-devel-1.6.4-2.AS21.2.i386.rpm
d9113fbe1d2786026ac5592218e83155 ruby-docs-1.6.4-2.AS21.2.i386.rpm
0f6fbc236a0e5579d56fcab0069a0898 ruby-libs-1.6.4-2.AS21.2.i386.rpm
a15b7a985249c3154b698d2d173dc76b ruby-tcltk-1.6.4-2.AS21.2.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ruby-1.6.8-9.EL3.4.src.rpm
ba1c6edb962ce63720a6091435acf2d6 ruby-1.6.8-9.EL3.4.src.rpm

i386:
9cb6433cddfe029966e3678479690491 ruby-1.6.8-9.EL3.4.i386.rpm
7e47defcef53ddfc3d98a89e75c78f81 ruby-devel-1.6.8-9.EL3.4.i386.rpm
4ffcd05c9a884e8cfbffdad1b06bb005 ruby-libs-1.6.8-9.EL3.4.i386.rpm
4030e23dcfa7fe10a5cde734027eb3d6 ruby-mode-1.6.8-9.EL3.4.i386.rpm

ia64:
2d01fcb09c2c5227d182b95026eebc3e ruby-1.6.8-9.EL3.4.ia64.rpm
26821bddc91160c309bff6500b2c12f7 ruby-devel-1.6.8-9.EL3.4.ia64.rpm
4ffcd05c9a884e8cfbffdad1b06bb005 ruby-libs-1.6.8-9.EL3.4.i386.rpm
0f2b9fc0f08ab13d28fb5e54dd9a6b83 ruby-libs-1.6.8-9.EL3.4.ia64.rpm
fe09a23b04e3f1d4053600822ad65c1d ruby-mode-1.6.8-9.EL3.4.ia64.rpm

ppc:
540f765447867aeb16240818dddf1b51 ruby-1.6.8-9.EL3.4.ppc.rpm
f08d897f12918bae3f1d8cc38f14e4ee ruby-devel-1.6.8-9.EL3.4.ppc.rpm
dae0f66e644e971277d2132cdfdc28c3 ruby-libs-1.6.8-9.EL3.4.ppc.rpm
f755c94dca7e2c8ed13f66d03a4c3345 ruby-libs-1.6.8-9.EL3.4.ppc64.rpm
5b9e451baf30eebd5761c4470fb1b277 ruby-mode-1.6.8-9.EL3.4.ppc.rpm

s390:
d45ea42a962ea285094a64e52000a0a4 ruby-1.6.8-9.EL3.4.s390.rpm
b7569711aa3de96895c346917f1ccf3e ruby-devel-1.6.8-9.EL3.4.s390.rpm
01b278ca30e712b824b96b02eb2d95db ruby-libs-1.6.8-9.EL3.4.s390.rpm
f70a29c86e5c62aab83421756b5235c4 ruby-mode-1.6.8-9.EL3.4.s390.rpm

s390x:
77f0382e404d1afbcaf1ce826c4b75d3 ruby-1.6.8-9.EL3.4.s390x.rpm
f0c167caac01aad1f7be8d05c6db633f ruby-devel-1.6.8-9.EL3.4.s390x.rpm
01b278ca30e712b824b96b02eb2d95db ruby-libs-1.6.8-9.EL3.4.s390.rpm
3345a8783bd6541c2a9de6f5c9dbad73 ruby-libs-1.6.8-9.EL3.4.s390x.rpm
f826b519e02689f84bb872600acedf71 ruby-mode-1.6.8-9.EL3.4.s390x.rpm

x86_64:
6fb32e9309419767b2a45e9a8c9a6bb6 ruby-1.6.8-9.EL3.4.x86_64.rpm
5fe5a710d3a842c405a1db455e587db7 ruby-devel-1.6.8-9.EL3.4.x86_64.rpm
4ffcd05c9a884e8cfbffdad1b06bb005 ruby-libs-1.6.8-9.EL3.4.i386.rpm
ffd6c60b15b2841ba3e82bb268701025 ruby-libs-1.6.8-9.EL3.4.x86_64.rpm
cc3cd910a5a5d00984e3914900d5d9af ruby-mode-1.6.8-9.EL3.4.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ruby-1.6.8-9.EL3.4.src.rpm
ba1c6edb962ce63720a6091435acf2d6 ruby-1.6.8-9.EL3.4.src.rpm

i386:
9cb6433cddfe029966e3678479690491 ruby-1.6.8-9.EL3.4.i386.rpm
7e47defcef53ddfc3d98a89e75c78f81 ruby-devel-1.6.8-9.EL3.4.i386.rpm
4ffcd05c9a884e8cfbffdad1b06bb005 ruby-libs-1.6.8-9.EL3.4.i386.rpm
4030e23dcfa7fe10a5cde734027eb3d6 ruby-mode-1.6.8-9.EL3.4.i386.rpm

x86_64:
6fb32e9309419767b2a45e9a8c9a6bb6 ruby-1.6.8-9.EL3.4.x86_64.rpm
5fe5a710d3a842c405a1db455e587db7 ruby-devel-1.6.8-9.EL3.4.x86_64.rpm
4ffcd05c9a884e8cfbffdad1b06bb005 ruby-libs-1.6.8-9.EL3.4.i386.rpm
ffd6c60b15b2841ba3e82bb268701025 ruby-libs-1.6.8-9.EL3.4.x86_64.rpm
cc3cd910a5a5d00984e3914900d5d9af ruby-mode-1.6.8-9.EL3.4.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ruby-1.6.8-9.EL3.4.src.rpm
ba1c6edb962ce63720a6091435acf2d6 ruby-1.6.8-9.EL3.4.src.rpm

i386:
9cb6433cddfe029966e3678479690491 ruby-1.6.8-9.EL3.4.i386.rpm
7e47defcef53ddfc3d98a89e75c78f81 ruby-devel-1.6.8-9.EL3.4.i386.rpm
4ffcd05c9a884e8cfbffdad1b06bb005 ruby-libs-1.6.8-9.EL3.4.i386.rpm
4030e23dcfa7fe10a5cde734027eb3d6 ruby-mode-1.6.8-9.EL3.4.i386.rpm

ia64:
2d01fcb09c2c5227d182b95026eebc3e ruby-1.6.8-9.EL3.4.ia64.rpm
26821bddc91160c309bff6500b2c12f7 ruby-devel-1.6.8-9.EL3.4.ia64.rpm
4ffcd05c9a884e8cfbffdad1b06bb005 ruby-libs-1.6.8-9.EL3.4.i386.rpm
0f2b9fc0f08ab13d28fb5e54dd9a6b83 ruby-libs-1.6.8-9.EL3.4.ia64.rpm
fe09a23b04e3f1d4053600822ad65c1d ruby-mode-1.6.8-9.EL3.4.ia64.rpm

x86_64:
6fb32e9309419767b2a45e9a8c9a6bb6 ruby-1.6.8-9.EL3.4.x86_64.rpm
5fe5a710d3a842c405a1db455e587db7 ruby-devel-1.6.8-9.EL3.4.x86_64.rpm
4ffcd05c9a884e8cfbffdad1b06bb005 ruby-libs-1.6.8-9.EL3.4.i386.rpm
ffd6c60b15b2841ba3e82bb268701025 ruby-libs-1.6.8-9.EL3.4.x86_64.rpm
cc3cd910a5a5d00984e3914900d5d9af ruby-mode-1.6.8-9.EL3.4.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ruby-1.6.8-9.EL3.4.src.rpm
ba1c6edb962ce63720a6091435acf2d6 ruby-1.6.8-9.EL3.4.src.rpm

i386:
9cb6433cddfe029966e3678479690491 ruby-1.6.8-9.EL3.4.i386.rpm
7e47defcef53ddfc3d98a89e75c78f81 ruby-devel-1.6.8-9.EL3.4.i386.rpm
4ffcd05c9a884e8cfbffdad1b06bb005 ruby-libs-1.6.8-9.EL3.4.i386.rpm
4030e23dcfa7fe10a5cde734027eb3d6 ruby-mode-1.6.8-9.EL3.4.i386.rpm

ia64:
2d01fcb09c2c5227d182b95026eebc3e ruby-1.6.8-9.EL3.4.ia64.rpm
26821bddc91160c309bff6500b2c12f7 ruby-devel-1.6.8-9.EL3.4.ia64.rpm
4ffcd05c9a884e8cfbffdad1b06bb005 ruby-libs-1.6.8-9.EL3.4.i386.rpm
0f2b9fc0f08ab13d28fb5e54dd9a6b83 ruby-libs-1.6.8-9.EL3.4.ia64.rpm
fe09a23b04e3f1d4053600822ad65c1d ruby-mode-1.6.8-9.EL3.4.ia64.rpm

x86_64:
6fb32e9309419767b2a45e9a8c9a6bb6 ruby-1.6.8-9.EL3.4.x86_64.rpm
5fe5a710d3a842c405a1db455e587db7 ruby-devel-1.6.8-9.EL3.4.x86_64.rpm
4ffcd05c9a884e8cfbffdad1b06bb005 ruby-libs-1.6.8-9.EL3.4.i386.rpm
ffd6c60b15b2841ba3e82bb268701025 ruby-libs-1.6.8-9.EL3.4.x86_64.rpm
cc3cd910a5a5d00984e3914900d5d9af ruby-mode-1.6.8-9.EL3.4.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ruby-1.8.1-7.EL4.2.src.rpm
673c93e27b38e354b9e8e173937288f7 ruby-1.8.1-7.EL4.2.src.rpm

i386:
6ec9f092ed3094669b1f43e82b4a40df irb-1.8.1-7.EL4.2.i386.rpm
b1e9af2d2668ae5989115a2995e834b5 ruby-1.8.1-7.EL4.2.i386.rpm
275d26e3a6e4fc1007717dfffb3cca8b ruby-devel-1.8.1-7.EL4.2.i386.rpm
e6db944c8bbd8020a41d23f369a05aeb ruby-docs-1.8.1-7.EL4.2.i386.rpm
f9b40a658fe96d6ba7feda919c60ab5f ruby-libs-1.8.1-7.EL4.2.i386.rpm
057d421609b691efe5b0d3203a9cf883 ruby-mode-1.8.1-7.EL4.2.i386.rpm
4003f9d1d5113f0b63fd06c06fb08cc5 ruby-tcltk-1.8.1-7.EL4.2.i386.rpm

ia64:
de01d0b901cf17b57f1fc94b8490df0a irb-1.8.1-7.EL4.2.ia64.rpm
192e2eb1b1a55d4016d8bb1a93dfc890 ruby-1.8.1-7.EL4.2.ia64.rpm
4511c863b31c05c74d75996cf50cf4f3 ruby-devel-1.8.1-7.EL4.2.ia64.rpm
4058641b6d1ed4961729ed0085e058f3 ruby-docs-1.8.1-7.EL4.2.ia64.rpm
f9b40a658fe96d6ba7feda919c60ab5f ruby-libs-1.8.1-7.EL4.2.i386.rpm
a83241a836a7cfd2d474831585c30094 ruby-libs-1.8.1-7.EL4.2.ia64.rpm
e940a953cd80194eeb026364e14f071d ruby-mode-1.8.1-7.EL4.2.ia64.rpm
79d757f22b7e55a2fabcd950de1cb849 ruby-tcltk-1.8.1-7.EL4.2.ia64.rpm

ppc:
dc5356265e6dc2c07eebc58305125824 irb-1.8.1-7.EL4.2.ppc.rpm
fc4faa46e23fbce57e40c587beef1cf2 ruby-1.8.1-7.EL4.2.ppc.rpm
9117843d1ee8d6c2619e3cafda73b93d ruby-devel-1.8.1-7.EL4.2.ppc.rpm
52e5f6cb05686fc7708ec26ad0f83176 ruby-docs-1.8.1-7.EL4.2.ppc.rpm
6fe945b7e0a65661e88999e88740946f ruby-libs-1.8.1-7.EL4.2.ppc.rpm
971b2850d883df6d4c3536cc1eee01ab ruby-libs-1.8.1-7.EL4.2.ppc64.rpm
3f82d9bb7fe0887eba0502324c6a78d1 ruby-mode-1.8.1-7.EL4.2.ppc.rpm
75693ea1a2156d4cb3ec5b08c2b70a98 ruby-tcltk-1.8.1-7.EL4.2.ppc.rpm

s390:
4fe0676d53f3f31aaaae9787b813d594 irb-1.8.1-7.EL4.2.s390.rpm
72bbbc558e22c00cc8c38120574752bb ruby-1.8.1-7.EL4.2.s390.rpm
fc2195a2febc1c74e8501c447e2f785f ruby-devel-1.8.1-7.EL4.2.s390.rpm
d8073699e13d286bcf8627eef5a4a71e ruby-docs-1.8.1-7.EL4.2.s390.rpm
33f55b11c54e1b6a3ba17df31af1a1ea ruby-libs-1.8.1-7.EL4.2.s390.rpm
eee88708e3a173468b77efd0e366dced ruby-mode-1.8.1-7.EL4.2.s390.rpm
c55ebaa57529808ab4a9bd6e95f9406c ruby-tcltk-1.8.1-7.EL4.2.s390.rpm

s390x:
6ae043140c8b5b0e9c2227495abf3bd8 irb-1.8.1-7.EL4.2.s390x.rpm
7035c1dc93315c529b80f61370f3d9d8 ruby-1.8.1-7.EL4.2.s390x.rpm
eeebcbceeb5e216d7e9cc5fb10dde21f ruby-devel-1.8.1-7.EL4.2.s390x.rpm
a3215c6cf80d4ecede32778b8deff2e5 ruby-docs-1.8.1-7.EL4.2.s390x.rpm
33f55b11c54e1b6a3ba17df31af1a1ea ruby-libs-1.8.1-7.EL4.2.s390.rpm
b76da181aefba027bf7663d79180784c ruby-libs-1.8.1-7.EL4.2.s390x.rpm
271d78e5468e8d584d51a059510585ab ruby-mode-1.8.1-7.EL4.2.s390x.rpm
50481c061d1de4c90ffea0be0e755df9 ruby-tcltk-1.8.1-7.EL4.2.s390x.rpm

x86_64:
d90051ede9a3519dd4829b8e4c4e569f irb-1.8.1-7.EL4.2.x86_64.rpm
d1dba9746515b89c13e7a6853325ff88 ruby-1.8.1-7.EL4.2.x86_64.rpm
148ec3cbc5268fe5c3790050131b925a ruby-devel-1.8.1-7.EL4.2.x86_64.rpm
24257acaca983be34ddc3496b46046c7 ruby-docs-1.8.1-7.EL4.2.x86_64.rpm
f9b40a658fe96d6ba7feda919c60ab5f ruby-libs-1.8.1-7.EL4.2.i386.rpm
3eede611d89ab5a7a68b07b39f59f31b ruby-libs-1.8.1-7.EL4.2.x86_64.rpm
78da918cd444371a73b0d855c7b01568 ruby-mode-1.8.1-7.EL4.2.x86_64.rpm
de1fbccdb90a01c5b00433d44fd594f7 ruby-tcltk-1.8.1-7.EL4.2.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ruby-1.8.1-7.EL4.2.src.rpm
673c93e27b38e354b9e8e173937288f7 ruby-1.8.1-7.EL4.2.src.rpm

i386:
6ec9f092ed3094669b1f43e82b4a40df irb-1.8.1-7.EL4.2.i386.rpm
b1e9af2d2668ae5989115a2995e834b5 ruby-1.8.1-7.EL4.2.i386.rpm
275d26e3a6e4fc1007717dfffb3cca8b ruby-devel-1.8.1-7.EL4.2.i386.rpm
e6db944c8bbd8020a41d23f369a05aeb ruby-docs-1.8.1-7.EL4.2.i386.rpm
f9b40a658fe96d6ba7feda919c60ab5f ruby-libs-1.8.1-7.EL4.2.i386.rpm
057d421609b691efe5b0d3203a9cf883 ruby-mode-1.8.1-7.EL4.2.i386.rpm
4003f9d1d5113f0b63fd06c06fb08cc5 ruby-tcltk-1.8.1-7.EL4.2.i386.rpm

x86_64:
d90051ede9a3519dd4829b8e4c4e569f irb-1.8.1-7.EL4.2.x86_64.rpm
d1dba9746515b89c13e7a6853325ff88 ruby-1.8.1-7.EL4.2.x86_64.rpm
148ec3cbc5268fe5c3790050131b925a ruby-devel-1.8.1-7.EL4.2.x86_64.rpm
24257acaca983be34ddc3496b46046c7 ruby-docs-1.8.1-7.EL4.2.x86_64.rpm
f9b40a658fe96d6ba7feda919c60ab5f ruby-libs-1.8.1-7.EL4.2.i386.rpm
3eede611d89ab5a7a68b07b39f59f31b ruby-libs-1.8.1-7.EL4.2.x86_64.rpm
78da918cd444371a73b0d855c7b01568 ruby-mode-1.8.1-7.EL4.2.x86_64.rpm
de1fbccdb90a01c5b00433d44fd594f7 ruby-tcltk-1.8.1-7.EL4.2.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ruby-1.8.1-7.EL4.2.src.rpm
673c93e27b38e354b9e8e173937288f7 ruby-1.8.1-7.EL4.2.src.rpm

i386:
6ec9f092ed3094669b1f43e82b4a40df irb-1.8.1-7.EL4.2.i386.rpm
b1e9af2d2668ae5989115a2995e834b5 ruby-1.8.1-7.EL4.2.i386.rpm
275d26e3a6e4fc1007717dfffb3cca8b ruby-devel-1.8.1-7.EL4.2.i386.rpm
e6db944c8bbd8020a41d23f369a05aeb ruby-docs-1.8.1-7.EL4.2.i386.rpm
f9b40a658fe96d6ba7feda919c60ab5f ruby-libs-1.8.1-7.EL4.2.i386.rpm
057d421609b691efe5b0d3203a9cf883 ruby-mode-1.8.1-7.EL4.2.i386.rpm
4003f9d1d5113f0b63fd06c06fb08cc5 ruby-tcltk-1.8.1-7.EL4.2.i386.rpm

ia64:
de01d0b901cf17b57f1fc94b8490df0a irb-1.8.1-7.EL4.2.ia64.rpm
192e2eb1b1a55d4016d8bb1a93dfc890 ruby-1.8.1-7.EL4.2.ia64.rpm
4511c863b31c05c74d75996cf50cf4f3 ruby-devel-1.8.1-7.EL4.2.ia64.rpm
4058641b6d1ed4961729ed0085e058f3 ruby-docs-1.8.1-7.EL4.2.ia64.rpm
f9b40a658fe96d6ba7feda919c60ab5f ruby-libs-1.8.1-7.EL4.2.i386.rpm
a83241a836a7cfd2d474831585c30094 ruby-libs-1.8.1-7.EL4.2.ia64.rpm
e940a953cd80194eeb026364e14f071d ruby-mode-1.8.1-7.EL4.2.ia64.rpm
79d757f22b7e55a2fabcd950de1cb849 ruby-tcltk-1.8.1-7.EL4.2.ia64.rpm

x86_64:
d90051ede9a3519dd4829b8e4c4e569f irb-1.8.1-7.EL4.2.x86_64.rpm
d1dba9746515b89c13e7a6853325ff88 ruby-1.8.1-7.EL4.2.x86_64.rpm
148ec3cbc5268fe5c3790050131b925a ruby-devel-1.8.1-7.EL4.2.x86_64.rpm
24257acaca983be34ddc3496b46046c7 ruby-docs-1.8.1-7.EL4.2.x86_64.rpm
f9b40a658fe96d6ba7feda919c60ab5f ruby-libs-1.8.1-7.EL4.2.i386.rpm
3eede611d89ab5a7a68b07b39f59f31b ruby-libs-1.8.1-7.EL4.2.x86_64.rpm
78da918cd444371a73b0d855c7b01568 ruby-mode-1.8.1-7.EL4.2.x86_64.rpm
de1fbccdb90a01c5b00433d44fd594f7 ruby-tcltk-1.8.1-7.EL4.2.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ruby-1.8.1-7.EL4.2.src.rpm
673c93e27b38e354b9e8e173937288f7 ruby-1.8.1-7.EL4.2.src.rpm

i386:
6ec9f092ed3094669b1f43e82b4a40df irb-1.8.1-7.EL4.2.i386.rpm
b1e9af2d2668ae5989115a2995e834b5 ruby-1.8.1-7.EL4.2.i386.rpm
275d26e3a6e4fc1007717dfffb3cca8b ruby-devel-1.8.1-7.EL4.2.i386.rpm
e6db944c8bbd8020a41d23f369a05aeb ruby-docs-1.8.1-7.EL4.2.i386.rpm
f9b40a658fe96d6ba7feda919c60ab5f ruby-libs-1.8.1-7.EL4.2.i386.rpm
057d421609b691efe5b0d3203a9cf883 ruby-mode-1.8.1-7.EL4.2.i386.rpm
4003f9d1d5113f0b63fd06c06fb08cc5 ruby-tcltk-1.8.1-7.EL4.2.i386.rpm

ia64:
de01d0b901cf17b57f1fc94b8490df0a irb-1.8.1-7.EL4.2.ia64.rpm
192e2eb1b1a55d4016d8bb1a93dfc890 ruby-1.8.1-7.EL4.2.ia64.rpm
4511c863b31c05c74d75996cf50cf4f3 ruby-devel-1.8.1-7.EL4.2.ia64.rpm
4058641b6d1ed4961729ed0085e058f3 ruby-docs-1.8.1-7.EL4.2.ia64.rpm
f9b40a658fe96d6ba7feda919c60ab5f ruby-libs-1.8.1-7.EL4.2.i386.rpm
a83241a836a7cfd2d474831585c30094 ruby-libs-1.8.1-7.EL4.2.ia64.rpm
e940a953cd80194eeb026364e14f071d ruby-mode-1.8.1-7.EL4.2.ia64.rpm
79d757f22b7e55a2fabcd950de1cb849 ruby-tcltk-1.8.1-7.EL4.2.ia64.rpm

x86_64:
d90051ede9a3519dd4829b8e4c4e569f irb-1.8.1-7.EL4.2.x86_64.rpm
d1dba9746515b89c13e7a6853325ff88 ruby-1.8.1-7.EL4.2.x86_64.rpm
148ec3cbc5268fe5c3790050131b925a ruby-devel-1.8.1-7.EL4.2.x86_64.rpm
24257acaca983be34ddc3496b46046c7 ruby-docs-1.8.1-7.EL4.2.x86_64.rpm
f9b40a658fe96d6ba7feda919c60ab5f ruby-libs-1.8.1-7.EL4.2.i386.rpm
3eede611d89ab5a7a68b07b39f59f31b ruby-libs-1.8.1-7.EL4.2.x86_64.rpm
78da918cd444371a73b0d855c7b01568 ruby-mode-1.8.1-7.EL4.2.x86_64.rpm
de1fbccdb90a01c5b00433d44fd594f7 ruby-tcltk-1.8.1-7.EL4.2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2337

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

Red Hat Security Advisory

Synopsis: Moderate: openssl security update
Advisory ID: RHSA-2005:800-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-800.html
Issue date: 2005-10-11
Updated on: 2005-10-11
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-2969 CAN-2005-0109

1. Summary:

Updated OpenSSL packages that fix various security issues are now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. This work-around is enabled in most servers that use OpenSSL to provide support for SSL and TLS. Yutaka Oiwa discovered that this work-around could allow an attacker, acting as a "man in the middle" to force an SSL connection to use SSL 2.0 rather than a stronger protocol such as SSL 3.0 or TLS 1.0. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-2969 to this issue.

A bug was also fixed in the way OpenSSL creates DSA signatures. A cache timing attack was fixed in RHSA-2005-476 which caused OpenSSL to do private key calculations with a fixed time window. The DSA fix for this was not complete and the calculations are not always performed within a fixed-window. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-0109 to this issue.

Users are advised to upgrade to these updated packages, which remove the MISE 3.0.2 work-around and contain patches to correct these issues.

Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

169863 - CAN-2005-2969 Potential SSL 2.0 Rollback
170036 - CAN-2005-0109 DSA signing not quite constant time

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openssl-0.9.6b-40.src.rpm
d748ded27f74e62bbbeb534d7e8c57a6 openssl-0.9.6b-40.src.rpm

ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openssl095a-0.9.5a-26.src.rpm
a7cbf626fdd543cdde496b7c1bd90deb openssl095a-0.9.5a-26.src.rpm

ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openssl096-0.9.6-27.src.rpm
a22723bc1cebefaf0bf1732db1b6993a openssl096-0.9.6-27.src.rpm

i386:
7598a76054596595dbf8a27704cfe443 openssl-0.9.6b-40.i386.rpm
7b87e812c7525fff5359c447af9bff31 openssl-0.9.6b-40.i686.rpm
cc868bc2eecbd4c868d350e9f0b75bca openssl-devel-0.9.6b-40.i386.rpm
c15fb21ea44810c6199574a083c1ff28 openssl-perl-0.9.6b-40.i386.rpm
f2627de5b33f88fe10a45e48c795f238 openssl095a-0.9.5a-26.i386.rpm
3d7007cd5d63c3be7edb16c65fb016bb openssl096-0.9.6-27.i386.rpm

ia64:
15f6e57309e119e11e902408f9e555ac openssl-0.9.6b-40.ia64.rpm
6af1c3bedd8aa0457a78cb250fe4efab openssl-devel-0.9.6b-40.ia64.rpm
7a23a73d58531a0cacabd83e10c5fc28 openssl-perl-0.9.6b-40.ia64.rpm
2d7b85a090d85e26c4965bc96827d716 openssl095a-0.9.5a-26.ia64.rpm
1b838b7f6891028d30dbeb9550d02cc9 openssl096-0.9.6-27.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openssl-0.9.6b-40.src.rpm
d748ded27f74e62bbbeb534d7e8c57a6 openssl-0.9.6b-40.src.rpm

ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openssl095a-0.9.5a-26.src.rpm
a7cbf626fdd543cdde496b7c1bd90deb openssl095a-0.9.5a-26.src.rpm

ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openssl096-0.9.6-27.src.rpm
a22723bc1cebefaf0bf1732db1b6993a openssl096-0.9.6-27.src.rpm

ia64:
15f6e57309e119e11e902408f9e555ac openssl-0.9.6b-40.ia64.rpm
6af1c3bedd8aa0457a78cb250fe4efab openssl-devel-0.9.6b-40.ia64.rpm
7a23a73d58531a0cacabd83e10c5fc28 openssl-perl-0.9.6b-40.ia64.rpm
2d7b85a090d85e26c4965bc96827d716 openssl095a-0.9.5a-26.ia64.rpm
1b838b7f6891028d30dbeb9550d02cc9 openssl096-0.9.6-27.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/openssl-0.9.6b-40.src.rpm
d748ded27f74e62bbbeb534d7e8c57a6 openssl-0.9.6b-40.src.rpm

i386:
7598a76054596595dbf8a27704cfe443 openssl-0.9.6b-40.i386.rpm
7b87e812c7525fff5359c447af9bff31 openssl-0.9.6b-40.i686.rpm
cc868bc2eecbd4c868d350e9f0b75bca openssl-devel-0.9.6b-40.i386.rpm
c15fb21ea44810c6199574a083c1ff28 openssl-perl-0.9.6b-40.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/openssl-0.9.6b-40.src.rpm
d748ded27f74e62bbbeb534d7e8c57a6 openssl-0.9.6b-40.src.rpm

i386:
7598a76054596595dbf8a27704cfe443 openssl-0.9.6b-40.i386.rpm
7b87e812c7525fff5359c447af9bff31 openssl-0.9.6b-40.i686.rpm
cc868bc2eecbd4c868d350e9f0b75bca openssl-devel-0.9.6b-40.i386.rpm
c15fb21ea44810c6199574a083c1ff28 openssl-perl-0.9.6b-40.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssl-0.9.7a-33.17.src.rpm
354b6fe6f3f7c554e214705476f5fd6b openssl-0.9.7a-33.17.src.rpm

ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssl096b-0.9.6b-16.22.4.src.rpm
51050db4274f8cf2c23e83b9f920823c openssl096b-0.9.6b-16.22.4.src.rpm

i386:
19ef2fd3daf3a64ef387d829e02fa13d openssl-0.9.7a-33.17.i386.rpm
c52ed50d9e3fa7f83524095e874761e2 openssl-0.9.7a-33.17.i686.rpm
b67de10b4d936e6c6e15842669891dd5 openssl-devel-0.9.7a-33.17.i386.rpm
e62d8bb92888a355c7568d981b52a00c openssl-perl-0.9.7a-33.17.i386.rpm
06e626b195f69b935eb47c19389b3cc5 openssl096b-0.9.6b-16.22.4.i386.rpm

ia64:
c52ed50d9e3fa7f83524095e874761e2 openssl-0.9.7a-33.17.i686.rpm
63367058530617620126aa655e1c564d openssl-0.9.7a-33.17.ia64.rpm
5e316e5cc36068ee8afe9bfa95f61a15 openssl-devel-0.9.7a-33.17.ia64.rpm
e44fe78a64bcbe2511c523bf1ab78011 openssl-perl-0.9.7a-33.17.ia64.rpm
06e626b195f69b935eb47c19389b3cc5 openssl096b-0.9.6b-16.22.4.i386.rpm
fae0e7644a317001f0ac387213f77f87 openssl096b-0.9.6b-16.22.4.ia64.rpm

ppc:
3af4d96fa3ee2b80ba5e2854a5131a80 openssl-0.9.7a-33.17.ppc.rpm
79b90e9978aea6fb3f4e46facdb17fb7 openssl-0.9.7a-33.17.ppc64.rpm
863b56d4fd9ad3bb665dc47db79b908b openssl-devel-0.9.7a-33.17.ppc.rpm
4bb33e19267f259dc942cae30f362693 openssl-perl-0.9.7a-33.17.ppc.rpm
6760f451c6117d996d481bec58cb61ad openssl096b-0.9.6b-16.22.4.ppc.rpm

s390:
dcc3b6bc8db4e2b1108bf3f1b10fc67b openssl-0.9.7a-33.17.s390.rpm
43ad0817ff7ca0daec654d117ee9960e openssl-devel-0.9.7a-33.17.s390.rpm
d9fd01ad2432de59efa1c1c45dd66a83 openssl-perl-0.9.7a-33.17.s390.rpm
273e02eb3c9a6d6a1be07ffaf1890ac1 openssl096b-0.9.6b-16.22.4.s390.rpm

s390x:
dcc3b6bc8db4e2b1108bf3f1b10fc67b openssl-0.9.7a-33.17.s390.rpm
bb9a77d45b3ae89c999766ae27f89bdb openssl-0.9.7a-33.17.s390x.rpm
4b4a898eeaa57b501bca9cfd648565d1 openssl-devel-0.9.7a-33.17.s390x.rpm
430c0f982d0046b35fedbcd28ef5ee85 openssl-perl-0.9.7a-33.17.s390x.rpm
273e02eb3c9a6d6a1be07ffaf1890ac1 openssl096b-0.9.6b-16.22.4.s390.rpm

x86_64:
c52ed50d9e3fa7f83524095e874761e2 openssl-0.9.7a-33.17.i686.rpm
f9ed153d791467b2d483c9720bb0691c openssl-0.9.7a-33.17.x86_64.rpm
f83a7b2ebbf6521cda11eb9f289c5be2 openssl-devel-0.9.7a-33.17.x86_64.rpm
35be124181254ab736220873b93ef435 openssl-perl-0.9.7a-33.17.x86_64.rpm
06e626b195f69b935eb47c19389b3cc5 openssl096b-0.9.6b-16.22.4.i386.rpm
8ef52be550794612982f48dc44a75164 openssl096b-0.9.6b-16.22.4.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openssl-0.9.7a-33.17.src.rpm
354b6fe6f3f7c554e214705476f5fd6b openssl-0.9.7a-33.17.src.rpm

ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openssl096b-0.9.6b-16.22.4.src.rpm
51050db4274f8cf2c23e83b9f920823c openssl096b-0.9.6b-16.22.4.src.rpm

i386:
19ef2fd3daf3a64ef387d829e02fa13d openssl-0.9.7a-33.17.i386.rpm
c52ed50d9e3fa7f83524095e874761e2 openssl-0.9.7a-33.17.i686.rpm
b67de10b4d936e6c6e15842669891dd5 openssl-devel-0.9.7a-33.17.i386.rpm
e62d8bb92888a355c7568d981b52a00c openssl-perl-0.9.7a-33.17.i386.rpm
06e626b195f69b935eb47c19389b3cc5 openssl096b-0.9.6b-16.22.4.i386.rpm

x86_64:
c52ed50d9e3fa7f83524095e874761e2 openssl-0.9.7a-33.17.i686.rpm
f9ed153d791467b2d483c9720bb0691c openssl-0.9.7a-33.17.x86_64.rpm
f83a7b2ebbf6521cda11eb9f289c5be2 openssl-devel-0.9.7a-33.17.x86_64.rpm
35be124181254ab736220873b93ef435 openssl-perl-0.9.7a-33.17.x86_64.rpm
06e626b195f69b935eb47c19389b3cc5 openssl096b-0.9.6b-16.22.4.i386.rpm
8ef52be550794612982f48dc44a75164 openssl096b-0.9.6b-16.22.4.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssl-0.9.7a-33.17.src.rpm
354b6fe6f3f7c554e214705476f5fd6b openssl-0.9.7a-33.17.src.rpm

ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssl096b-0.9.6b-16.22.4.src.rpm
51050db4274f8cf2c23e83b9f920823c openssl096b-0.9.6b-16.22.4.src.rpm

i386:
19ef2fd3daf3a64ef387d829e02fa13d openssl-0.9.7a-33.17.i386.rpm
c52ed50d9e3fa7f83524095e874761e2 openssl-0.9.7a-33.17.i686.rpm
b67de10b4d936e6c6e15842669891dd5 openssl-devel-0.9.7a-33.17.i386.rpm
e62d8bb92888a355c7568d981b52a00c openssl-perl-0.9.7a-33.17.i386.rpm
06e626b195f69b935eb47c19389b3cc5 openssl096b-0.9.6b-16.22.4.i386.rpm

ia64:
c52ed50d9e3fa7f83524095e874761e2 openssl-0.9.7a-33.17.i686.rpm
63367058530617620126aa655e1c564d openssl-0.9.7a-33.17.ia64.rpm
5e316e5cc36068ee8afe9bfa95f61a15 openssl-devel-0.9.7a-33.17.ia64.rpm
e44fe78a64bcbe2511c523bf1ab78011 openssl-perl-0.9.7a-33.17.ia64.rpm
06e626b195f69b935eb47c19389b3cc5 openssl096b-0.9.6b-16.22.4.i386.rpm
fae0e7644a317001f0ac387213f77f87 openssl096b-0.9.6b-16.22.4.ia64.rpm

x86_64:
c52ed50d9e3fa7f83524095e874761e2 openssl-0.9.7a-33.17.i686.rpm
f9ed153d791467b2d483c9720bb0691c openssl-0.9.7a-33.17.x86_64.rpm
f83a7b2ebbf6521cda11eb9f289c5be2 openssl-devel-0.9.7a-33.17.x86_64.rpm
35be124181254ab736220873b93ef435 openssl-perl-0.9.7a-33.17.x86_64.rpm
06e626b195f69b935eb47c19389b3cc5 openssl096b-0.9.6b-16.22.4.i386.rpm
8ef52be550794612982f48dc44a75164 openssl096b-0.9.6b-16.22.4.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssl-0.9.7a-33.17.src.rpm
354b6fe6f3f7c554e214705476f5fd6b openssl-0.9.7a-33.17.src.rpm

ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssl096b-0.9.6b-16.22.4.src.rpm
51050db4274f8cf2c23e83b9f920823c openssl096b-0.9.6b-16.22.4.src.rpm

i386:
19ef2fd3daf3a64ef387d829e02fa13d openssl-0.9.7a-33.17.i386.rpm
c52ed50d9e3fa7f83524095e874761e2 openssl-0.9.7a-33.17.i686.rpm
b67de10b4d936e6c6e15842669891dd5 openssl-devel-0.9.7a-33.17.i386.rpm
e62d8bb92888a355c7568d981b52a00c openssl-perl-0.9.7a-33.17.i386.rpm
06e626b195f69b935eb47c19389b3cc5 openssl096b-0.9.6b-16.22.4.i386.rpm

ia64:
c52ed50d9e3fa7f83524095e874761e2 openssl-0.9.7a-33.17.i686.rpm
63367058530617620126aa655e1c564d openssl-0.9.7a-33.17.ia64.rpm
5e316e5cc36068ee8afe9bfa95f61a15 openssl-devel-0.9.7a-33.17.ia64.rpm
e44fe78a64bcbe2511c523bf1ab78011 openssl-perl-0.9.7a-33.17.ia64.rpm
06e626b195f69b935eb47c19389b3cc5 openssl096b-0.9.6b-16.22.4.i386.rpm
fae0e7644a317001f0ac387213f77f87 openssl096b-0.9.6b-16.22.4.ia64.rpm

x86_64:
c52ed50d9e3fa7f83524095e874761e2 openssl-0.9.7a-33.17.i686.rpm
f9ed153d791467b2d483c9720bb0691c openssl-0.9.7a-33.17.x86_64.rpm
f83a7b2ebbf6521cda11eb9f289c5be2 openssl-devel-0.9.7a-33.17.x86_64.rpm
35be124181254ab736220873b93ef435 openssl-perl-0.9.7a-33.17.x86_64.rpm
06e626b195f69b935eb47c19389b3cc5 openssl096b-0.9.6b-16.22.4.i386.rpm
8ef52be550794612982f48dc44a75164 openssl096b-0.9.6b-16.22.4.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openssl-0.9.7a-43.4.src.rpm
41053d76c1b7ca3e9f39e0a72f9e5516 openssl-0.9.7a-43.4.src.rpm

ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openssl096b-0.9.6b-22.4.src.rpm
fd850ca74d4c62cd275df9d1faf1a0bc openssl096b-0.9.6b-22.4.src.rpm

i386:
078d5f370a0865e4ff89587e1e4a70e6 openssl-0.9.7a-43.4.i386.rpm
24e284285b1475fe404e187c5c71d85e openssl-0.9.7a-43.4.i686.rpm
8c82fce2ae4a899050a7c482d083fe26 openssl-devel-0.9.7a-43.4.i386.rpm
152c3c792f99930617b7415c0e44cee9 openssl-perl-0.9.7a-43.4.i386.rpm
b8fefe05d31388429660d34b30a6b63f openssl096b-0.9.6b-22.4.i386.rpm

ia64:
24e284285b1475fe404e187c5c71d85e openssl-0.9.7a-43.4.i686.rpm
d62851760f66f1243c6261952588d14b openssl-0.9.7a-43.4.ia64.rpm
c14121a3f8923eb5c45b56e2aaf300bb openssl-devel-0.9.7a-43.4.ia64.rpm
dc18361ff72e8d6bf1d900e68a1be977 openssl-perl-0.9.7a-43.4.ia64.rpm
b8fefe05d31388429660d34b30a6b63f openssl096b-0.9.6b-22.4.i386.rpm
904defad4950d4be4a5440a56e93d9d3 openssl096b-0.9.6b-22.4.ia64.rpm

ppc:
3b8d4cbce1b67efd6c2cbe3aa3365858 openssl-0.9.7a-43.4.ppc.rpm
bdf81b9f8225b1a66d0d15bfe74ed7fa openssl-0.9.7a-43.4.ppc64.rpm
5d9f79d875b7d91d74b1ec0c134b231f openssl-devel-0.9.7a-43.4.ppc.rpm
83afc96da53b50e2cbde2595b3b68a99 openssl-perl-0.9.7a-43.4.ppc.rpm
5150cc49279a92100bc9f1e06c8ecebb openssl096b-0.9.6b-22.4.ppc.rpm

s390:
f5795878194436f60e96b6ce513b9b30 openssl-0.9.7a-43.4.s390.rpm
22cf17b11d3a044df2887eab133428f9 openssl-devel-0.9.7a-43.4.s390.rpm
745e5b912ecb0ae9702e278adcfae75e openssl-perl-0.9.7a-43.4.s390.rpm
34dc34a9c4ab3190b36c48d730a58cc7 openssl096b-0.9.6b-22.4.s390.rpm

s390x:
f5795878194436f60e96b6ce513b9b30 openssl-0.9.7a-43.4.s390.rpm
690dc17cd3c1d6dca7dc80dfea81ee7e openssl-0.9.7a-43.4.s390x.rpm
e6ba82c77b1c88b440db92608ca612ac openssl-devel-0.9.7a-43.4.s390x.rpm
185ba8108fc9e4b6fa95757b906e29bb openssl-perl-0.9.7a-43.4.s390x.rpm
34dc34a9c4ab3190b36c48d730a58cc7 openssl096b-0.9.6b-22.4.s390.rpm

x86_64:
24e284285b1475fe404e187c5c71d85e openssl-0.9.7a-43.4.i686.rpm
d5b71525c2dbc6061ef1a92257d1002f openssl-0.9.7a-43.4.x86_64.rpm
6d6ad93bc9a5e4ee479c9680369cb520 openssl-devel-0.9.7a-43.4.x86_64.rpm
3ddd6acb3032f402308e7aa7881b6100 openssl-perl-0.9.7a-43.4.x86_64.rpm
b8fefe05d31388429660d34b30a6b63f openssl096b-0.9.6b-22.4.i386.rpm
8e87576bd717ea310051520aec474bcd openssl096b-0.9.6b-22.4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openssl-0.9.7a-43.4.src.rpm
41053d76c1b7ca3e9f39e0a72f9e5516 openssl-0.9.7a-43.4.src.rpm

ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openssl096b-0.9.6b-22.4.src.rpm
fd850ca74d4c62cd275df9d1faf1a0bc openssl096b-0.9.6b-22.4.src.rpm

i386:
078d5f370a0865e4ff89587e1e4a70e6 openssl-0.9.7a-43.4.i386.rpm
24e284285b1475fe404e187c5c71d85e openssl-0.9.7a-43.4.i686.rpm
8c82fce2ae4a899050a7c482d083fe26 openssl-devel-0.9.7a-43.4.i386.rpm
152c3c792f99930617b7415c0e44cee9 openssl-perl-0.9.7a-43.4.i386.rpm
b8fefe05d31388429660d34b30a6b63f openssl096b-0.9.6b-22.4.i386.rpm

x86_64:
24e284285b1475fe404e187c5c71d85e openssl-0.9.7a-43.4.i686.rpm
d5b71525c2dbc6061ef1a92257d1002f openssl-0.9.7a-43.4.x86_64.rpm
6d6ad93bc9a5e4ee479c9680369cb520 openssl-devel-0.9.7a-43.4.x86_64.rpm
3ddd6acb3032f402308e7aa7881b6100 openssl-perl-0.9.7a-43.4.x86_64.rpm
b8fefe05d31388429660d34b30a6b63f openssl096b-0.9.6b-22.4.i386.rpm
8e87576bd717ea310051520aec474bcd openssl096b-0.9.6b-22.4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openssl-0.9.7a-43.4.src.rpm
41053d76c1b7ca3e9f39e0a72f9e5516 openssl-0.9.7a-43.4.src.rpm

ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openssl096b-0.9.6b-22.4.src.rpm
fd850ca74d4c62cd275df9d1faf1a0bc openssl096b-0.9.6b-22.4.src.rpm

i386:
078d5f370a0865e4ff89587e1e4a70e6 openssl-0.9.7a-43.4.i386.rpm
24e284285b1475fe404e187c5c71d85e openssl-0.9.7a-43.4.i686.rpm
8c82fce2ae4a899050a7c482d083fe26 openssl-devel-0.9.7a-43.4.i386.rpm
152c3c792f99930617b7415c0e44cee9 openssl-perl-0.9.7a-43.4.i386.rpm
b8fefe05d31388429660d34b30a6b63f openssl096b-0.9.6b-22.4.i386.rpm

ia64:
24e284285b1475fe404e187c5c71d85e openssl-0.9.7a-43.4.i686.rpm
d62851760f66f1243c6261952588d14b openssl-0.9.7a-43.4.ia64.rpm
c14121a3f8923eb5c45b56e2aaf300bb openssl-devel-0.9.7a-43.4.ia64.rpm
dc18361ff72e8d6bf1d900e68a1be977 openssl-perl-0.9.7a-43.4.ia64.rpm
b8fefe05d31388429660d34b30a6b63f openssl096b-0.9.6b-22.4.i386.rpm
904defad4950d4be4a5440a56e93d9d3 openssl096b-0.9.6b-22.4.ia64.rpm

x86_64:
24e284285b1475fe404e187c5c71d85e openssl-0.9.7a-43.4.i686.rpm
d5b71525c2dbc6061ef1a92257d1002f openssl-0.9.7a-43.4.x86_64.rpm
6d6ad93bc9a5e4ee479c9680369cb520 openssl-devel-0.9.7a-43.4.x86_64.rpm
3ddd6acb3032f402308e7aa7881b6100 openssl-perl-0.9.7a-43.4.x86_64.rpm
b8fefe05d31388429660d34b30a6b63f openssl096b-0.9.6b-22.4.i386.rpm
8e87576bd717ea310051520aec474bcd openssl096b-0.9.6b-22.4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openssl-0.9.7a-43.4.src.rpm
41053d76c1b7ca3e9f39e0a72f9e5516 openssl-0.9.7a-43.4.src.rpm

ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openssl096b-0.9.6b-22.4.src.rpm
fd850ca74d4c62cd275df9d1faf1a0bc openssl096b-0.9.6b-22.4.src.rpm

i386:
078d5f370a0865e4ff89587e1e4a70e6 openssl-0.9.7a-43.4.i386.rpm
24e284285b1475fe404e187c5c71d85e openssl-0.9.7a-43.4.i686.rpm
8c82fce2ae4a899050a7c482d083fe26 openssl-devel-0.9.7a-43.4.i386.rpm
152c3c792f99930617b7415c0e44cee9 openssl-perl-0.9.7a-43.4.i386.rpm
b8fefe05d31388429660d34b30a6b63f openssl096b-0.9.6b-22.4.i386.rpm

ia64:
24e284285b1475fe404e187c5c71d85e openssl-0.9.7a-43.4.i686.rpm
d62851760f66f1243c6261952588d14b openssl-0.9.7a-43.4.ia64.rpm
c14121a3f8923eb5c45b56e2aaf300bb openssl-devel-0.9.7a-43.4.ia64.rpm
dc18361ff72e8d6bf1d900e68a1be977 openssl-perl-0.9.7a-43.4.ia64.rpm
b8fefe05d31388429660d34b30a6b63f openssl096b-0.9.6b-22.4.i386.rpm
904defad4950d4be4a5440a56e93d9d3 openssl096b-0.9.6b-22.4.ia64.rpm

x86_64:
24e284285b1475fe404e187c5c71d85e openssl-0.9.7a-43.4.i686.rpm
d5b71525c2dbc6061ef1a92257d1002f openssl-0.9.7a-43.4.x86_64.rpm
6d6ad93bc9a5e4ee479c9680369cb520 openssl-devel-0.9.7a-43.4.x86_64.rpm
3ddd6acb3032f402308e7aa7881b6100 openssl-perl-0.9.7a-43.4.x86_64.rpm
b8fefe05d31388429660d34b30a6b63f openssl096b-0.9.6b-22.4.i386.rpm
8e87576bd717ea310051520aec474bcd openssl096b-0.9.6b-22.4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2969
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0109

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.



No talkbacks posted.
  Home | Search Talkbacks | Customize View    Top of Page  



Enter your comments below:

* Your Name:

* Your Email Address:

* Subject:

CC: [will also send this talkback to an E-Mail address]

* Comments:

Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content.

Fields marked with * are required!

..............................




All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux, Apache and PHP