Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections: Developer - High Performance - Infrastructure - IT Management - Security - Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs

Partner Sites
JustLinux.com
Linux Planet
PHPBuilder
Technology Jobs

Top White Papers

Current Newswire:

More on LinuxToday

Applications Management Engineer Sr (NYC)
Next Step Systems
US-NY-New York

Justtechjobs.com Post A Job | Post A Resume

Advisories, February 27, 2007

Feb 28, 2007, 04:45 (0 Talkback[s])

Fedora Core

Fedora Update Notification
FEDORA-2007-256
2007-02-27

Product : Fedora Core 6
Name : gnucash
Version : 2.0.5
Release : 1.fc6
Summary : GnuCash is an application to keep track of your finances

Description :
GnuCash is a personal finance manager. A check-book like register GUI allows you to enter and track bank accounts, stocks, income and even currency trades. The interface is designed to be simple and easy to use, but is backed with double-entry accounting principles to ensure balanced books.

Update Information:

This updates GnuCash to version 2.0.5, the latest upstream release.

Major changes in this release include:

  • Fix some strings not being translated.
  • Use guiles native sort and record.
  • Adjust how payment dialog resizes.
  • Don't abort when F::Q fails to return a quote.
  • Change Russian Ruble from RUR to RUB.
  • Fix security problem with tmp filesystem and symlink attack. (CVE-2007-0007)
  • Add French and Canadian French translation updates.
  • Do not crash on delete_event in new user dialog.
  • Add sanity checks when accessing GncPluginPage.
  • Make new windows the same size as the active one.
  • The New Turkish Lira changed from TRL to TRY in 2005.

Thanks to Sami Farin for uncovering the /tmp file issue.

  • Mon Feb 19 2007 Bill Nottingham <notting@redhat.com>
    • 2.0.5-1
    • update to 2.0.5
    • fixes: CVE-2007-0007
This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

77ec9e1e248b6550ec119908810ffee47be86cf2 SRPMS/gnucash-2.0.5-1.fc6.src.rpm
77ec9e1e248b6550ec119908810ffee47be86cf2 noarch/gnucash-2.0.5-1.fc6.src.rpm
a351bf97bdccd34710a84e78a4400274f0cea8d8 ppc/debug/gnucash-debuginfo-2.0.5-1.fc6.ppc.rpm
f57bda11cb16ec32efb4387037fb8f551dc37ad4 ppc/gnucash-2.0.5-1.fc6.ppc.rpm
c4317785a92c1d2cf53f220c57a9fe82e64e28e2 x86_64/debug/gnucash-debuginfo-2.0.5-1.fc6.x86_64.rpm
8bcc378fb1760b3c16288613871c029fd91216df x86_64/gnucash-2.0.5-1.fc6.x86_64.rpm
e9ad43bff3a7d4af8ec32c506ed08541cd613e1b i386/gnucash-2.0.5-1.fc6.i386.rpm
943d9d94ccf0188988a1bda42c8d1e9229d83b06 i386/debug/gnucash-debuginfo-2.0.5-1.fc6.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.

Fedora Update Notification
FEDORA-2007-293
2007-02-27

Product : Fedora Core 6
Name : firefox
Version : 1.5.0.10
Release : 1.fc6
Summary : Mozilla Firefox Web browser.

Description :
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability.

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

81db3c1dd7816c4b1f81568eca6f711a37966746 SRPMS/firefox-1.5.0.10-1.fc6.src.rpm
81db3c1dd7816c4b1f81568eca6f711a37966746 noarch/firefox-1.5.0.10-1.fc6.src.rpm
a7e31e1ca02745429f11bb74b0db98e0e3270023 ppc/firefox-1.5.0.10-1.fc6.ppc.rpm
fde97955ffc5a75a2750ff1661908d91a1fcc35c ppc/debug/firefox-debuginfo-1.5.0.10-1.fc6.ppc.rpm
6335d97cf508c00e1bae997151b6c122c20bcd4d ppc/firefox-devel-1.5.0.10-1.fc6.ppc.rpm
13a3480928f653f107463e00b92d23be9add5f5f x86_64/debug/firefox-debuginfo-1.5.0.10-1.fc6.x86_64.rpm
f17735ee9247a0e735c47bd327972da14b78749c x86_64/firefox-devel-1.5.0.10-1.fc6.x86_64.rpm
a78c150f2b56b3faed9eb82803dc77abbe182c39 x86_64/firefox-1.5.0.10-1.fc6.x86_64.rpm
10478fed331e2e1fc31aee0c8054dd38ea189955 i386/debug/firefox-debuginfo-1.5.0.10-1.fc6.i386.rpm
0872abb77bccc7805b395f1bebd9914a8fc6b4c3 i386/firefox-devel-1.5.0.10-1.fc6.i386.rpm
1e6f2693728f293a95af4cc7d8d1ded11837e505 i386/firefox-1.5.0.10-1.fc6.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.

Fedora Update Notification
FEDORA-2007-293
2007-02-27

Product : Fedora Core 6
Name : yelp
Version : 2.16.0
Release : 12.fc6
Summary : A system documentation reader from the Gnome project

Description :
Yelp is the Gnome 2 help/documentation browser. It is designed to help you browse all the documentation on your system in one central tool.

  • Mon Feb 26 2007 Martin Stransky <stransky@redhat.com>
    • 2.16.0-12
    • Rebuild against newer gecko
This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

a90c29df8a7c6786c55e7e9dfc0039b56d799452 SRPMS/yelp-2.16.0-12.fc6.src.rpm
a90c29df8a7c6786c55e7e9dfc0039b56d799452 noarch/yelp-2.16.0-12.fc6.src.rpm
1485e6e8d6b44a482b2af41fa994f7343cdb9052 ppc/yelp-2.16.0-12.fc6.ppc.rpm
e2c9317b5aafbe3d3199ac05e6a488d02ba2199b ppc/debug/yelp-debuginfo-2.16.0-12.fc6.ppc.rpm
e9ea5d78de88460fd074591f21f14ae9595b8a12 x86_64/yelp-2.16.0-12.fc6.x86_64.rpm
dedbfb2596bd3b4d1e75cfe380413dd4b659c0c2 x86_64/debug/yelp-debuginfo-2.16.0-12.fc6.x86_64.rpm
5efd0b759ceb6c92a92f5553931e2028b00bc534 i386/debug/yelp-debuginfo-2.16.0-12.fc6.i386.rpm
832b36c7a3f8e59c3f91e5fb2930a3c6f521230c i386/yelp-2.16.0-12.fc6.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.

Fedora Update Notification
FEDORA-2007-293
2007-02-27

Product : Fedora Core 6
Name : devhelp
Version : 0.12
Release : 10.fc6
Summary : API document browser

Description :
An API document browser for GNOME 2.

  • Mon Feb 26 2007 Martin Stransky <stransky@redhat.com>
    • 0.12.6-10
    • Rebuild against newer gecko
This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

2c098e47bb3d7b4120ae3d7b70f24dd722d58510 SRPMS/devhelp-0.12-10.fc6.src.rpm
2c098e47bb3d7b4120ae3d7b70f24dd722d58510 noarch/devhelp-0.12-10.fc6.src.rpm
1918a5aa100c7148dc9b95bcfc64394fc2c530ae ppc/debug/devhelp-debuginfo-0.12-10.fc6.ppc.rpm
8f9b4ca3f181bd8f1f4d9fdf0fb41eb0ad0d6c62 ppc/devhelp-devel-0.12-10.fc6.ppc.rpm
f16c82a56229bdda71621e5753fc43eaf9211f1f ppc/devhelp-0.12-10.fc6.ppc.rpm
335efc223ea411bb8474bc1aeeac92868aaebac6 x86_64/devhelp-devel-0.12-10.fc6.x86_64.rpm
e064c6db9060f60d068a1d8bb48372974b9e163a x86_64/devhelp-0.12-10.fc6.x86_64.rpm
3abc6a87659d7e253c6ef1f7f5e4838768e479df x86_64/debug/devhelp-debuginfo-0.12-10.fc6.x86_64.rpm
c864b451e98a9500d9c0564365f1d05d232383c1 i386/devhelp-0.12-10.fc6.i386.rpm
308f08f113e80a78100e2426b2a3b8eac5f07abc i386/debug/devhelp-debuginfo-0.12-10.fc6.i386.rpm
637bd4ed1f57536495b3261f2d1f67287367848a i386/devhelp-devel-0.12-10.fc6.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.

Fedora Update Notification
FEDORA-2007-293
2007-02-27

Product : Fedora Core 6
Name : epiphany
Version : 2.16.3
Release : 2.fc6
Summary : GNOME web browser based on the Mozilla rendering engine

Description :
epiphany is a simple GNOME web browser based on the Mozilla rendering engine

  • Mon Feb 26 2007 Martin Stransky <stransky@redhat.com>
    • 2.16.3-2
    • Rebuild against newer gecko
This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

72561de6d2345fe3c424de632de9f14579b51726 SRPMS/epiphany-2.16.3-2.fc6.src.rpm
72561de6d2345fe3c424de632de9f14579b51726 noarch/epiphany-2.16.3-2.fc6.src.rpm
cd87692a507b5758b0f3028128ca133950d537c5 ppc/debug/epiphany-debuginfo-2.16.3-2.fc6.ppc.rpm
2f90da555b1499286e265392a4b947ac5a87304d ppc/epiphany-2.16.3-2.fc6.ppc.rpm
76b8571a6a10dd07d19f6bf66fc212c271f39eac ppc/epiphany-devel-2.16.3-2.fc6.ppc.rpm
a7323d98948611d695f0929be3c42166b0f324b0 x86_64/epiphany-devel-2.16.3-2.fc6.x86_64.rpm
77d739910d30148b7f3d4f5e783ebb0d4ecaf7e5 x86_64/epiphany-2.16.3-2.fc6.x86_64.rpm
477248e53c1c5b70f567ad1b7487f52eb1e40e77 x86_64/debug/epiphany-debuginfo-2.16.3-2.fc6.x86_64.rpm
78bc9eaf60ffe75e289bcdb43144e968266d4a55 i386/epiphany-devel-2.16.3-2.fc6.i386.rpm
ae2d92871ce8134c369fba6a163e23dd7665958f i386/debug/epiphany-debuginfo-2.16.3-2.fc6.i386.rpm
1896cd756404c41ed3b7c35ae970efbfcb114a5b i386/epiphany-2.16.3-2.fc6.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.

Fedora Update Notification
FEDORA-2007-293
2007-02-27

Product : Fedora Core 6
Name : gnome-python2-extras
Version : 2.14.2
Release : 9.fc6
Summary : The sources for additional. PyGNOME Python extension modules.

Description :
The gnome-python-extra package contains the source packages for additional Python bindings for GNOME. It should be used together with gnome-python.

  • Mon Feb 26 2007 Matthew Barnes <mbarnes@redhat.com>
    • 2.14.2-9.fc6
    • Rebuild against firefox-1.5.0.10.
This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

f8a093d5662bcaa6577c57f2ef982dd8cded9deb SRPMS/gnome-python2-extras-2.14.2-9.fc6.src.rpm
f8a093d5662bcaa6577c57f2ef982dd8cded9deb noarch/gnome-python2-extras-2.14.2-9.fc6.src.rpm
267f0a039f5b3ba1d9ffe91459ff2e5eb67a02a5 ppc/gnome-python2-gtkmozembed-2.14.2-9.fc6.ppc.rpm
42cffd22cace0a316d87dd8babdec39e1aa7fd87 ppc/gnome-python2-gtkspell-2.14.2-9.fc6.ppc.rpm
d1bc20929acf0311814ab7691f202efde1b9e79c ppc/gnome-python2-gtkhtml2-2.14.2-9.fc6.ppc.rpm
9a8160e6e0f8f1a9debdd6a5d3462b624bb7be96 ppc/gnome-python2-extras-2.14.2-9.fc6.ppc.rpm
4fbe908359eee688b44a3ac8a6c4770ecf12a93a ppc/gnome-python2-libegg-2.14.2-9.fc6.ppc.rpm
77f0ba35488f057958c8d9fb31dc599c288cc85c ppc/debug/gnome-python2-extras-debuginfo-2.14.2-9.fc6.ppc.rpm
12d6290374bb9773d82b870c15ff02a25f82df1c x86_64/gnome-python2-libegg-2.14.2-9.fc6.x86_64.rpm
bd36ac92dd8fda9564a00cc1e5e49aad6bd7ebf6 x86_64/gnome-python2-gtkspell-2.14.2-9.fc6.x86_64.rpm
726d6f0adab52e8279614943fa01230ec55c8566 x86_64/gnome-python2-gtkmozembed-2.14.2-9.fc6.x86_64.rpm
4116fac12047961b9b1338d3a70d00cd49c21543 x86_64/debug/gnome-python2-extras-debuginfo-2.14.2-9.fc6.x86_64.rpm
c029c1008c2c3fcb2822a300f5e2dd9170f27f81 x86_64/gnome-python2-extras-2.14.2-9.fc6.x86_64.rpm
d203e9c84ce8da44c263e02cc337f6529fc69182 x86_64/gnome-python2-gtkhtml2-2.14.2-9.fc6.x86_64.rpm
9f54f6f2067ecc28cb753213922b21288a4392b9 i386/debug/gnome-python2-extras-debuginfo-2.14.2-9.fc6.i386.rpm
d097ccc36fa66895bae1ee8c2aaacd68883136d9 i386/gnome-python2-gtkspell-2.14.2-9.fc6.i386.rpm
fece64d2948a31cea7257ac84621290ac76aa396 i386/gnome-python2-libegg-2.14.2-9.fc6.i386.rpm
e20f40b96d29d44b84b0c9ea97a52b31040ef6cc i386/gnome-python2-extras-2.14.2-9.fc6.i386.rpm
e833f1dbc170419dc6df100b2503b06df2d415da i386/gnome-python2-gtkmozembed-2.14.2-9.fc6.i386.rpm
0d8ef5eaaa991ffca6103a6f7f43558f69d4a0f2 i386/gnome-python2-gtkhtml2-2.14.2-9.fc6.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.

Gentoo Linux

Gentoo Linux Security Advisory GLSA 200702-11

http://security.gentoo.org/

Severity: Normal
Title: MPlayer: Buffer overflow
Date: February 27, 2007
Bugs: #159727
ID: 200702-11

Synopsis

A buffer overflow was found in MPlayer's RTSP plugin that could lead to a Denial of Service or arbitrary code execution.

Background

MPlayer is a media player capable of playing multiple media formats.

Affected packages

     Package              /   Vulnerable   /                Unaffected

  1  media-video/mplayer     < 1.0_rc1-r2                >= 1.0_rc1-r2

Description

When checking for matching asm rules in the asmrp.c code, the results are stored in a fixed-size array without boundary checks which may allow a buffer overflow.

Impact

An attacker can entice a user to connect to a manipulated RTSP server resulting in a Denial of Service and possibly execution of arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All MPlayer users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=media-video/mplayer-1.0_rc1-r2"

References

[ 1 ] Original Advisory

http://www.mplayerhq.hu/design7/news.html#vuln14

[ 2 ] CVE-2006-6172

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200702-11.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory GLSA 200702-12

http://security.gentoo.org/

Severity: Normal
Title: CHMlib: User-assisted remote execution of arbitrary code
Date: February 27, 2007
Bugs: #163989
ID: 200702-12

Synopsis

A memory corruption vulnerability in CHMlib could lead to the remote execution of arbitrary code.

Background

CHMlib is a library for the MS CHM (Compressed HTML) file format plus extracting and HTTP server utils.

Affected packages

     Package         /  Vulnerable  /                       Unaffected

  1  app-doc/chmlib       < 0.39                               >= 0.39

Description

When certain CHM files that contain tables and objects stored in pages are parsed by CHMlib, an unsanitized value is passed to the alloca() function resulting in a shift of the stack pointer to arbitrary memory locations.

Impact

An attacker could entice a user to open a specially crafted CHM file, resulting in the execution of arbitrary code with the permissions of the user viewing the file.

Workaround

There is no known workaround at this time.

Resolution

All CHMlib users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-doc/chmlib-0.39"

References

[ 1 ] Original Advisory

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=468

[ 2 ] CVE-2007-0619

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0619

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200702-12.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Red Hat Linux

Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2007:0085-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0085.html
Issue date: 2007-02-27
Updated on: 2007-02-27
Product: Red Hat Enterprise Linux
Keywords: nahant kernel update
Obsoletes: RHSA-2007:0014
CVE Names: CVE-2007-0001 CVE-2007-0006

1. Summary:

Updated kernel packages that fix two security issues and a bug in the Red Hat Enterprise Linux 4 kernel are now available.

This update has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for two security issues:

  • a flaw in the key serial number collision avoidance algorithm of the keyctl subsystem that allowed a local user to cause a denial of service (CVE-2007-0006, Important)
  • a flaw in the file watch implementation of the audit subsystems that allowed a local user to cause a denial of service (panic). To exploit this flaw a privileged user must have previously created a watch for a file (CVE-2007-0001, Moderate)

In addition to the security issues described above, a fix for the SCTP subsystem to address a system crash which may be experienced in Telco environments has been included.

Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architecture and configurations as listed in this erratum.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

223129 - CVE-2007-0001 kernel panic watching /etc/passwd
223818 - kernel panic in sctp module
227495 - CVE-2007-0006 Key serial number collision problem

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-42.0.10.EL.src.rpm
1c365c7e860a5befc863fe3ddcd99348 kernel-2.6.9-42.0.10.EL.src.rpm

i386:
7b18d06a3323f40304e6d2220b814cc9 kernel-2.6.9-42.0.10.EL.i686.rpm
6ec86856eec04bd71b1fe33215a0c0fd kernel-debuginfo-2.6.9-42.0.10.EL.i686.rpm
9fa98cea9b4347f1bb934c955e12777c kernel-devel-2.6.9-42.0.10.EL.i686.rpm
abea2f5ae09397381300f476e1c851d3 kernel-hugemem-2.6.9-42.0.10.EL.i686.rpm
059ef62c55b663de5cf3493f68edb61a kernel-hugemem-devel-2.6.9-42.0.10.EL.i686.rpm
a6b7c14dd615c2ba596218f99d6dc791 kernel-smp-2.6.9-42.0.10.EL.i686.rpm
4eef61b5cafa9decc595a7ad8777dce0 kernel-smp-devel-2.6.9-42.0.10.EL.i686.rpm

ia64:
31e428fd48ade503595dc8d29db7a2b9 kernel-2.6.9-42.0.10.EL.ia64.rpm
54e4ef98367ded5742d321f5cc7fb355 kernel-debuginfo-2.6.9-42.0.10.EL.ia64.rpm
f5cab16944e31dd7638b04338e32a5b7 kernel-devel-2.6.9-42.0.10.EL.ia64.rpm
711277591463504287acbffd0895feba kernel-largesmp-2.6.9-42.0.10.EL.ia64.rpm
626a89962ecce7d2fd0e836e8639f396 kernel-largesmp-devel-2.6.9-42.0.10.EL.ia64.rpm

noarch:
183fe23ac5e8be41adf6c05d81b76555 kernel-doc-2.6.9-42.0.10.EL.noarch.rpm

ppc:
31fed3bedefad58ca137070a474993e3 kernel-2.6.9-42.0.10.EL.ppc64.rpm
12b8793caffe9a8e423c5aae114ab278 kernel-2.6.9-42.0.10.EL.ppc64iseries.rpm
2439f728fa4cc955b3f32e3293cce5f3 kernel-debuginfo-2.6.9-42.0.10.EL.ppc64.rpm
8e4fad77b36cd1ad85d46c6ff4dc1208 kernel-debuginfo-2.6.9-42.0.10.EL.ppc64iseries.rpm
c31267fbcde1bdfa00b01d9c899c919b kernel-devel-2.6.9-42.0.10.EL.ppc64.rpm
ae25e38f5f61abe14d7f4a39125cb225 kernel-devel-2.6.9-42.0.10.EL.ppc64iseries.rpm
6b65bb861d10908820f4790af8e82cd0 kernel-largesmp-2.6.9-42.0.10.EL.ppc64.rpm
a26c7771ca2169f32c5ed60e30c5a487 kernel-largesmp-devel-2.6.9-42.0.10.EL.ppc64.rpm

s390:
ef8c8d9026aa6d070425e156f84a0126 kernel-2.6.9-42.0.10.EL.s390.rpm
e4c0c1858459b58d18d7c6b2d02ef02c kernel-debuginfo-2.6.9-42.0.10.EL.s390.rpm
145f8e9fa674a5971069130bbac83477 kernel-devel-2.6.9-42.0.10.EL.s390.rpm

s390x:
1b26a95bff6b75b5aa159f41e1655c57 kernel-2.6.9-42.0.10.EL.s390x.rpm
cacb81d2e9207105cbbb736281d060ec kernel-debuginfo-2.6.9-42.0.10.EL.s390x.rpm
90c31342fcb6a911fabdbd1f933e87e7 kernel-devel-2.6.9-42.0.10.EL.s390x.rpm

x86_64:
cc5299e4937f5400436ba973bad7f015 kernel-2.6.9-42.0.10.EL.x86_64.rpm
b7feda4cd3d988a19d36b5339de39fdf kernel-debuginfo-2.6.9-42.0.10.EL.x86_64.rpm
69fb41d441f99bd76e785c1a18bbbdf7 kernel-devel-2.6.9-42.0.10.EL.x86_64.rpm
4f5febec6e24716343a059b0f664a93d kernel-largesmp-2.6.9-42.0.10.EL.x86_64.rpm
b4f5e823899006fe7e192afecb908cb1 kernel-largesmp-devel-2.6.9-42.0.10.EL.x86_64.rpm
97db663987ed857dae4d1dac6b4c2eb9 kernel-smp-2.6.9-42.0.10.EL.x86_64.rpm
a761c5d60b8fdff8d06578339c1e6df7 kernel-smp-devel-2.6.9-42.0.10.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-42.0.10.EL.src.rpm
1c365c7e860a5befc863fe3ddcd99348 kernel-2.6.9-42.0.10.EL.src.rpm

i386:
7b18d06a3323f40304e6d2220b814cc9 kernel-2.6.9-42.0.10.EL.i686.rpm
6ec86856eec04bd71b1fe33215a0c0fd kernel-debuginfo-2.6.9-42.0.10.EL.i686.rpm
9fa98cea9b4347f1bb934c955e12777c kernel-devel-2.6.9-42.0.10.EL.i686.rpm
abea2f5ae09397381300f476e1c851d3 kernel-hugemem-2.6.9-42.0.10.EL.i686.rpm
059ef62c55b663de5cf3493f68edb61a kernel-hugemem-devel-2.6.9-42.0.10.EL.i686.rpm
a6b7c14dd615c2ba596218f99d6dc791 kernel-smp-2.6.9-42.0.10.EL.i686.rpm
4eef61b5cafa9decc595a7ad8777dce0 kernel-smp-devel-2.6.9-42.0.10.EL.i686.rpm

noarch:
183fe23ac5e8be41adf6c05d81b76555 kernel-doc-2.6.9-42.0.10.EL.noarch.rpm

x86_64:
cc5299e4937f5400436ba973bad7f015 kernel-2.6.9-42.0.10.EL.x86_64.rpm
b7feda4cd3d988a19d36b5339de39fdf kernel-debuginfo-2.6.9-42.0.10.EL.x86_64.rpm
69fb41d441f99bd76e785c1a18bbbdf7 kernel-devel-2.6.9-42.0.10.EL.x86_64.rpm
4f5febec6e24716343a059b0f664a93d kernel-largesmp-2.6.9-42.0.10.EL.x86_64.rpm
b4f5e823899006fe7e192afecb908cb1 kernel-largesmp-devel-2.6.9-42.0.10.EL.x86_64.rpm
97db663987ed857dae4d1dac6b4c2eb9 kernel-smp-2.6.9-42.0.10.EL.x86_64.rpm
a761c5d60b8fdff8d06578339c1e6df7 kernel-smp-devel-2.6.9-42.0.10.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-42.0.10.EL.src.rpm
1c365c7e860a5befc863fe3ddcd99348 kernel-2.6.9-42.0.10.EL.src.rpm

i386:
7b18d06a3323f40304e6d2220b814cc9 kernel-2.6.9-42.0.10.EL.i686.rpm
6ec86856eec04bd71b1fe33215a0c0fd kernel-debuginfo-2.6.9-42.0.10.EL.i686.rpm
9fa98cea9b4347f1bb934c955e12777c kernel-devel-2.6.9-42.0.10.EL.i686.rpm
abea2f5ae09397381300f476e1c851d3 kernel-hugemem-2.6.9-42.0.10.EL.i686.rpm
059ef62c55b663de5cf3493f68edb61a kernel-hugemem-devel-2.6.9-42.0.10.EL.i686.rpm
a6b7c14dd615c2ba596218f99d6dc791 kernel-smp-2.6.9-42.0.10.EL.i686.rpm
4eef61b5cafa9decc595a7ad8777dce0 kernel-smp-devel-2.6.9-42.0.10.EL.i686.rpm

ia64:
31e428fd48ade503595dc8d29db7a2b9 kernel-2.6.9-42.0.10.EL.ia64.rpm
54e4ef98367ded5742d321f5cc7fb355 kernel-debuginfo-2.6.9-42.0.10.EL.ia64.rpm
f5cab16944e31dd7638b04338e32a5b7 kernel-devel-2.6.9-42.0.10.EL.ia64.rpm
711277591463504287acbffd0895feba kernel-largesmp-2.6.9-42.0.10.EL.ia64.rpm
626a89962ecce7d2fd0e836e8639f396 kernel-largesmp-devel-2.6.9-42.0.10.EL.ia64.rpm

noarch:
183fe23ac5e8be41adf6c05d81b76555 kernel-doc-2.6.9-42.0.10.EL.noarch.rpm

x86_64:
cc5299e4937f5400436ba973bad7f015 kernel-2.6.9-42.0.10.EL.x86_64.rpm
b7feda4cd3d988a19d36b5339de39fdf kernel-debuginfo-2.6.9-42.0.10.EL.x86_64.rpm
69fb41d441f99bd76e785c1a18bbbdf7 kernel-devel-2.6.9-42.0.10.EL.x86_64.rpm
4f5febec6e24716343a059b0f664a93d kernel-largesmp-2.6.9-42.0.10.EL.x86_64.rpm
b4f5e823899006fe7e192afecb908cb1 kernel-largesmp-devel-2.6.9-42.0.10.EL.x86_64.rpm
97db663987ed857dae4d1dac6b4c2eb9 kernel-smp-2.6.9-42.0.10.EL.x86_64.rpm
a761c5d60b8fdff8d06578339c1e6df7 kernel-smp-devel-2.6.9-42.0.10.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-42.0.10.EL.src.rpm
1c365c7e860a5befc863fe3ddcd99348 kernel-2.6.9-42.0.10.EL.src.rpm

i386:
7b18d06a3323f40304e6d2220b814cc9 kernel-2.6.9-42.0.10.EL.i686.rpm
6ec86856eec04bd71b1fe33215a0c0fd kernel-debuginfo-2.6.9-42.0.10.EL.i686.rpm
9fa98cea9b4347f1bb934c955e12777c kernel-devel-2.6.9-42.0.10.EL.i686.rpm
abea2f5ae09397381300f476e1c851d3 kernel-hugemem-2.6.9-42.0.10.EL.i686.rpm
059ef62c55b663de5cf3493f68edb61a kernel-hugemem-devel-2.6.9-42.0.10.EL.i686.rpm
a6b7c14dd615c2ba596218f99d6dc791 kernel-smp-2.6.9-42.0.10.EL.i686.rpm
4eef61b5cafa9decc595a7ad8777dce0 kernel-smp-devel-2.6.9-42.0.10.EL.i686.rpm

ia64:
31e428fd48ade503595dc8d29db7a2b9 kernel-2.6.9-42.0.10.EL.ia64.rpm
54e4ef98367ded5742d321f5cc7fb355 kernel-debuginfo-2.6.9-42.0.10.EL.ia64.rpm
f5cab16944e31dd7638b04338e32a5b7 kernel-devel-2.6.9-42.0.10.EL.ia64.rpm
711277591463504287acbffd0895feba kernel-largesmp-2.6.9-42.0.10.EL.ia64.rpm
626a89962ecce7d2fd0e836e8639f396 kernel-largesmp-devel-2.6.9-42.0.10.EL.ia64.rpm

noarch:
183fe23ac5e8be41adf6c05d81b76555 kernel-doc-2.6.9-42.0.10.EL.noarch.rpm

x86_64:
cc5299e4937f5400436ba973bad7f015 kernel-2.6.9-42.0.10.EL.x86_64.rpm
b7feda4cd3d988a19d36b5339de39fdf kernel-debuginfo-2.6.9-42.0.10.EL.x86_64.rpm
69fb41d441f99bd76e785c1a18bbbdf7 kernel-devel-2.6.9-42.0.10.EL.x86_64.rpm
4f5febec6e24716343a059b0f664a93d kernel-largesmp-2.6.9-42.0.10.EL.x86_64.rpm
b4f5e823899006fe7e192afecb908cb1 kernel-largesmp-devel-2.6.9-42.0.10.EL.x86_64.rpm
97db663987ed857dae4d1dac6b4c2eb9 kernel-smp-2.6.9-42.0.10.EL.x86_64.rpm
a761c5d60b8fdff8d06578339c1e6df7 kernel-smp-devel-2.6.9-42.0.10.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0006
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.

rPath Linux

rPath Security Advisory: 2007-0043-1
Published: 2007-02-27
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification: Remote System User Deterministic Unauthorized Access
Updated Versions: php=/conary.rpath.com@rpl:devel//1/4.3.11-15.9-1
php-mysql=/conary.rpath.com@rpl:devel//1/4.3.11-15.9-1
php-pgsql=/conary.rpath.com@rpl:devel//1/4.3.11-15.9-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988
https://issues.rpath.com/browse/RPL-1088
Description: Previous versions of the php package are vulnerable to multiple vulnerabilities of varying severity. The most severe of these vulnerabilities are expected to enable remote code execution as the "apache" user via php applications that call certain functions such as str_replace(), imap_mail_compose(), or odbc_result_all() functions.

SUSE Linux

SUSE Security Announcement

Package: kernel-bigsmp
Announcement ID: SUSE-SA:2007:018
Date: Tue, 27 Feb 2007 14:00:00 +0000
Affected Products: SUSE LINUX 10.1< SUSE SLED 10 SUSE SLE 10 DEBUGINFO SUSE SLES 10
Vulnerability Type: remote denial of service
Severity (1-10): 7
SUSE Default Package: yes
Cross-References: CVE-2006-2936, CVE-2006-4814, CVE-2006-5749 CVE-2006-5753, CVE-2006-6106, CVE-2007-0772

Content of This Advisory:

  1. Security Vulnerability Resolved: kernel security update Problem Description
  2. Solution or Work-Around
  3. Special Instructions and Notes
  4. Package Location and Checksums
  5. Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report.
  6. Authenticity Verification and Additional Information

1) Problem Description and Brief Discussion

A kernel update has been released to fix the following security problems:

  • CVE-2006-2936: The ftdi_sio driver allowed local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued. This requires this driver to be loaded, which only happens if such a device is plugged in.
  • CVE-2006-4814: A deadlock in mincore that could be caused by local attackers was fixed.
  • CVE-2006-6106: Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel allowed remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.
  • CVE-2006-5749: The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux kernel does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash.
  • CVE-2006-5753: Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges.
  • CVE-2007-0772: A remote denial of service problem on NFSv2 mounts with ACL enabled was fixed.

and various non security bugs.

This update only covers SUSE Linux Enterprise 10 and SUSE Linux 10.1. The above listed problems also affect other kernels, for which updates will be published.

2) Solution or Work-Around

There is no known workaround, please install the update packages.

3) Special Instructions and Notes

None.

4) Package Location and Checksums

The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command

rpm -Fhv <file.rpm>

to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package.

x86 Platform:

SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-bigsmp-2.6.16.27-0.9.i586.rpm e8b387eecd54b875c1071fc924f4f2b4
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-debug-2.6.16.27-0.9.i586.rpm 001254c312faec605b5eaf0f5682a280
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-default-2.6.16.27-0.9.i586.rpm 6eaecfb75cfab350ff1f4b965d08948b
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-kdump-2.6.16.27-0.9.i586.rpm 46ba9fd7be425f3db58daac13ddcfe1b
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-smp-2.6.16.27-0.9.i586.rpm c9fb15081967d858ad7b29ead84a1259
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-source-2.6.16.27-0.9.i586.rpm 47dd412f9add6ec37697347266724dab
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-syms-2.6.16.27-0.9.i586.rpm 05fdd39d25567fdc05b70d9176d2542c
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-um-2.6.16.27-0.9.i586.rpm 1a068a49ecd18a073301216a5952a8a7
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-xen-2.6.16.27-0.9.i586.rpm 6ff11d2cc96dc3294189877419cf86e4
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-xenpae-2.6.16.27-0.9.i586.rpm a5527c57faded347005b60c9681be126
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kexec-tools-1.101-32.22.1.i586.rpm 54266b9c20d734c8aad15003dba12eb1
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mkinitrd-1.2-106.27.2.i586.rpm 9804a7f76037c8db855b77141252aeec
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/multipath-tools-0.4.6-25.18.i586.rpm a363de03cb38de046cf5d6a76f13a1cb
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/open-iscsi-0.5.545-9.17.i586.rpm 3ef0734f0ae0bbcb723a7b78701fa42a
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/udev-085-30.18.1.i586.rpm e5febb721512dad8f25bfe9343154b99

Power PC Platform:

SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-default-2.6.16.27-0.9.ppc.rpm bffed3ad3f3510a833985fe5c7f943c1
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-iseries64-2.6.16.27-0.9.ppc.rpm 44050e412ee8ac6bfe124bcb1804c3fc
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-kdump-2.6.16.27-0.9.ppc.rpm 6c74ba711d9c11436b20b932723aff6b
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-ppc64-2.6.16.27-0.9.ppc.rpm 8f491b0fbf372b38883013cb336526e0
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-source-2.6.16.27-0.9.ppc.rpm c7fc5634e2e74f5d263ab317c494ce2c
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-syms-2.6.16.27-0.9.ppc.rpm ca22718fdbb03666b86200fa4bf8827d
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mkinitrd-1.2-106.27.2.ppc.rpm 8eed776dd3ad2222675925cdcc489a8c
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/multipath-tools-0.4.6-25.18.ppc.rpm 16fc2022787b0c6c4e683b851375ce7a
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/open-iscsi-0.5.545-9.17.ppc.rpm 010256c84bd145fa9ffacb313cb08934
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/udev-085-30.18.1.ppc.rpm 09b5b91d25edb12c5ca941257fd51c5a

x86-64 Platform:

SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-debug-2.6.16.27-0.9.x86_64.rpm 8d959b18857fc50c549939a1be7724ba
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-default-2.6.16.27-0.9.x86_64.rpm 54fae8532c291f373f6f23d08f3b20bc
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-kdump-2.6.16.27-0.9.x86_64.rpm a9d9c3e6213f06230fe7cbb2e2a1a16a
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-smp-2.6.16.27-0.9.x86_64.rpm 23c385bb7f183d938faf5792cafa6098
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-source-2.6.16.27-0.9.x86_64.rpm acfb4766596756d2402711056caa4c8d
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-syms-2.6.16.27-0.9.x86_64.rpm c7caaf1a1d2bd2691215a74541cb63de
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-xen-2.6.16.27-0.9.x86_64.rpm b91eb4928f6b137344bb8276f480d8f9
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kexec-tools-1.101-32.22.1.x86_64.rpm 211671c57618d29c2cb684e209375b69
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mkinitrd-1.2-106.27.2.x86_64.rpm e57c6fc9dfb9716c732ee7414b3f4d34
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/multipath-tools-0.4.6-25.18.x86_64.rpm 8641961daf3b7bbafb140a63c8004d65
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/open-iscsi-0.5.545-9.17.x86_64.rpm d956cb94731fe3aa3055c08248784921
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/udev-085-30.18.1.x86_64.rpm 290ccf945f68f274eb1d346ad54f22ad

Sources:

SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-bigsmp-2.6.16.27-0.9.nosrc.rpm 42819b35570ec966f4899bf074494ba1
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-debug-2.6.16.27-0.9.nosrc.rpm 9efb9aca7660d69d021dd6cf591e279a
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-default-2.6.16.27-0.9.nosrc.rpm 6f3302e4c5ba828eab6a01713fff1901
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-iseries64-2.6.16.27-0.9.nosrc.rpm 72e5ee51ff22fac8d4a56034dc5726e0
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-kdump-2.6.16.27-0.9.nosrc.rpm 95a5532d49a13f2f4d080618eafa5abb
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-ppc64-2.6.16.27-0.9.nosrc.rpm b67adf4fdf41dd4afc324758eb81b643
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-smp-2.6.16.27-0.9.nosrc.rpm 5dfce38d6737c14879439cca7c615ec0
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-source-2.6.16.27-0.9.src.rpm eda39963f17d3334ba75abe2cd41e71a
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-syms-2.6.16.27-0.9.src.rpm 87d2443ec4e18d188963e5d5ac8bb41c
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-um-2.6.16.27-0.9.nosrc.rpm 7544736387458c7eadfae00f70cd7642
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-xen-2.6.16.27-0.9.nosrc.rpm c9db84dd6382927b79a5f6594e84895f
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-xenpae-2.6.16.27-0.9.nosrc.rpm b60d4f1da62f64f5e982a64bd7bdcd5b
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kexec-tools-1.101-32.22.1.src.rpm eb6c84b6338d297ff625fd9eb220e0d7
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/mkinitrd-1.2-106.27.2.src.rpm 58a2d662fe0906295b90d6bef6d4e760
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/multipath-tools-0.4.6-25.18.src.rpm 18bb0bd55194f2e50b60e9998eeaef0b
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/open-iscsi-0.5.545-9.17.src.rpm 64b5b42d879d4669c9f42eb576aa63fe
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/udev-085-30.18.1.src.rpm 6fe2ea0869a47c552dc66378555adf99

Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:

SUSE SLED 10 for AMD64 and Intel EM64T
http://support.novell.com/techcenter/psdb/07f0172bd1d7fcba7b4b05eb27a13a69.html

SUSE SLE 10 DEBUGINFO for IBM zSeries 64bit
http://support.novell.com/techcenter/psdb/6b9ee4fae636f4681a5d171bade9e2b6.html

SUSE SLE 10 DEBUGINFO for IBM POWER
http://support.novell.com/techcenter/psdb/1fc9802c03b4f29a29158627871433df.html

SUSE SLE 10 DEBUGINFO for IPF
http://support.novell.com/techcenter/psdb/84b59ac1863082bf630b430a98ccb5ca.html

SUSE SLES 10
http://support.novell.com/techcenter/psdb/07f0172bd1d7fcba7b4b05eb27a13a69.html
http://support.novell.com/techcenter/psdb/6b9ee4fae636f4681a5d171bade9e2b6.html
http://support.novell.com/techcenter/psdb/1fc9802c03b4f29a29158627871433df.html
http://support.novell.com/techcenter/psdb/84b59ac1863082bf630b430a98ccb5ca.html
http://support.novell.com/techcenter/psdb/7a120195d0f5166ddeb25518b0ee41d0.html

SUSE SLE 10 DEBUGINFO
http://support.novell.com/techcenter/psdb/07f0172bd1d7fcba7b4b05eb27a13a69.html
http://support.novell.com/techcenter/psdb/1fc9802c03b4f29a29158627871433df.html
http://support.novell.com/techcenter/psdb/84b59ac1863082bf630b430a98ccb5ca.html
http://support.novell.com/techcenter/psdb/7a120195d0f5166ddeb25518b0ee41d0.html

SUSE SLED 10
http://support.novell.com/techcenter/psdb/07f0172bd1d7fcba7b4b05eb27a13a69.html
http://support.novell.com/techcenter/psdb/7a120195d0f5166ddeb25518b0ee41d0.html

SUSE SLED 10 for x86
http://support.novell.com/techcenter/psdb/7a120195d0f5166ddeb25518b0ee41d0.html

5) Pending Vulnerabilities, Solutions, and Work-Arounds:

See SUSE Security Summary Report.

6) Authenticity Verification and Additional Information

  • Announcement authenticity verification:

    SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.

    To verify the signature of the announcement, save it as text into a file and run the command

    gpg --verify <file>

    replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like:

    gpg: Signature made <DATE> using RSA key ID 3D25D3D9
    gpg: Good signature from "SuSE Security Team <security@suse.de>"

    where <DATE> is replaced by the date the document was signed.

    If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command

    gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

  • Package authenticity verification:

    SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.

    There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package:

    1. Using the internal gpg signatures of the rpm package
    2. MD5 checksums as provided in this announcement
    1. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command

      rpm -v --checksig <file.rpm>

      to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' durin