Linux Today - Advisories, February 4, 2007

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices

Technology Jobs

LinuxToday Newsletters

Server Daily
IT Management Daily
Subscribe News
Subscribe PR
Subscribe Security

internet.com

Internet News
Small Business

Advertise
Newsletters
Tech Jobs
E-mail Offers

Current Newswire:

20 popular Ubuntu Linux apps you may want to try

A Selection of the Very Best Open Source Tutorials and Tools

Android Ice Cream Sandwich ported to x86 tablets, netbooks and notebooks

SECURITY: Google Chrome 17 Improves Security

How to read a CSV file in Perl?

Red Hat Brings Gluster to Amazon Cloud

New Linux kernel fixes power-saving issues

Using Wii remote with Android Device- Taking Gaming to the Next Level

Commercial Support now available for the open-source NGINX Web server

Linux Top 5: Linux's New Fellow

Applications Management Engineer Sr (NYC)
Next Step Systems
US-NY-New York

Post A Job | Post A Resume

:Advisories, February 4, 2007

Advisories, February 4, 2007
Mar 5, 2007, 05 :30 UTC (1 Talkback[s]) (4727 reads)

Debian GNU/Linux

Debian Security Advisory DSA 1262-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
March 4th, 2007 http://www.debian.org/security/faq

Package : gnomemeeting
Vulnerability : format string
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2007-1007

"Mu Security" discovered that a format string vulnerability in the VoIP solution GnomeMeeting allows the execution of arbitrary code.

For the stable distribution (sarge) this problem has been fixed in version 1.2.1-1sarge1.

For the upcoming stable distribution (etch) this problem has been fixed in version 2.0.3-2.1 of the ekiga package.

For the unstable distribution (sid) this problem has been fixed in version 2.0.3-2.1 of the ekiga package.

We recommend that you upgrade your gnomemeeting package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1.dsc
      Size/MD5 checksum: 1746 e82643f764d6b43c521cca39a387e8f8
    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1.diff.gz
      Size/MD5 checksum: 22888 194f7471c22e1c81d5ab4325603e0cd1
    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1.orig.tar.gz
      Size/MD5 checksum: 5525398 93829f3eee783f32eaefebc9e717fb89

Alpha architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_alpha.deb
Size/MD5 checksum: 3146922 f500df544b335593a2bb9431cbd21592

AMD64 architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_amd64.deb
Size/MD5 checksum: 3119044 672fbec91d13256a46a8803486a03346

ARM architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_arm.deb
Size/MD5 checksum: 3089174 45beb5e78751eddbb13bd812b464cfb2

HP Precision architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_hppa.deb
Size/MD5 checksum: 3119086 7f92e053556ba684c120aa83c7a7c114

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_i386.deb
Size/MD5 checksum: 3105396 4883efb8f1da3aa1641e249f50030f10

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_ia64.deb
Size/MD5 checksum: 3192488 393b4321afb3e4077a3958d686fa02a1

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_m68k.deb
Size/MD5 checksum: 3080404 d9663a63d7077b2a0cd81722a44e53d0

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_mips.deb
Size/MD5 checksum: 3131084 2c7367aabe62f5f9169fc81ea217c448

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_mipsel.deb
Size/MD5 checksum: 3123832 ca06f5a2993f0b1ded5834ed1077e969

PowerPC architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_powerpc.deb
Size/MD5 checksum: 3103054 22b5b85dd549856800375f06cfc0dfa6

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_s390.deb
Size/MD5 checksum: 3110952 bcf48d4d889661c1659c1afcbeaa2d24

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_sparc.deb
Size/MD5 checksum: 3093420 1d6df4cf0981cf802be3d9b06075ec41

These files will probably be moved into the stable distribution on its next update.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Fedora Core

Fedora Update Notification
FEDORA-2007-277
2007-03-02

Product : Fedora Core 5
Name : kernel
Version : 2.6.19
Release : 1.2288.2.1.fc5
Summary : The Linux kernel (the core of the Linux operating system)

Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

Update Information:

Updated to kernel 2.6.19.5-rc1 plus additional fixes:

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.4

2.6.19.5-rc1:
4 V4L fixes
3 usbaudio fixes
3 wireless driver fixes
2 IDE driver cable detection fixes
NFS bugfix
various other fixes

CVE-2007-0772:
Summary: The Linux kernel before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.

CVE-2006-5753:
Summary: Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.

Thu Feb 22 2007 Chuck Ebbert <cebbert@redhat.com>
- 2.6.19.4 (CVE-2007-0772)
- 2.6.19.5-rc1
- bad_inode_ops patch (CVE-2006-5753)
- disable MSI on forcedeth cards (FC6 bz #222556)
- Intel HDA si3054 codec (FC6 bz #228879)
- "no irq for vector" fix (FC6 bz #225399)
- usbnet oops fix (FC6 bz #228231)
- swiotlb synchronization fix
- scsi cdrom ioctls were broken
- NAPI netpoll fixes from FC6 2911 kernel
Sat Feb 10 2007 Chuck Ebbert <cebbert@redhat.com>
- add missing "provides" for debug-devel packages
- clean up some other "provides" things
- add fixes for RHBZ#211672 (CIFS) and RHBZ#227802 (8139too)
Wed Feb 7 2007 Chuck Ebbert <cebbert@redhat.com>
- add missing debug-devel and smp-debug-devel sections
Wed Feb 7 2007 Chuck Ebbert <cebbert@redhat.com>
- fix up x86_64 Xen build
Tue Feb 6 2007 Chuck Ebbert <cebbert@redhat.com>
- disable Tux
- add another GFS2 update
- add crypto key collision patch (CVE-2007-0006)
Mon Feb 5 2007 Dave Jones <davej@redhat.com>
- Reenable Tux.
Mon Feb 5 2007 Chuck Ebbert <cebbert@redhat.com>
- 2.6.19.3
- updated mirrors: refer to ftp ftp2.kernel.org until kernel.org problems are fixed
Sun Feb 4 2007 Dave Jones <davej@redhat.com>
- 2.6.19.3rc1
Sat Feb 3 2007 Dave Jones <davej@redhat.com>
- Disable kdump options in non-kdump kernels.
Thu Feb 1 2007 Chuck Ebbert <cebbert@redhat.com>
- Added i586 optimized AES and Blowfish modules to the i686 config
- Fixed .cvsignore
Wed Jan 31 2007 Markus Armbruster <
The previous cset folded the Xen paravirt framebuffer patch into linux-2.6-xen.patch, and commented out the obsoleted patch files. Remove them.

Wed Jan 31 2007 Chuck Ebbert <cebbert@redhat.com>

Update to 2.6.19.2

Tue Jan 30 2007 Markus Armbruster <

Update Xen paravirt framebuffer patch to upstream xen-unstable changeset 13066, less changeset 12680, because that breaks with console=tty console=xvc. Also change default domU console back to /dev/xcv0. This changes the protocol to the one accepted upstream.

Add compatibility with guests running our initial protocol.

Update Xen console major/minor to lanana.org-assigned numbers.

Wed Dec 20 2006 Dave Jones <davej@redhat.com>

Update to 2.6.18.6 final (no changes since rc2)
Reenable squashfs (#220293)

Fri Dec 15 2006 Dave Jones <davej@redhat.com>

2.6.18.6rc2

Wed Dec 13 2006 Dave Jones <davej@redhat.com>

squashfs robustness fixes from Phillip Lougher.
lower max CPU count for x86-64 to 64 CPUs.

Thu Dec 7 2006 Juan Quintela <quintela@redhat.com>

update xen to 2.6.18.5.
Fix bug 211986 on xen eventchn (Glaubert).

Tue Dec 5 2006 Dave Jones <davej@redhat.com>

2.6.18.5
Disable auto-apic patch, it needs more thought.
Enable sonypi driver for 586 kernels. (#218434)

Tue Nov 21 2006 Juan Quintela <quintela@redhat.com>

Update xen to 2.6.18.3.
- linux-2.6.18-xen changeset: 36186:053cdad40903
- xen-3.0.3-testing changeset: 11774:52ae8dd4bc75
- linux-2.6-xen-3.0.3 changeset: 22949:4281f5246814

Mon Nov 20 2006 Dave Jones <davej@redhat.com>

2.6.18.3
Fix CIFS mount failure when domain not specified (#211753)
Avoid null pointer dereference in SATA Promise. (#199142)

Fri Nov 17 2006 Dave Jones <davej@redhat.com>

Fix up fallout from disabling utrace.

Fri Nov 17 2006 Juan Quintela <quintela@redhat.com>

merge xen missing bits from FC6 kernel.

Thu Nov 16 2006 Dave Jones <davej@redhat.com>

Fix up error handling in HFS. (MOKB-14-11-2006)

Thu Nov 16 2006 Juan Quintela <quintela@redhat.com>

Update xen HV to 3.0.3_0 (cset 11774).
Update xen kernel patch to 3.0.3_0:
- linux-2.6.18-xen changeset: 36182:c6ef4b521aef
- xen-3.0.3-testing changeset: 11774:52ae8dd4bc75
- linux-2.6-xen-3.0.3 changeset: 22949:4281f5246814

Thu Nov 16 2006 Dave Jones <davej@redhat.com>

Fix squashfs corruption bug. (#211237)
Drop experimental utrace from FC5.

Fri Nov 10 2006 Juan Quintela <quintela@redhat.com>

disable XEN_FRAMEBUFFER & XEN_KEYBOARD.

Fri Nov 10 2006 Dave Jones <davej@redhat.com>

Xen grant table operations security fix.
Disable W1 (#195825)

Thu Nov 9 2006 Dave Jones <davej@redhat.com>

Change HZ to 1000 for increased accuracy. (Except in Xen, where it stays at 250 for now).
TTY locking fixes.
splice : Must fully check for FIFO
Fix potential NULL dereference in sys_move_pages
ISO9660 __findgetblock_slow() denial of service CVE-2006-5757
Fix up oops in cramfs when encountering corrupt images.
E1000 suspend/resume fixes.
Set CIFS preferred IO size. (#214607)

Mon Nov 6 2006 Roland McGrath <roland@redhat.com>

New utrace patch: fix locking snafu crash on second engine attach.

Sun Nov 5 2006 Dave Jones <davej@redhat.com>

Suspend/Resume fixes for forcedeth. (#187653)

Sat Nov 4 2006 Dave Jones <davej@redhat.com>

2.6.18.2

Thu Nov 2 2006 Dave Jones <davej@redhat.com>

Nuke broken lazy execshield xen patch.
Use heuristics to determine whether to enable lapic on i386.

Wed Nov 1 2006 Dave Jones <davej@redhat.com>

2.6.18.2-rc1

Tue Oct 31 2006 Dave Jones <davej@redhat.com>

Fix UFS mounts on x86-64 (#209921)
Fix problem where USB storage isn't seen on reboot. (#212191)

Sun Oct 29 2006 Dave Jones <davej@redhat.com>

More ext3 robustness fixes.
Include more verbose BUG() data
x86_64: Fix up C3 timer latency.

Sat Oct 21 2006 Dave Jones <davej@redhat.com>

Reenable NCPFS (#211325, #203663)
Netpoll fixes. (#199295)

Fri Oct 20 2006 Dave Jones <davej@redhat.com>

Fix autofs creating bad dentries in NFS mount. (#211206, #211207)
Fix softlockup with ips driver. (#196437)
Further exec-shield improvements.
Fix lockup with sky2 driver. (#202203)

Thu Oct 19 2006 Dave Jones <davej@redhat.com>

Export copy_4K_page for ppc64 (#211410)
Attempt to fix CIFS bug (#211070)

Wed Oct 18 2006 Dave Jones <davej@redhat.com>

Fix up aic7xxx SBLKCTL register handling (#211251)
Disable SECMARK by default. (#211115)
Disable some extra debugging stuff that crept in.
Remove broken VIA quirk that prevented booting on some EPIAs (#211298)

Tue Oct 17 2006 Dave Jones <davej@redhat.com>

Silence noisy boot-time messages. (#180606)
Workaround gcc bug with weak symbols (#191458)
Don't let speedstep-smi register on mobile Pentium4 (#204477)

Sat Oct 14 2006 Dave Jones <davej@redhat.com>

Fix jbd crash with 1KB block size filesystems.

Sat Oct 14 2006 Dave Jones <davej@redhat.com> [2.6.18-1.2200.fc5]

2.6.18.1

Tue Oct 10 2006 Dave Jones <davej@redhat.com>

DWARF2 unwinder fixes.
Various lockdep fixes.
Sync various other patches from the FC6 kernel.

Sun Oct 1 2006 Dave Jones <davej@redhat.com>

Drop the STICKY tag from acpi-cpufreq, it breaks suspend/resume.

Fri Sep 29 2006 Dave Jones <davej@redhat.com>

Execshield improvements. (Bart Oldeman)
Disable PM_DEBUG

Thu Sep 28 2006 Roland McGrath <roland@redhat.com>

utrace typo fix for x86-64 watchpoints (#207467)

Thu Sep 28 2006 Dave Jones <davej@redhat.com>

Fix ISAPNP messages on ppc32. (#207641)

Thu Sep 28 2006 Dave Jones <davej@redhat.com>

Another day, another round of lockdep fixes.
Align kernel data segment to page boundary. (#206863)

Thu Sep 28 2006 Steven Whitehouse <swhiteho@redhat.com>

New GFS2 patch

Thu Sep 28 2006 Dave Jones <davej@redhat.com>

Fix "kernel BUG at fs/buffer.c:2789!" bug

Wed Sep 27 2006 Dave Jones <davej@redhat.com>

yet more lockdep fixes.
Fix a problem with XFS & the inode diet patches.
Fix rpc_pipefs umount oops
Enable alternative TCP congestion algorithms.

Tue Sep 26 2006 Dave Jones <davej@redhat.com>

Enable serverworks IDE driver for x86-64.
More lockdep fixes.

Mon Sep 25 2006 Jarod Wilson <jwilson@redhat.com>

Make kernel packages own initrd files

Mon Sep 25 2006 John W. Linville <linville@redhat.com>

Add periodic work fix for bcm43xx driver

Sat Sep 23 2006 Dave Jones <davej@redhat.com>

Disable dgrs driver.

Thu Sep 21 2006 Dave Jones <davej@redhat.com>

reiserfs: make sure all dentry refs are released before calling kill_block_super
Fix up some compile warnings

Thu Sep 21 2006 Juan Quintela <quintela@redhat.com>

re-enable xen.
update xen:
- linux-2.6 changeset: 34294:dc1d277d06e0
- linux-2.6-xen-fedora changeset: 36184:47c098fdce14
- xen-unstable changeset: 11540:9837ff37e354
update xen HV to changeset: 11540:9837ff37e354
xen HV printf rate limit (rostedt).

Wed Sep 20 2006 Dave Jones <davej@redhat.com>

2.6.18
i965 AGP suspend support.
AGP x8 fixes.

Tue Sep 19 2006 Juan Quintela <quintela@redhat.com>

updated xen configs to sync with rawhide ones (don't be afraid, xen0/xenU still around).
xen update.
- linux-2.6 changeset: 34228:ea3369ba1e2c
- linux-2.6-xen-fedora changeset: 36109:eefcfd07d102
- linux-2.6-xen changeset: 22905:d8ae02f7df05
- xen-unstable changeset: 11460:1ece34466781ec55f41fd29d53f6dafd208ba2fa

Mon Sep 18 2006 Dave Jones <davej@redhat.com>

Bring back 586smp
Fix RTC lockdep bug. (Peter Zijlstra)

Mon Sep 18 2006 Juan Quintela <quintela@redhat.com>

xen HV update (cset 11470:2b8dc69744e3).

Sun Sep 17 2006 Juan Quintela <quintela@redhat.com>

xen update:
- linux-2.6 changeset: 34228:ea3369ba1e2c
- linux-2.6-xen-fedora changeset: 36107:47256dbb1583
- linux-2.6-xen changeset: 22905:d8ae02f7df05
- xen-unstable changeset: 11460:1ece34466781ec55f41fd29d53f6dafd208ba2fa

Sun Sep 17 2006 Dave Jones <davej@redhat.com>

Rebase to 2.6.18rc7-git2

Mon Sep 11 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2187_FC5]

Add quirk for Samsung mp3 player. (#198128)

Sun Sep 10 2006 Dave Jones <davej@redhat.com>

Fix up mismerge in USB storage driver.

Sat Sep 9 2006 Dave Jones <davej@redhat.com>

2.6.17.13

Fri Sep 8 2006 Dave Jones <davej@redhat.com>

2.6.17.12

Thu Aug 24 2006 Jarod Wilson <jwilson@redhat.com>

update to 2.6.17.11

Tue Aug 22 2006 Bill Nottingham <notting@redhat.com>

update to 2.6.17.10

Tue Aug 15 2006 Juan Quintela <quintela@redhat.com>

linux-2.6-xen update
- linux-2.6.17-xen cset changeset: 29033:e6adb54afb96
- linux-2.6-xen cset 22813:80c2ccf5c330
s/xen_version/xen_hv_cset/ as Fedora.
update xen hv to cset 11061.
Drop iscsi update patch.

Mon Aug 7 2006 Dave Jones <davej@redhat.com>

2.6.17.8

Fri Aug 4 2006 Dave Jones <davej@redhat.com>

Fix split lock patch for 64bit.

Fri Aug 4 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2171_FC5]

2.6.17.8rc1

Wed Aug 2 2006 Dave Jones <davej@redhat.com>

Readd patch to allow 460800 baud on 16C950 UARTs

Sat Jul 29 2006 Dave Jones <davej@redhat.com>

Silence noisy SCSI ioctl. (#200638)

Fri Jul 28 2006 Dave Jones <davej@redhat.com>

2.6.17.7

Thu Jul 27 2006 Rik van Riel <mchristi@redhat.com>

reduce hypervisor stack use with -O2, this really fixes bug (#198932)

Tue Jul 25 2006 Rik van Riel <mchristi@redhat.com>

disable debug=y hypervisor build option because of stack overflow (#198932)

Tue Jul 25 2006 Dave Jones <davej@redhat.com>

Enable serio_raw (#199387)

Sun Jul 16 2006 Dave Jones <davej@redhat.com>

Support up to 4GB in the 586 kernel again.

Sun Jul 16 2006 Dave Jones <davej@redhat.com>

2.6.17.6

Fri Jul 14 2006 Dave Jones <davej@redhat.com>

Reenable SMC NIC driver.

Tue Jul 11 2006 Dave Jones <davej@redhat.com>

2.6.17.4
Disable split pagetable lock

Sat Jul 8 2006 Juan Quintela <quintela@redhat.com>

enable CONFIG_CRASH on xen kernels.
enable CONFIG_PCIDEV_BACKEND on xen kernels.
make BLKDEV_FRONTEND a module on xen kernels.
rebase with linux-2.6-xen-fedora 28918.
Update to xen-unstable HV cset 10508.
xen: credit scheduler is the default now.

Wed Jul 5 2006 Dave Jones <davej@redhat.com>

Get rid of stack backtrace on panic, which in most cases actually caused a loss of info instead of a gain.

Tue Jul 4 2006 Juan Quintela <quintela@redhat.com>

new merge with xen upstream.
xen kernel don't require xen userland.
new xen kernel (same as rawhide one) with PAE support.
removed xen0-PAE & xenU-PAE (see xen kernel).

Fri Jun 30 2006 Dave Jones <davej@redhat.com>

2.6.17.3
2.6.17.2
Fix the ALSA list_add bug.

Mon Jun 26 2006 Dave Jones <davej@redhat.com>

Enable fake PCI hotplug driver. (#190437)
Enable gameport/joystick on i586 builds. (#196581)

Sat Jun 24 2006 Dave Jones <davej@redhat.com>

Enable profiling for 586 kernels.

Fri Jun 23 2006 Dave Jones <davej@redhat.com>

Make 'quiet' work again.

Tue Jun 20 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2139_FC5]

Rebuild with slab debug off.

Tue Jun 20 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2138_FC5]

2.6.17.1

Sun Jun 18 2006 Dave Jones <davej@redhat.com>

2.6.17
Only print info about SMP alternatives on SMP kernels.

Tue Jun 6 2006 Dave Jones <davej@redhat.com> [2.6.16-1.2133_FC5]

Add a PPC64 kdump kernel.

Mon Jun 5 2006 Dave Jones <davej@redhat.com> [2.6.16-1.2132_FC5]

2.6.16.20

Thu Jun 1 2006 Dave Jones <davej@redhat.com>

Reenable Xen builds.

Tue May 30 2006 Dave Jones <davej@redhat.com>

2.6.16.19

Sun May 28 2006 Dave Jones <davej@redhat.com>

Fix unresolved symbol. (#193333)

Sat May 27 2006 Dave Jones <davej@redhat.com>

Improve list corruption debugging patch.

Fri May 26 2006 Dave Jones <davej@redhat.com>

Remove xenU initrd's when kernel is removed.

Fri May 26 2006 Juan Quintela <quintela@redhat.com>

Remove ARCH=xen reminiscences on spec file

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

82623291d8b24f73db7c1e74c8199cbcb45267c7 SRPMS/kernel-2.6.19-1.2288.2.1.fc5.src.rpm
82623291d8b24f73db7c1e74c8199cbcb45267c7 noarch/kernel-2.6.19-1.2288.2.1.fc5.src.rpm
bdc515a55fc99a40b3770535f76a90be89fb5692 ppc/kernel-2.6.19-1.2288.2.1.fc5.ppc.rpm
a7932bd6a0346b28b9c723c5eb46b60a48f1cdf9 ppc/debug/kernel-debuginfo-2.6.19-1.2288.2.1.fc5.ppc.rpm
a82e1ad7bdff7199624da1d414d4cce8d2762a7f ppc/kernel-smp-devel-2.6.19-1.2288.2.1.fc5.ppc.rpm
ef08c9019190ced47523abdc9b453a4173189379 ppc/kernel-smp-2.6.19-1.2288.2.1.fc5.ppc.rpm
d39072fe42024465182826e366499ff095577a46 ppc/kernel-devel-2.6.19-1.2288.2.1.fc5.ppc.rpm
13288f3db86f210017415d5b90e72f7649db53bd ppc/kernel-doc-2.6.19-1.2288.2.1.fc5.noarch.rpm
374d4826a762a8cf808d7513a5b667a72fab8598 x86_64/kernel-devel-2.6.19-1.2288.2.1.fc5.x86_64.rpm
f6cb1e9dbb708e3561b3f8e0583f5ec816356665 x86_64/kernel-2.6.19-1.2288.2.1.fc5.x86_64.rpm
1aab8ee0a54899e5f240d1fd6e226cbc3a0060d6 x86_64/kernel-kdump-devel-2.6.19-1.2288.2.1.fc5.x86_64.rpm
27607f435d59babc4caf6dbef081119c99f5b8b8 x86_64/kernel-debug-devel-2.6.19-1.2288.2.1.fc5.x86_64.rpm
833ea971cbcc4df3c44a9cc45b19f6e40da40272 x86_64/kernel-kdump-2.6.19-1.2288.2.1.fc5.x86_64.rpm
04ae05187f352dc2107287a621256f6e68bb2256 x86_64/debug/kernel-debuginfo-2.6.19-1.2288.2.1.fc5.x86_64.rpm
14a432b179b3c46aa2976513297be23004befe8e x86_64/kernel-debug-2.6.19-1.2288.2.1.fc5.x86_64.rpm
13288f3db86f210017415d5b90e72f7649db53bd x86_64/kernel-doc-2.6.19-1.2288.2.1.fc5.noarch.rpm
e969b055be17653023522006701995e6d6737be3 i386/debug/kernel-debuginfo-2.6.19-1.2288.2.1.fc5.i386.rpm
a33501849bba5269f15be82d261c429a01d24b1c i386/kernel-smp-2.6.19-1.2288.2.1.fc5.i586.rpm
1c045a9a21c2bcccf43576f9487a651880359717 i386/debug/kernel-debuginfo-2.6.19-1.2288.2.1.fc5.i586.rpm
f29e07edebe59ad2e17b158a5b397c9e9bd4bd28 i386/kernel-devel-2.6.19-1.2288.2.1.fc5.i586.rpm
713a48ad101f28508fc57a8f19d667a0f74acbd0 i386/kernel-2.6.19-1.2288.2.1.fc5.i586.rpm
8d49860b7338b0061f2c6286d66078f1c982b7e3 i386/kernel-smp-devel-2.6.19-1.2288.2.1.fc5.i586.rpm
39598844dc8ec41ca2024b4c2834413e774db718 i386/kernel-smp-debug-devel-2.6.19-1.2288.2.1.fc5.i686.rpm
096a8c967a10f8c0da2484a1a13e6e0ebaf5dbf0 i386/kernel-smp-2.6.19-1.2288.2.1.fc5.i686.rpm
39dacd647234179631a381c62050c8da1fd3048a i386/kernel-smp-debug-2.6.19-1.2288.2.1.fc5.i686.rpm
95c559d9be94102ef5fe626cac745ac2822ace2f i386/kernel-2.6.19-1.2288.2.1.fc5.i686.rpm
cfc79fdbb56179ca9adb276cfb77fbcb8e6d72be i386/kernel-devel-2.6.19-1.2288.2.1.fc5.i686.rpm
8ec8d6309d60d124931274dcf1210ffaa065b08c i386/kernel-smp-devel-2.6.19-1.2288.2.1.fc5.i686.rpm
b647349b8e582d4d3098f34bf0967af382808f56 i386/kernel-kdump-devel-2.6.19-1.2288.2.1.fc5.i686.rpm
499a6b1cc16f092ba140f34354b683e1ee832b6f i386/kernel-debug-2.6.19-1.2288.2.1.fc5.i686.rpm
a4a094bc5a42507e01e5b0ab3d4e2dd2ceec46f7 i386/kernel-debug-devel-2.6.19-1.2288.2.1.fc5.i686.rpm
0a44dc2d7b90ca66a4f2ad77b212e1d86288d795 i386/debug/kernel-debuginfo-2.6.19-1.2288.2.1.fc5.i686.rpm
e3442de6f6ee41b00ee2105608e7ea80a85ab0f9 i386/kernel-kdump-2.6.19-1.2288.2.1.fc5.i686.rpm
13288f3db86f210017415d5b90e72f7649db53bd i386/kernel-doc-2.6.19-1.2288.2.1.fc5.noarch.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.

Fedora Update Notification
FEDORA-2007-291
2007-03-02

Product : Fedora Core 6
Name : kernel
Version : 2.6.19
Release : 1.2911.6.4.fc6
Summary : The Linux kernel (the core of the Linux operating system)

Update Information:

Updated to kernel 2.6.19.5 plus additional fixes:

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.4
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.5

Fixed broken SCSI CDROM IOCTLs.
Added Xen, which was missing from 1.2911.6.3

Sat Feb 24 2007 Chuck Ebbert <cebbert@redhat.com>
- 2.6.19.5
- re-enable Xen
Thu Feb 22 2007 Chuck Ebbert <cebbert@redhat.com>
- 2.6.19.4 (CVE-2007-0772)
- 2.6.19.5-rc1
- bad_inode_ops patch (CVE-2006-5753)
- disable MSI on forcedeth cards (bz #222556)
- Intel HDA si3054 codec (bz #228879)
- "no irq for vector" fix (bz #225399)
- usbnet oops fix (bz #228231)
- swiotlb synchronization fix
- scsi cdrom ioctls were broken

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

3b9c104fb1d67bc46e30f7aeea61dba378fa9746 SRPMS/kernel-2.6.19-1.2911.6.4.fc6.src.rpm
3b9c104fb1d67bc46e30f7aeea61dba378fa9746 noarch/kernel-2.6.19-1.2911.6.4.fc6.src.rpm
8d0ee970cca88644eeecdd92e2061b132f7e7d88 ppc/kernel-smp-devel-2.6.19-1.2911.6.4.fc6.ppc.rpm
4d8af9bdad003eea636765b81b2227ca105a5508 ppc/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.ppc.rpm
b69b995617f08c337850a27afbb04b6bd55d95fb ppc/kernel-smp-2.6.19-1.2911.6.4.fc6.ppc.rpm
a2ae46ea39f017018d7f920e81fd3a908b7c2aca ppc/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.ppc.rpm
e8f0423850df3badc3c4423b96ddd1a7383436e0 ppc/kernel-headers-2.6.19-1.2911.6.4.fc6.ppc.rpm
a954f0c8a26a90e325106ed781805ea80504e5d3 ppc/kernel-2.6.19-1.2911.6.4.fc6.ppc.rpm
fb14aacd01fcb3c812fccab31c34d8ab7c2889f1 ppc/kernel-devel-2.6.19-1.2911.6.4.fc6.ppc.rpm
d8ac1ac311f78d91a2cb6c2d62aa74cbd3a7ae6c ppc/debug/kernel-smp-debuginfo-2.6.19-1.2911.6.4.fc6.ppc.rpm
5bef6ccd05ac52463bf07136805a554b78abc293 ppc/kernel-doc-2.6.19-1.2911.6.4.fc6.noarch.rpm
c8186b782d6b72cdbe656df74ca0b68066e358f6 x86_64/debug/kernel-kdump-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
635820d0672d3087b00f2aabd06cf227a5ac81d6 x86_64/debug/kernel-debug-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
90cc99803c13ae6c301b19936a347f18393dbf87 x86_64/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.x86_64.rpm
7e32e9700922d87c211cd7cf9972ec16f51862be x86_64/kernel-headers-2.6.19-1.2911.6.4.fc6.x86_64.rpm
1f5247118404dd081f872bad871d01a4df4c9f48 x86_64/kernel-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
e9b8f363fde7786dbc01aeff84982669ba1addfd x86_64/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
c575eca9f89cd49194926f7adfaa5349733156be x86_64/debug/kernel-xen-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
7758dbccf92e386794981107d24e8b0afe3336ec x86_64/kernel-debug-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
9f9da8579c498b937718dab6cc6c36981edb25e0 x86_64/kernel-debug-2.6.19-1.2911.6.4.fc6.x86_64.rpm
af71cb466816585b1e1ef52b219d243331acf48c x86_64/kernel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
1d64d3df3530a51ccbe6c9a6011871d347a22bb3 x86_64/kernel-kdump-2.6.19-1.2911.6.4.fc6.x86_64.rpm
36319a5af26ac5c5ac54981f172e7ddcb747e108 x86_64/kernel-xen-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
2349dbcbdc7a3fb36595b5ed230fbb0cb6b53870 x86_64/kernel-kdump-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
0c185d900d99544d035c976cd67d1474dbda245f x86_64/kernel-xen-2.6.19-1.2911.6.4.fc6.x86_64.rpm
5bef6ccd05ac52463bf07136805a554b78abc293 x86_64/kernel-doc-2.6.19-1.2911.6.4.fc6.noarch.rpm
0ebe323bdfda431b7a130c795c23db74230b9c2e i386/kernel-headers-2.6.19-1.2911.6.4.fc6.i386.rpm
b63fb516605aca199fc2b64836d19dc6ff8f4385 i386/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.i586.rpm
c26a954b50047145d7e5047c521ac6f0a19f079b i386/kernel-2.6.19-1.2911.6.4.fc6.i586.rpm
90a0861cbe6c29392a4c79e7999f32a564a5b27b i386/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.i586.rpm
f499a8c9672b1a9f48c0496470f1d32e7a410511 i386/kernel-devel-2.6.19-1.2911.6.4.fc6.i586.rpm
a51887765a0486a3c45259b14f7764f9b6c47534 i386/kernel-xen-2.6.19-1.2911.6.4.fc6.i686.rpm
ad0b66fef22c4345c0c09f6708ef261edad6ee3e i386/debug/kernel-PAE-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
8bb06b600a54b6c9a84b2eea5b527a8fd140f0ff i386/kernel-PAE-debug-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
6503131a6626c7d663e111dc4fcada5d5fbbfd86 i386/kernel-xen-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
3c06d8d1fc9968a608d3c7b11997c2f5615fa0ea i386/debug/kernel-PAE-debug-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
928e207a8f6ba0078d2542ef00dce6ec6c88e57e i386/kernel-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
c152a8bd1295ad530403b0b28872dbcd983bd95c i386/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
57feaf429fb2a621b12dfe6f197b6e6b8085397e i386/kernel-kdump-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
14092a07b3f413d8a2ef6638421f7b43fc84ee2e i386/kernel-PAE-2.6.19-1.2911.6.4.fc6.i686.rpm
854a3f431853eba65a7ff0606c1e0d4bf5e42163 i386/kernel-kdump-2.6.19-1.2911.6.4.fc6.i686.rpm
a5041c5c75ea3ae219f3e441003ea3bdc6e6936d i386/kernel-debug-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
26d245bb933095da338b09210b13318cb4ce67b5 i386/kernel-2.6.19-1.2911.6.4.fc6.i686.rpm
c2a4b2ffd08a7506063c37aab9319d430f7d89f0 i386/debug/kernel-xen-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
ebde06cf5161547121917b373dd9c76afca391d2 i386/kernel-PAE-debug-2.6.19-1.2911.6.4.fc6.i686.rpm
ec2513833b94472935f8b7b9971f3f3512476144 i386/kernel-debug-2.6.19-1.2911.6.4.fc6.i686.rpm
b4a2da9eb3082806afaeee95e81e1ef9fdc88e48 i386/debug/kernel-kdump-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
5f7aa907b024d69f92b99c204c5aab9302fd4229 i386/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.i686.rpm
d70d9ec257ed8867bf1deb11d86aca8aee834981 i386/kernel-PAE-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
ab22eb32f09b3210de7d4b4dd53111706448cf75 i386/debug/kernel-debug-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
5bef6ccd05ac52463bf07136805a554b78abc293 i386/kernel-doc-2.6.19-1.2911.6.4.fc6.noarch.rpm

Gentoo Linux

Gentoo Linux Security Advisory GLSA 200703-01

http://security.gentoo.org/

Severity: High
Title: Snort: Remote execution of arbitrary code
Date: February 23, 2007
Bugs: #167730
ID: 200703-01

Synopsis

The Snort DCE/RPC preprocessor contains a buffer overflow that could result in the remote execution of arbitrary code.

Background

Snort is a widely deployed intrusion detection program.

Affected packages

Package / Vulnerable / Unaffected

1 net-analyzer/snort < 2.6.1.3 >= 2.6.1.3

Description

The Snort DCE/RPC preprocessor does not properly reassemble certain types of fragmented SMB and DCE/RPC packets.

Impact

A remote attacker could send specially crafted fragmented SMB or DCE/RPC packets, without the need to finish the TCP handshake, that would trigger a stack-based buffer overflow while being reassembled. This could lead to the execution of arbitrary code with the permissions of the user running the Snort preprocessor.

Workaround

Disable the DCE/RPC processor by commenting 'preprocessor rpc_decode' and 'include $RULE_PATH/rpc.rules' from /etc/snort/snort.conf .

Resolution

All Snort users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-analyzer/snort-2.6.1.3"

References

[ 1 ] CVE-2006-5276

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5276

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-01.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200703-01:02

http://security.gentoo.org/

Severity: High
Title: Snort: Remote execution of arbitrary code
Date: February 23, 2007
Updated: March 02, 2007
Bugs: #167730
ID: 200703-01:02

Errata

The initial workaround provided by the GLSA does not avoid the mentioned vulnerability.

The corrected section appears below.

Workaround

Disable the DCE/RPC processor by commenting the 'preprocessor dcerpc' section in /etc/snort/snort.conf .

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-01.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory GLSA 200703-02

http://security.gentoo.org/

Severity: Normal
Title: SpamAssassin: Long URI Denial of Service
Date: March 02, 2007
Bugs: #166969
ID: 200703-02

Synopsis

SpamAssassin is vulnerable to a Denial of Service attack.

Background

SpamAssassin is an extensible email filter used to identify junk email.

Affected packages


     Package                   /  Vulnerable  /             Unaffected

  1  mail-filter/spamassassin       < 3.1.8                   >= 3.1.8

Description

SpamAssassin does not correctly handle very long URIs when scanning emails.

Impact

An attacker could cause SpamAssassin to consume large amounts of CPU and memory resources by sending one or more emails containing very long URIs.

Workaround

There is no known workaround at this time.

Resolution

All SpamAssassin users should upgrade to the latest version.

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=mail-filter/spamassassin-3.1.8"

References

[ 1 ] CVE-2007-0451

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0451

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-02.xml

Concerns?

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory GLSA 200703-03

http://security.gentoo.org/

Severity: Normal
Title: ClamAV: Denial of Service
Date: March 02, 2007
Bugs: #167201
ID: 200703-03

Synopsis

ClamAV contains two vulnerabilities allowing a Denial of Service.

Background

ClamAV is a GPL virus scanner.

Affected packages


     Package               /  Vulnerable  /                 Unaffected

  1  app-antivirus/clamav       < 0.90                         >= 0.90

Description

An anonymous researcher discovered a file descriptor leak error in the processing of CAB archives and a lack of validation of the "id" parameter string used to create local files when parsing MIME headers.

Impact

A remote attacker can send several crafted CAB archives with a zero-length record header that will fill the available file descriptors until no other is available, which will prevent ClamAV from scanning most archives. An attacker can also send an email with specially crafted MIME headers to overwrite local files with the permissions of the user running ClamAV, such as the virus database file, which could prevent ClamAV from detecting any virus.

Workaround

The first vulnerability can be prevented by refusing any file of type CAB, but there is no known workaround for the second issue.

Resolution

All ClamAV users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.90"

References

[ 1 ] CVE-2007-0897

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0897

[ 2 ] CVE-2007-0898

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0898

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-03.xml

Concerns?

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory GLSA 200703-04

http://security.gentoo.org/

Severity: Normal
Title: Mozilla Firefox: Multiple vulnerabilities
Date: March 02, 2007
Bugs: #165555
ID: 200703-04

Synopsis

Multiple vulnerabilities have been reported in Mozilla Firefox, some of which may allow user-assisted arbitrary remote code execution.

Background

Mozilla Firefox is a popular open-source web browser from the Mozilla Project.

Affected packages

Package / Vulnerable / Unaffected

1 www-client/mozilla-firefox < 2.0.0.2 *>= 1.5.0.10 >= 2.0.0.2 2 www-client/mozilla-firefox-bin < 2.0.0.2 *>= 1.5.0.10 >= 2.0.0.2 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures.

Description

Tom Ferris reported a heap-based buffer overflow involving wide SVG stroke widths that affects Mozilla Firefox 2 only. Various researchers reported some errors in the JavaScript engine potentially leading to memory corruption. Mozilla Firefox also contains minor vulnerabilities involving cache collision and unsafe pop-up restrictions, filtering or CSS rendering under certain conditions.

Impact

An attacker could entice a user to view a specially crafted web page that will trigger one of the vulnerabilities, possibly leading to the execution of arbitrary code. It is also possible for an attacker to spoof the address bar, steal information through cache collision, bypass the local files protection mechanism with pop-ups, or perform cross-site scripting attacks, leading to the exposure of sensitive information, like user credentials.

Workaround

There is no known workaround at this time for all of these issues, but most of them can be avoided by disabling JavaScript.

Resolution

Users upgrading to the following releases of Mozilla Firefox should note that this upgrade has been found to lose the saved passwords file in some cases. The saved passwords are encrypted and stored in the 'signons.txt' file of ~/.mozilla/ and we advise our users to save that file before performing the upgrade.

All Mozilla Firefox 1.5 users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-1.5.0.10"

All Mozilla Firefox 1.5 binary users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-1.5.0.10"

All Mozilla Firefox 2.0 users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-2.0.0.2"

All Mozilla Firefox 2.0 binary users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-2.0.0.2"

References

[ 1 ] CVE-2006-6077

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077

[ 2 ] CVE-2007-0775

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775

[ 3 ] CVE-2007-0776

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0776

[ 4 ] CVE-2007-0777

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777

[ 5 ] CVE-2007-0778

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778

[ 6 ] CVE-2007-0779

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779

[ 7 ] CVE-2007-0780

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780

[ 8 ] CVE-2007-0800

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800

[ 9 ] CVE-2007-0801

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0801

[ 10 ] CVE-2007-0981

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981

[ 11 ] CVE-2007-0995

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995

[ 12 ] Mozilla password loss bug

https://bugzilla.mozilla.org/show_bug.cgi?id=360493#c366

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-04.xml

Concerns?

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory GLSA 200703-05

http://security.gentoo.org/

Severity: Normal
Title: Mozilla Suite: Multiple vulnerabilities
Date: March 03, 2007
Bugs: #135257
ID: 200703-05

Synopsis

Several vulnerabilities exist in the Mozilla Suite, which is no longer supported by the Mozilla project.

Background

The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader.

Affected packages


     Package                 /  Vulnerable  /               Unaffected


  1  www-client/mozilla          <= 1.7.13                 Vulnerable!
  2  www-client/mozilla-bin      <= 1.7.13                 Vulnerable!
    -------------------------------------------------------------------
     NOTE: Certain packages are still vulnerable. Users should migrate
           to another package if one is available or wait for the
           existing packages to be marked stable by their
           architecture maintainers.
    -------------------------------------------------------------------
     2 affected packages on all of their supported architectures.

Description

Several vulnerabilities ranging from code execution with elevated privileges to information leaks affect the Mozilla Suite.

Impact

A remote attacker could entice a user to browse to a specially crafted website or open a specially crafted mail that could trigger some of the vulnerabilities, potentially allowing execution of arbitrary code, denials of service, information leaks, or cross-site scripting attacks leading to the robbery of cookies of authentication credentials.

Workaround

Most of the issues, but not all of them, can be prevented by disabling the HTML rendering in the mail client and JavaScript on every application.

Resolution

The Mozilla Suite is no longer supported and has been masked after some necessary changes on all the other ebuilds which used to depend on it. Mozilla Suite users should unmerge www-client/mozilla or www-client/mozilla-bin, and switch to a supported product, like SeaMonkey, Thunderbird or Firefox.

    # emerge --unmerge "www-client/mozilla"

    # emerge --unmerge "www-client/mozilla-bin"

References

[ 1 ] Official Advisory

http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-05.xml

Concerns?

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Mandriva Linux

Mandriva Linux Security Advisory MDKSA-2007:050-1
http://www.mandriva.com/security/

Package : mozilla-firefox
Date : March 2, 2007
Affected: 2007.0, Corporate 3.0, Corporate 4.0

Problem Description:

A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10.

This update provides the latest Firefox to correct these issues.

Update:

A regression was found in the latest Firefox packages provided where changes to library paths caused applications that depended on the NSS libraries (such as Thunderbird and Evolution) to fail to start or fail to load certain SSL-related security components. These new packages correct that problem and we apologize for any inconvenience the previous update may have caused.

References:

Updated Packages:

Mandriva Linux 2007.0:
411bc0bdd8dc32950a84c77ed3319508 2007.0/i586/libmozilla-firefox1.5.0.10-1.5.0.10-2mdv2007.0.i586.rpm
9ceb031931003fb861882f4455c6648b 2007.0/i586/libmozilla-firefox1.5.0.10-devel-1.5.0.10-2mdv2007.0.i586.rpm
db615eadf763927182c8657d11b1ae54 2007.0/i586/libnspr4-1.5.0.10-2mdv2007.0.i586.rpm
bd7dca3e972f552b5dd347822e17f1e1 2007.0/i586/libnspr4-devel-1.5.0.10-2mdv2007.0.i586.rpm
bb4709aa4bf277e32c25e07d93641802 2007.0/i586/libnspr4-static-devel-1.5.0.10-2mdv2007.0.i586.rpm
babf7d44d0340cd51f45249d3002180e 2007.0/i586/libnss3-1.5.0.10-2mdv2007.0.i586.rpm
19a967982b748b879b1904d5bcea174d 2007.0/i586/libnss3-devel-1.5.0.10-2mdv2007.0.i586.rpm
6333bab7a5d530836fa5a64383bcdd30 2007.0/i586/mozilla-firefox-1.5.0.10-2mdv2007.0.i586.rpm
72672b4bbfcc4f13d5820a4c11bca547 2007.0/SRPMS/mozilla-firefox-1.5.0.10-2mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
9fe9779d9d02f0aa73d28096cc237d00 2007.0/x86_64/lib64mozilla-firefox1.5.0.10-1.5.0.10-2mdv2007.0.x86_64.rpm
3c0a879b450f5c2569eb81d397a82906 2007.0/x86_64/lib64mozilla-firefox1.5.0.10-devel-1.5.0.10-2mdv2007.0.x86_64.rpm
338d81330e754d5ffd22dea67c2fbfd2 2007.0/x86_64/lib64nspr4-1.5.0.10-2mdv2007.0.x86_64.rpm
0c840ec9a78c48d975db6bca80e53caa 2007.0/x86_64/lib64nspr4-devel-1.5.0.10-2mdv2007.0.x86_64.rpm
3f1ba2da63bf990b3958f184bdf4d96f 2007.0/x86_64/lib64nspr4-static-devel-1.5.0.10-2mdv2007.0.x86_64.rpm
cd9ef9efe9f859467a07bfc20899156d 2007.0/x86_64/lib64nss3-1.5.0.10-2mdv2007.0.x86_64.rpm
d6243e7d7c76a5ff5a418f7304cdcff2 2007.0/x86_64/lib64nss3-devel-1.5.0.10-2mdv2007.0.x86_64.rpm
0fec2d70c6a797521304598b802d03b1 2007.0/x86_64/mozilla-firefox-1.5.0.10-2mdv2007.0.x86_64.rpm
72672b4bbfcc4f13d5820a4c11bca547 2007.0/SRPMS/mozilla-firefox-1.5.0.10-2mdv2007.0.src.rpm

Corporate 3.0:
24fbf58752279b3a5ec8d186d7c6142b corporate/3.0/i586/libnspr4-1.5.0.10-1.1.C30mdk.i586.rpm
cc59dd85bcdc065ed4ee7f3d299e971a corporate/3.0/i586/libnspr4-devel-1.5.0.10-1.1.C30mdk.i586.rpm
284b6bf1210fb854361a9af3062528e1 corporate/3.0/i586/libnspr4-static-devel-1.5.0.10-1.1.C30mdk.i586.rpm
cf17ffa7ff1734b850c7f7a5b7f780ee corporate/3.0/i586/libnss3-1.5.0.10-1.1.C30mdk.i586.rpm
82e74bce4abb564958d0225bc94687d6 corporate/3.0/i586/libnss3-devel-1.5.0.10-1.1.C30mdk.i586.rpm
5af5da7a1f51c609568f03b2026c0687 corporate/3.0/i586/mozilla-firefox-1.5.0.10-1.1.C30mdk.i586.rpm
df2d940bf4af073e1dc983c1143a8079 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.10-1.1.C30mdk.i586.rpm
efd17411a1dc5bed3d7e79f0a28b4073 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
be6fa4a501b973f9016716ae6ffb1b25 corporate/3.0/x86_64/lib64nspr4-1.5.0.10-1.1.C30mdk.x86_64.rpm
a06bb78d6531ffac3e750236a0cb13de corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm
2f2dd393236be80e8f8ca226145115e7 corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm
3a42bca7fd7ab26e65bf0a4ca7485db1 corporate/3.0/x86_64/lib64nss3-1.5.0.10-1.1.C30mdk.x86_64.rpm
68cef069c9e2d4f1336c58e8e5f126ca corporate/3.0/x86_64/lib64nss3-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm
0bd6c6adc8fd1be8d3b02fb5505c9330 corporate/3.0/x86_64/mozilla-firefox-1.5.0.10-1.1.C30mdk.x86_64.rpm
27262a966199c19006327fa21dab1f69 corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm
efd17411a1dc5bed3d7e79f0a28b4073 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.C30mdk.src.rpm

Corporate 4.0:
0f782ea68bc9177e333dd77c26eeec7f corporate/4.0/i586/libnspr4-1.5.0.10-1.1.20060mlcs4.i586.rpm
408511a886dd0619f4ae9a1d93137eeb corporate/4.0/i586/libnspr4-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm
6b3ad9cf7c2f4b7a008c6fd9c584289b corporate/4.0/i586/libnspr4-static-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm
31927dd82ca439052fe166e6b2864e07 corporate/4.0/i586/libnss3-1.5.0.10-1.1.20060mlcs4.i586.rpm
021eef345d030d8112f227b0b2c3a0f6 corporate/4.0/i586/libnss3-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm
2485f65a1860840e7abe7cd5a447c538 corporate/4.0/i586/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.i586.rpm
ef609ec54c3e70b47067668f68c74e65 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm
64e5ea6cd7dc856aa4f7eda630e40d14 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
fab1a497ea9801a29637f049e520422b corporate/4.0/x86_64/lib64nspr4-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
647d403327794eb30e81e6b91b407dd1 corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
247c6c555fe4917bbdf3ae884ac309ba corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
710e426e4200912e2b4718d1c0613c58 corporate/4.0/x86_64/lib64nss3-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
2efe3ddeb772f3d706f429bccd34675c corporate/4.0/x86_64/lib64nss3-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
13e414365c4f1d3768a375cf29a40aa4 corporate/4.0/x86_64/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
261d63f5547804f20ee022290429c866 corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
64e5ea6cd7dc856aa4f7eda630e40d14 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>

Red Hat Linux

Red Hat Security Advisory

Synopsis: Critical: thunderbird security update
Advisory ID: RHSA-2007:0078-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0078.html
Issue date: 2007-03-02
Updated on: 2007-03-02
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-6077 CVE-2007-0008 CVE-2007-0009 CVE-2007-0775 CVE-2007-0777 CVE-2007-0778 CVE-2007-0779 CVE-2007-0780 CVE-2007-0800 CVE-2007-0981 CVE-2007-0994 CVE-2007-0995 CVE-2007-0996 CVE-2007-1092

1. Summary:

Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A malicious HTML mail message could execute JavaScript code in such a way that may result in Thunderbird crashing or executing arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-0775, CVE-2007-0777, CVE-2007-1092)

A flaw was found in the way Thunderbird processed JavaScript contained in certain tags. A malicious HTML mail message could execute JavaScript code with the privileges of the user running Thunderbird. (CVE-2007-0994)

Several cross-site scripting (XSS) flaws were found in the way Thunderbird processed certain malformed HTML mail messages. A malicious HTML mail message could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996)

A flaw was found in the way Thunderbird cached web content on the local disk. A malicious HTML mail message may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778)

A flaw was found in the way Thunderbird displayed certain web content. A malicious HTML mail message could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779)

Two flaws were found in the way Thunderbird displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800)

Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running Thunderbird. (CVE-2007-0008, CVE-2007-0009)

A flaw was found in the way Thunderbird handled the "location.hostname" value during certain browser domain checks. This flaw could allow a malicious HTML mail message to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981)

Users of Thunderbird are advised to apply this update, which contains Thunderbird version 1.5.0.10 that corrects these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

204453 - Thunderbird startup script not updated for the add-on based locale
230542 - CVE-2007-0775 Multiple Thunderbird flaws (CVE-2007-0777, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007-0981, CVE-2007-1092)
230733 - CVE-2007-0994 Thunderbird arbitrary javascript command execution

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/thunderbird-1.5.0.10-0.1.el4.src.rpm
61e8fd63c57291ea007117b1a4ca77ef thunderbird-1.5.0.10-0.1.el4.src.rpm

i386:
476d788b6fee2f095a21f0e2f65c1474 thunderbird-1.5.0.10-0.1.el4.i386.rpm
61c667cb434f9f38aa18fca85d7631c0 thunderbird-debuginfo-1.5.0.10-0.1.el4.i386.rpm

ia64:
2b2d89e99412ae5dff0c9839ebbea606 thunderbird-1.5.0.10-0.1.el4.ia64.rpm
fde88d8525d4ac222aba0581b1d76b30 thunderbird-debuginfo-1.5.0.10-0.1.el4.ia64.rpm

ppc:
339c890b3b2e6d0e3793d21fdeb94431 thunderbird-1.5.0.10-0.1.el4.ppc.rpm
3e6f95720045a82a1bed05722d3fbf66 thunderbird-debuginfo-1.5.0.10-0.1.el4.ppc.rpm

s390:
402cf9e68a52f43b1aacb3726efd8f55 thunderbird-1.5.0.10-0.1.el4.s390.rpm
adfc6b41f62d4bb21f48ed1221f7328b thunderbird-debuginfo-1.5.0.10-0.1.el4.s390.rpm

s390x:
9b5df13b2a710819dc125cc6934bd5e8 thunderbird-1.5.0.10-0.1.el4.s390x.rpm
4a505c3e32d70b1caff27e1cb8d191b2 thunderbird-debuginfo-1.5.0.10-0.1.el4.s390x.rpm

x86_64:
71ef8d103632694f24d612c36b1dfe5d thunderbird-1.5.0.10-0.1.el4.x86_64.rpm
45750ce0924bd52ce9d42ac3ddb7df20 thunderbird-debuginfo-1.5.0.10-0.1.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/thunderbird-1.5.0.10-0.1.el4.src.rpm
61e8fd63c57291ea007117b1a4ca77ef thunderbird-1.5.0.10-0.1.el4.src.rpm

i386:
476d788b6fee2f095a21f0e2f65c1474 thunderbird-1.5.0.10-0.1.el4.i386.rpm
61c667cb434f9f38aa18fca85d7631c0 thunderbird-debuginfo-1.5.0.10-0.1.el4.i386.rpm

x86_64:
71ef8d103632694f24d612c36b1dfe5d thunderbird-1.5.0.10-0.1.el4.x86_64.rpm
45750ce0924bd52ce9d42ac3ddb7df20 thunderbird-debuginfo-1.5.0.10-0.1.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/thunderbird-1.5.0.10-0.1.el4.src.rpm
61e8fd63c57291ea007117b1a4ca77ef thunderbird-1.5.0.10-0.1.el4.src.rpm

i386:
476d788b6fee2f095a21f0e2f65c1474 thunderbird-1.5.0.10-0.1.el4.i386.rpm
61c667cb434f9f38aa18fca85d7631c0 thunderbird-debuginfo-1.5.0.10-0.1.el4.i386.rpm

ia64:
2b2d89e99412ae5dff0c9839ebbea606 thunderbird-1.5.0.10-0.1.el4.ia64.rpm
fde88d8525d4ac222aba0581b1d76b30 thunderbird-debuginfo-1.5.0.10-0.1.el4.ia64.rpm

x86_64:
71ef8d103632694f24d612c36b1dfe5d thunderbird-1.5.0.10-0.1.el4.x86_64.rpm
45750ce0924bd52ce9d42ac3ddb7df20 thunderbird-debuginfo-1.5.0.10-0.1.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/thunderbird-1.5.0.10-0.1.el4.src.rpm
61e8fd63c57291ea007117b1a4ca77ef thunderbird-1.5.0.10-0.1.el4.src.rpm

i386:
476d788b6fee2f095a21f0e2f65c1474 thunderbird-1.5.0.10-0.1.el4.i386.rpm
61c667cb434f9f38aa18fca85d7631c0 thunderbird-debuginfo-1.5.0.10-0.1.el4.i386.rpm

ia64:
2b2d89e99412ae5dff0c9839ebbea606 thunderbird-1.5.0.10-0.1.el4.ia64.rpm
fde88d8525d4ac222aba0581b1d76b30 thunderbird-debuginfo-1.5.0.10-0.1.el4.ia64.rpm

x86_64:
71ef8d103632694f24d612c36b1dfe5d thunderbird-1.5.0.10-0.1.el4.x86_64.rpm
45750ce0924bd52ce9d42ac3ddb7df20 thunderbird-debuginfo-1.5.0.10-0.1.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Red Hat Security Advisory

Synopsis: Critical: mod_jk security update
Advisory ID: RHSA-2007:0096-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0096.html
Issue date: 2007-03-02
Updated on: 2007-03-02
Product: Red Hat Application Stack
CVE Names: CVE-2007-0774

1. Summary:

Updated mod_jk packages that fix a security issue are now available for Red Hat Application Stack v1.1.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64
Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64

3. Problem description:

mod_jk is a Tomcat connector that can be used to communicate between Tomcat and the Apache HTTP Server 2. mod_jk was first distributed with Red Hat Application Stack version 1.1 released on 19 February 2007.

A stack overflow flaw was found in the URI handler of mod_jk. A remote attacker could visit a carefully crafted URL being handled by mod_jk and trigger this flaw, which could lead to the execution of arbitrary code as the 'apache' user. (CVE-2007-0774)

Users of mod_jk should upgrade to these updated packages, which contain a backported patch to correct this issue.

Red Hat would like to thank TippingPoint and the Zero Day Initiative for reporting this issue.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory only contains the desired RPMs.

Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

230045 - CVE-2007-0774 mod_jk overflow flaw

6. RPMs required:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4):

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/mod_jk-1.2.20-1.el4s1.2.src.rpm
53cfc442eaf404f5ff6e9d3ac8b65d9d mod_jk-1.2.20-1.el4s1.2.src.rpm

i386:
40a1276add3a9336b4391f46279f2ce5 mod_jk-ap20-1.2.20-1.el4s1.2.i386.rpm
601454f1c882149aaf10f4ec87278876 mod_jk-debuginfo-1.2.20-1.el4s1.2.i386.rpm
69eba1ce187bcb64adc400af5836e8c7 mod_jk-manual-1.2.20-1.el4s1.2.i386.rpm

x86_64:
f59150fc0501348d6031cea0b1df2eb1 mod_jk-ap20-1.2.20-1.el4s1.2.x86_64.rpm
4f6214772bb4a0412ccc892b3e052413 mod_jk-debuginfo-1.2.20-1.el4s1.2.x86_64.rpm
68a22cc1317cb05d979d29a2f5288ed3 mod_jk-manual-1.2.20-1.el4s1.2.x86_64.rpm

Red Hat Application Stack v1 for Enterprise Linux ES (v.4):

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/mod_jk-1.2.20-1.el4s1.2.src.rpm
53cfc442eaf404f5ff6e9d3ac8b65d9d mod_jk-1.2.20-1.el4s1.2.src.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774
http://www.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Ubuntu

Ubuntu Security Notice USN-428-2 March 02, 2007
firefox regression
https://launchpad.net/bugs/88990

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS:

firefox 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.2
libnspr4 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.2
libnss3 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.2

After a standard system upgrade you need to restart Firefox to effect the necessary changes.

Details follow:

USN-428-1 fixed vulnerabilities in Firefox 1.5. However, changes to library paths caused applications depending on libnss3 to fail to start up. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Several flaws have been found that could be used to perform Cross-site scripting attacks. A malicious web site could exploit these to modify the contents or steal confidential data (such as passwords) from other opened web pages. (CVE-2006-6077, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996)

The SSLv2 protocol support in the NSS library did not sufficiently check the validity of public keys presented with a SSL certificate. A malicious SSL web site using SSLv2 could potentially exploit this to execute arbitrary code with the user's privileges. (CVE-2007-0008)

The SSLv2 protocol support in the NSS library did not sufficiently verify the validity of client master keys presented in an SSL client certificate. A remote attacker could exploit this to execute arbitrary code in a server application that uses the NSS library. (CVE-2007-0009)

Various flaws have been reported that could allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page. (CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-1092)

Two web pages could collide in the disk cache with the result that depending on order loaded the end of the longer document could be appended to the shorter when the shorter one was reloaded from the cache. It is possible a determined hacker could construct a targeted attack to steal some sensitive data from a particular web page. The potential victim would have to be already logged into the targeted service (or be fooled into doing so) and then visit the malicious site. (CVE-2007-0778)

David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using custom cursor images and a specially crafted style sheet. (CVE-2007-0779)

Updated packages for Ubuntu 6.06 LTS:

Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.2.diff.gz
      Size/MD5: 177681 367677dfb9fcdea096afe508f510507a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.2.dsc
      Size/MD5: 1120 e96bcad4e4a2fdff5e90047442a854e3
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10.orig.tar.gz
      Size/MD5: 44679183 d55d439c238064ddcedb8fabb6089ff2

Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.2_all.deb
      Size/MD5: 50480 0a9654e29b1e7b315fe7bcde85fe0a82
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.2_all.deb
      Size/MD5: 51368 f7d7e7df86459c24fa3184da5e723ca3

amd64 architecture (Athlon64, Opteron, EM64T Xeon)