Debian GNU/Linux
Debian Security Advisory DSA 987-1 [email protected]
http://www.debian.org/security/
Moritz Muehlenhoff
March 7th, 2006 http://www.debian.org/security/faq
Package : tar
Vulnerability : buffer overflow
Problem-Type : local(remote)
Debian-specific: no
CVE ID : CVE-2006-0300
Debian Bug : 314805
Jim Meyering discovered several buffer overflows in GNU tar,
which may lead to the execution of arbitrary code through specially
crafted tar archives.
The old stable distribution (woody) is not affected by this
problem.
For the stable distribution (sarge) this problem has been fixed
in version 1.14-2.1.
For the unstable distribution (sid) this problem has been fixed
in version 1.15.1-3.
We recommend that you upgrade your tar package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1.dsc
Size/MD5 checksum: 554
3042cf964a78dcdf6e2b6d249f526ba3
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1.diff.gz
Size/MD5 checksum: 21956
5c2a4d59a787257f6193a13cfecef91d
http://security.debian.org/pool/updates/main/t/tar/tar_1.14.orig.tar.gz
Size/MD5 checksum: 1485633
3094544702b1affa32d969f0b6459663
Alpha architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_alpha.deb
Size/MD5 checksum: 520038
d4b36a6ce0e06c97111d4187ade09962
AMD64 architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_amd64.deb
Size/MD5 checksum: 503250
64898d22642566fac2a70318262fc3c5
ARM architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_arm.deb
Size/MD5 checksum: 499498
5b6a94b5e9b66062d99f144655671847
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_i386.deb
Size/MD5 checksum: 499300
fed1f5e8443e4553e3408588c0f5fedd
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_ia64.deb
Size/MD5 checksum: 542832
1165d04108e7a955f625d0fbe0124af0
HP Precision architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_hppa.deb
Size/MD5 checksum: 517190
f4ac26e95c28b167ba444c28394632b3
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_m68k.deb
Size/MD5 checksum: 488360
cd50831cac6eb2567c37bc8575cee797
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_mips.deb
Size/MD5 checksum: 519882
a3956e10ed7ef0e4aecfba04d6a84538
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_mipsel.deb
Size/MD5 checksum: 519624
c8bbe871ba1d3302653fc0d8a4f93da1
PowerPC architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_powerpc.deb
Size/MD5 checksum: 506190
5b0ecfa06241e0d482fa2e68a378df88
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_s390.deb
Size/MD5 checksum: 511234
0397890904020953a5d5ca49e2a51f1b
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_sparc.deb
Size/MD5 checksum: 499150
554e29b775d1c5400e3514d5a46412ee
These files will probably be moved into the stable distribution
on its next update.
For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>
Mandriva Linux
Mandriva Linux Security Advisory MDKSA-2006:053
http://www.mandriva.com/security/
Package : freeciv
Date : March 7, 2006
Affected: 2006.0
Problem Description:
A Denial of Service vulnerability was discovered in the
civserver component of the freeciv game on certain incoming
packets.
The updated packages have been patched to fix this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0047
Updated Packages:
Mandriva Linux 2006.0:
5ece42ce68f081e778b3a102bccf5e1e
2006.0/RPMS/freeciv-client-2.0.4-2.1.20060mdk.i586.rpm
e5d33682e9b3068e314164839f02f5d2
2006.0/RPMS/freeciv-data-2.0.4-2.1.20060mdk.i586.rpm
1d264e091e3c04cae8a0a47a72c290ba
2006.0/RPMS/freeciv-server-2.0.4-2.1.20060mdk.i586.rpm
c7c255e3aba2960c99837a74bd3716d1
2006.0/SRPMS/freeciv-2.0.4-2.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
eb3e1e5746478a279a8641b123c30c44
x86_64/2006.0/RPMS/freeciv-client-2.0.4-2.1.20060mdk.x86_64.rpm
02ecd1ff1f7e66766dbe9fe93f352097
x86_64/2006.0/RPMS/freeciv-data-2.0.4-2.1.20060mdk.x86_64.rpm
c27b2c17fddc7a182eb1e9c9a525b55e
x86_64/2006.0/RPMS/freeciv-server-2.0.4-2.1.20060mdk.x86_64.rpm
c7c255e3aba2960c99837a74bd3716d1
x86_64/2006.0/SRPMS/freeciv-2.0.4-2.1.20060mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.
All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:
gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
Red Hat Linux
Red Hat Security Advisory
Synopsis: Moderate: initscripts security update
Advisory ID: RHSA-2006:0016-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0016.html
Issue date: 2006-03-07
Updated on: 2006-03-07
Product: Red Hat Enterprise Linux
CVE Names: CVE-2005-3629
1. Summary:
An updated initscripts package that fixes a privilege escalation
issue and several bugs is now available.
This update has been rated as having moderate security impact by
the Red Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 – i386, ia64, ppc, s390,
s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 – i386, x86_64
Red Hat Enterprise Linux ES version 4 – i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 – i386, ia64, x86_64
3. Problem description:
The initscripts package contains the basic system scripts used
to boot your Red Hat system, change runlevels, and shut the system
down cleanly. Initscripts also contains the scripts that activate
and deactivate most network interfaces.
A bug was found in the way initscripts handled various
environment variables when the /sbin/service command is run. It is
possible for a local user with permissions to execute /sbin/service
via sudo to execute arbitrary commands as the ‘root’ user. The
Common Vulnerabilities and Exposures project (cve.mitre.org/) assigned the name
CVE-2005-3629 to this issue.
The following issues have also been fixed in this update:
- extraneous characters were logged on bootup
- fsck was attempted on file systems marked with _netdev in
rc.sysinit before they were available - the dynamically-linked /sbin/multipath was called instead of
the correct /sbin/multiplath.static
Additionally, this update includes support for partitioned
multipath devices and a technology preview of static IP over
InifiniBand.
All users of initscripts should upgrade to this updated package,
which resolves these issues.
4. Solution:
Before applying this update, make sure all previously released
errata relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat
Network, launch the Red Hat Update Agent with the following
command:
up2date
This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.
5. Bug IDs fixed (http://bugzilla.redhat.com/):
108827 – RHEL4: Infiniband support
168321 – rc.sysinit call dynamicly linked multipath rather than
multipath.static
171912 – Bogus messages in system log (/var/log/messages)
172804 – Automount of the emcpower device fails if fsck is enabled
for the device in /etc/fstab.
174849 – CVE-2005-3629 root shell can be gained from service if ran
through sudo
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/initscripts-7.93.24.EL-1.1.src.rpm
97f9a2e5fd448296d02daaa048781e1d
initscripts-7.93.24.EL-1.1.src.rpm
i386:
46d827b57bce985fe3aa3141ee6c44dc
initscripts-7.93.24.EL-1.1.i386.rpm
ia64:
62f0d0c4cfa20323ca3037f8c498bb61
initscripts-7.93.24.EL-1.1.ia64.rpm
ppc:
40229906eddd7dfe2151ed27ab56f587
initscripts-7.93.24.EL-1.1.ppc.rpm
s390:
3b8c0a755d1553c0e4380aa6e19cb414
initscripts-7.93.24.EL-1.1.s390.rpm
s390x:
80c5a6ceed345cd365c772356139f92c
initscripts-7.93.24.EL-1.1.s390x.rpm
x86_64:
848d807446d5c72aa9333eaa892ecd17
initscripts-7.93.24.EL-1.1.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/initscripts-7.93.24.EL-1.1.src.rpm
97f9a2e5fd448296d02daaa048781e1d
initscripts-7.93.24.EL-1.1.src.rpm
i386:
46d827b57bce985fe3aa3141ee6c44dc
initscripts-7.93.24.EL-1.1.i386.rpm
x86_64:
848d807446d5c72aa9333eaa892ecd17
initscripts-7.93.24.EL-1.1.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/initscripts-7.93.24.EL-1.1.src.rpm
97f9a2e5fd448296d02daaa048781e1d
initscripts-7.93.24.EL-1.1.src.rpm
i386:
46d827b57bce985fe3aa3141ee6c44dc
initscripts-7.93.24.EL-1.1.i386.rpm
ia64:
62f0d0c4cfa20323ca3037f8c498bb61
initscripts-7.93.24.EL-1.1.ia64.rpm
x86_64:
848d807446d5c72aa9333eaa892ecd17
initscripts-7.93.24.EL-1.1.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/initscripts-7.93.24.EL-1.1.src.rpm
97f9a2e5fd448296d02daaa048781e1d
initscripts-7.93.24.EL-1.1.src.rpm
i386:
46d827b57bce985fe3aa3141ee6c44dc
initscripts-7.93.24.EL-1.1.i386.rpm
ia64:
62f0d0c4cfa20323ca3037f8c498bb61
initscripts-7.93.24.EL-1.1.ia64.rpm
x86_64:
848d807446d5c72aa9333eaa892ecd17
initscripts-7.93.24.EL-1.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key
and details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3629
8. Contact:
The Red Hat security contact is <[email protected]>. More
contact details at https://www.redhat.com/security/team/contact/
Copyright 2006 Red Hat, Inc.
Red Hat Security Advisory
Synopsis: Low: openssh security update
Advisory ID: RHSA-2006:0044-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0044.html
Issue date: 2006-03-07
Updated on: 2006-03-07
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-0225
1. Summary:
Updated openssh packages that fix bugs in sshd and add auditing
of user logins are now available for Red Hat Enterprise Linux
4.
This update has been rated as having low security impact by the
Red Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 – i386, ia64, ppc, s390,
s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 – i386,
x86_64
Red Hat Enterprise Linux ES version 4 – i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 – i386, ia64, x86_64
3. Problem description:
OpenSSH is OpenBSD’s SSH (Secure SHell) protocol implementation.
This package includes the core files necessary for both the OpenSSH
client and server.
An arbitrary command execution flaw was discovered in the way
scp copies files locally. It is possible for a local attacker to
create a file with a carefully crafted name that could execute
arbitrary commands as the user running scp to copy files locally.
The Common Vulnerabilities and Exposures project (cve.mitre.org/) assigned the name
CVE-2006-0225 to this issue.
The following issue has also been fixed in this update:
- If the sshd service was stopped using the sshd init script
while the main sshd daemon was not running, the init script would
kill other sshd processes, such as the running sessions. For
example, this could happen when the ‘service sshd stop’ command was
issued twice.
Additionally, this update implements auditing of user logins
through the system audit service.
All users of openssh should upgrade to these updated packages,
which resolve these issues.
4. Solution:
Before applying this update, make sure that all
previously-released errata relevant to your system have been
applied. Use Red Hat Network to download and update your packages.
To launch the Red Hat Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to
the following Web page for the System Administration or
Customization guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
170466 – CVE-2006-0225 local to local copy uses shell expansion
twice
170468 – init script kills all running sshd’s if listening server
is stopped
170568 – add audit message to sshd
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openssh-3.9p1-8.RHEL4.12.src.rpm
2578e547e59c73fdca370de8e98c5503
openssh-3.9p1-8.RHEL4.12.src.rpm
i386:
21757cc7559d10b6c0d129ad09f7457b
openssh-3.9p1-8.RHEL4.12.i386.rpm
d8f08434752602146534024a54d8597e
openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm
73f9af460966644a1996be486cbd2cfc
openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm
d753e37401a9a8bc837232c8c04565fe
openssh-clients-3.9p1-8.RHEL4.12.i386.rpm
ed7c9a6d9dcdb8104da21f65fb318c8f
openssh-server-3.9p1-8.RHEL4.12.i386.rpm
ia64:
4e7aa26129bf1905d97faf99b8e116b4
openssh-3.9p1-8.RHEL4.12.ia64.rpm
9d66c16e57e3c21b3678dd12d1851f10
openssh-askpass-3.9p1-8.RHEL4.12.ia64.rpm
11ff74898dfe0ace6fc2f0ff5e89c24c
openssh-askpass-gnome-3.9p1-8.RHEL4.12.ia64.rpm
70fc3a2a4b8f641203673b1f62282c33
openssh-clients-3.9p1-8.RHEL4.12.ia64.rpm
de9c83fa4b93dea3f8d42b4df4fd569a
openssh-server-3.9p1-8.RHEL4.12.ia64.rpm
ppc:
46b6e719c56a74aa46e191c2f36999e3
openssh-3.9p1-8.RHEL4.12.ppc.rpm
7cd82332e39423ba4698875b31e43623
openssh-askpass-3.9p1-8.RHEL4.12.ppc.rpm
387227b69d7a1be97fa3368c84907f41
openssh-askpass-gnome-3.9p1-8.RHEL4.12.ppc.rpm
8e3c9db269da8a446baa6e0f61faf43c
openssh-clients-3.9p1-8.RHEL4.12.ppc.rpm
dd99de85e9e030b6624fb698e3775322
openssh-server-3.9p1-8.RHEL4.12.ppc.rpm
s390:
6f17b04da53dd4deba4c6a43983e94af
openssh-3.9p1-8.RHEL4.12.s390.rpm
48ef2ac4db2a7d9596de43f9dc27cdff
openssh-askpass-3.9p1-8.RHEL4.12.s390.rpm
9a2d946cecb4fd484c769ebd54541b2e
openssh-askpass-gnome-3.9p1-8.RHEL4.12.s390.rpm
f9f5373f55575664a575caf776ffde43
openssh-clients-3.9p1-8.RHEL4.12.s390.rpm
6a79297b27544cc7fc7d971d5979fccd
openssh-server-3.9p1-8.RHEL4.12.s390.rpm
s390x:
ca31fdbf5a061487d602174f9fe23f48
openssh-3.9p1-8.RHEL4.12.s390x.rpm
cddba42d826ab7825058d1a07b0cee80
openssh-askpass-3.9p1-8.RHEL4.12.s390x.rpm
eff616e124743dc63d2d9f3789f4da18
openssh-askpass-gnome-3.9p1-8.RHEL4.12.s390x.rpm
579853e1cd8415e7f24c4c477ea919e6
openssh-clients-3.9p1-8.RHEL4.12.s390x.rpm
0cd9686cdfa1f751fc7c39783fbf29ae
openssh-server-3.9p1-8.RHEL4.12.s390x.rpm
x86_64:
538abab594c138be17494e21eef0f8c0
openssh-3.9p1-8.RHEL4.12.x86_64.rpm
74fb1a3069203034430479b873e229e5
openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm
9eaf5f509a4442aa921751a73bd29e94
openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm
08f183cef545498fc81ee61fba9e5ef5
openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm
eda71f6f994a92a323058e9e8c2ba4f9
openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openssh-3.9p1-8.RHEL4.12.src.rpm
2578e547e59c73fdca370de8e98c5503
openssh-3.9p1-8.RHEL4.12.src.rpm
i386:
21757cc7559d10b6c0d129ad09f7457b
openssh-3.9p1-8.RHEL4.12.i386.rpm
d8f08434752602146534024a54d8597e
openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm
73f9af460966644a1996be486cbd2cfc
openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm
d753e37401a9a8bc837232c8c04565fe
openssh-clients-3.9p1-8.RHEL4.12.i386.rpm
ed7c9a6d9dcdb8104da21f65fb318c8f
openssh-server-3.9p1-8.RHEL4.12.i386.rpm
x86_64:
538abab594c138be17494e21eef0f8c0
openssh-3.9p1-8.RHEL4.12.x86_64.rpm
74fb1a3069203034430479b873e229e5
openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm
9eaf5f509a4442aa921751a73bd29e94
openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm
08f183cef545498fc81ee61fba9e5ef5
openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm
eda71f6f994a92a323058e9e8c2ba4f9
openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openssh-3.9p1-8.RHEL4.12.src.rpm
2578e547e59c73fdca370de8e98c5503
openssh-3.9p1-8.RHEL4.12.src.rpm
i386:
21757cc7559d10b6c0d129ad09f7457b
openssh-3.9p1-8.RHEL4.12.i386.rpm
d8f08434752602146534024a54d8597e
openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm
73f9af460966644a1996be486cbd2cfc
openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm
d753e37401a9a8bc837232c8c04565fe
openssh-clients-3.9p1-8.RHEL4.12.i386.rpm
ed7c9a6d9dcdb8104da21f65fb318c8f
openssh-server-3.9p1-8.RHEL4.12.i386.rpm
ia64:
4e7aa26129bf1905d97faf99b8e116b4
openssh-3.9p1-8.RHEL4.12.ia64.rpm
9d66c16e57e3c21b3678dd12d1851f10
openssh-askpass-3.9p1-8.RHEL4.12.ia64.rpm
11ff74898dfe0ace6fc2f0ff5e89c24c
openssh-askpass-gnome-3.9p1-8.RHEL4.12.ia64.rpm
70fc3a2a4b8f641203673b1f62282c33
openssh-clients-3.9p1-8.RHEL4.12.ia64.rpm
de9c83fa4b93dea3f8d42b4df4fd569a
openssh-server-3.9p1-8.RHEL4.12.ia64.rpm
x86_64:
538abab594c138be17494e21eef0f8c0
openssh-3.9p1-8.RHEL4.12.x86_64.rpm
74fb1a3069203034430479b873e229e5
openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm
9eaf5f509a4442aa921751a73bd29e94
openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm
08f183cef545498fc81ee61fba9e5ef5
openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm
eda71f6f994a92a323058e9e8c2ba4f9
openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openssh-3.9p1-8.RHEL4.12.src.rpm
2578e547e59c73fdca370de8e98c5503
openssh-3.9p1-8.RHEL4.12.src.rpm
i386:
21757cc7559d10b6c0d129ad09f7457b
openssh-3.9p1-8.RHEL4.12.i386.rpm
d8f08434752602146534024a54d8597e
openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm
73f9af460966644a1996be486cbd2cfc
openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm
d753e37401a9a8bc837232c8c04565fe
openssh-clients-3.9p1-8.RHEL4.12.i386.rpm
ed7c9a6d9dcdb8104da21f65fb318c8f
openssh-server-3.9p1-8.RHEL4.12.i386.rpm
ia64:
4e7aa26129bf1905d97faf99b8e116b4
openssh-3.9p1-8.RHEL4.12.ia64.rpm
9d66c16e57e3c21b3678dd12d1851f10
openssh-askpass-3.9p1-8.RHEL4.12.ia64.rpm
11ff74898dfe0ace6fc2f0ff5e89c24c
openssh-askpass-gnome-3.9p1-8.RHEL4.12.ia64.rpm
70fc3a2a4b8f641203673b1f62282c33
openssh-clients-3.9p1-8.RHEL4.12.ia64.rpm
de9c83fa4b93dea3f8d42b4df4fd569a
openssh-server-3.9p1-8.RHEL4.12.ia64.rpm
x86_64:
538abab594c138be17494e21eef0f8c0
openssh-3.9p1-8.RHEL4.12.x86_64.rpm
74fb1a3069203034430479b873e229e5
openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm
9eaf5f509a4442aa921751a73bd29e94
openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm
08f183cef545498fc81ee61fba9e5ef5
openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm
eda71f6f994a92a323058e9e8c2ba4f9
openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key
and details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225
8. Contact:
The Red Hat security contact is <[email protected]>. More
contact details at https://www.redhat.com/security/team/contact/
Copyright 2006 Red Hat, Inc.
Red Hat Security Advisory
Synopsis: Moderate: squid security update
Advisory ID: RHSA-2006:0052-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0052.html
Issue date: 2006-03-07
Updated on: 2006-03-07
Product: Red Hat Enterprise Linux
CVE Names: CVE-2005-2917
1. Summary:
An updated squid package that fixes a security vulnerability as
well as several issues is now available.
This update has been rated as having moderate security impact by
the Red Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 – i386, ia64, ppc, s390,
s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 – i386, x86_64
Red Hat Enterprise Linux ES version 4 – i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 – i386, ia64, x86_64
3. Problem description:
Squid is a high-performance proxy caching server for Web
clients, supporting FTP, gopher, and HTTP data objects.
A denial of service flaw was found in the way squid processes
certain NTLM authentication requests. It is possible for a remote
attacker to crash the Squid server by sending a specially crafted
NTLM authentication request. The Common Vulnerabilities and
Exposures project (cve.mitre.org/) assigned the name
CVE-2005-2917 to this issue.
The following issues have also been fixed in this update:
- An error introduced in squid-2.5.STABLE6-3.4E.12 can crash
Squid when a user visits a site that has a bit longer DNS
record. - An error introduced in the old package prevented Squid from
returning correct information about large file systems. The new
package is compiled with the IDENT lookup support so that users who
want to use it do not have to recompile it. - Some authentication helpers needed SETUID rights but did not
have them. If administrators wanted to use cache administrator,
they had to change the SETUID bit manually. The updated package
sets this bit so the new package can be updated without manual
intervention from administrators. - Squid could not handle a reply from an HTTP server when the
reply began with the new-line character. - An issue was discovered when a reply from an HTTP server was
not HTTP 1.0 or 1.1 compliant. - The updated package keeps user-defined error pages when the
package is updated and it adds new ones.
All users of squid should upgrade to this updated package, which
resolves these issues.
4. Solution:
Before applying this update, make sure that all
previously-released errata relevant to your system have been
applied. Use Red Hat Network to download and update your packages.
To launch the Red Hat Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to
the following Web page for the System Administration or
Customization guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
160704 – squid child processes exit with signal 6.. squid
crashes
162660 – pam authentication fails
168378 – CVE-2005-2917 Squid malformed NTLM authentication DoS
170399 – Squid blocks page served by broken server
172375 – Error pages should not be replaced by updates
172392 – One translated Polish language error is missing preventing
squid from startup
172697 – Squid doesn’t handle headers split across packets
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/squid-2.5.STABLE6-3.4E.12.src.rpm
9fe34dfe64e9ee9c41e3bc7d1045a322
squid-2.5.STABLE6-3.4E.12.src.rpm
i386:
6723c05cd3f3e4820202ccb7ef36d87f
squid-2.5.STABLE6-3.4E.12.i386.rpm
ia64:
e94cb0ab3f6cb32211daaa7fcc990d60
squid-2.5.STABLE6-3.4E.12.ia64.rpm
ppc:
0fbfee738f1c6fb25b35f2f5ed5dda91
squid-2.5.STABLE6-3.4E.12.ppc.rpm
s390:
558e14fde06db116b71eefbe260acbd4
squid-2.5.STABLE6-3.4E.12.s390.rpm
s390x:
178d3cc52c236dece99bbb487e741f6a
squid-2.5.STABLE6-3.4E.12.s390x.rpm
x86_64:
b830bea5e588962f2d47fe20870c99ef
squid-2.5.STABLE6-3.4E.12.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/squid-2.5.STABLE6-3.4E.12.src.rpm
9fe34dfe64e9ee9c41e3bc7d1045a322
squid-2.5.STABLE6-3.4E.12.src.rpm
i386:
6723c05cd3f3e4820202ccb7ef36d87f
squid-2.5.STABLE6-3.4E.12.i386.rpm
x86_64:
b830bea5e588962f2d47fe20870c99ef
squid-2.5.STABLE6-3.4E.12.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/squid-2.5.STABLE6-3.4E.12.src.rpm
9fe34dfe64e9ee9c41e3bc7d1045a322
squid-2.5.STABLE6-3.4E.12.src.rpm
i386:
6723c05cd3f3e4820202ccb7ef36d87f
squid-2.5.STABLE6-3.4E.12.i386.rpm
ia64:
e94cb0ab3f6cb32211daaa7fcc990d60
squid-2.5.STABLE6-3.4E.12.ia64.rpm
x86_64:
b830bea5e588962f2d47fe20870c99ef
squid-2.5.STABLE6-3.4E.12.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/squid-2.5.STABLE6-3.4E.12.src.rpm
9fe34dfe64e9ee9c41e3bc7d1045a322
squid-2.5.STABLE6-3.4E.12.src.rpm
i386:
6723c05cd3f3e4820202ccb7ef36d87f
squid-2.5.STABLE6-3.4E.12.i386.rpm
ia64:
e94cb0ab3f6cb32211daaa7fcc990d60
squid-2.5.STABLE6-3.4E.12.ia64.rpm
x86_64:
b830bea5e588962f2d47fe20870c99ef
squid-2.5.STABLE6-3.4E.12.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key
and details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2917
8. Contact:
The Red Hat security contact is <[email protected]>. More
contact details at https://www.redhat.com/security/team/contact/
Copyright 2006 Red Hat, Inc.
Red Hat Security Advisory
Synopsis: Moderate: spamassassin security update
Advisory ID: RHSA-2006:0129-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0129.html
Issue date: 2006-03-07
Updated on: 2006-03-07
Product: Red Hat Enterprise Linux
CVE Names: CVE-2005-3351
1. Summary:
An updated spamassassin package that fixes a denial of service
flaw is now available.
This update has been rated as having moderate security impact by
the Red Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 – i386, ia64, ppc, s390,
s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 – i386, x86_64
Red Hat Enterprise Linux ES version 4 – i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 – i386, ia64, x86_64
3. Problem description:
SpamAssassin provides a way to reduce unsolicited commercial
email (SPAM) from incoming email.
A denial of service bug was found in SpamAssassin. An attacker
could construct a message in such a way that would cause
SpamAssassin to crash. If a number of these messages are sent, it
could lead to a denial of service, potentially preventing the
delivery or filtering of email. The Common Vulnerabilities and
Exposures project (cve.mitre.org/) assigned the name
CVE-2005-3351 to this issue.
The following issues have also been fixed in this update:
- service spamassassin restart sometimes fails
- Content Boundary “–” throws off message parser
- sa-learn: massive memory usage on large messages
- High memory usage with many newlines
- service spamassassin messages not translated
- Numerous other bug fixes that improve spam filter accuracy and
safety
Users of SpamAssassin should upgrade to this updated package
containing version 3.0.5, which is not vulnerable to these
issues.
4. Solution:
Before applying this update, make sure all previously released
errata relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat
Network, launch the Red Hat Update Agent with the following
command:
up2date
This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.
5. Bug IDs fixed (http://bugzilla.redhat.com/):
171325 – CVE-2005-3351 Upgrade to spamassassin-3.0.5
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/spamassassin-3.0.5-3.el4.src.rpm
93b3839225e48238d564fecb6581aeff
spamassassin-3.0.5-3.el4.src.rpm
i386:
59c978c6a49b57f8b933bb61af93a1d8
spamassassin-3.0.5-3.el4.i386.rpm
ia64:
fa88d6b5a97ab24352c612e9e0fb6d1d
spamassassin-3.0.5-3.el4.ia64.rpm
ppc:
f020bd9f603de824787920f9f5c15e09
spamassassin-3.0.5-3.el4.ppc.rpm
s390:
3265ff358c69dd0bdb74388d81ef19ce
spamassassin-3.0.5-3.el4.s390.rpm
s390x:
44c9c099aed9a1739abe9d94cc19a667
spamassassin-3.0.5-3.el4.s390x.rpm
x86_64:
23ac93dad62bcfd36f35423ffdaee2f9
spamassassin-3.0.5-3.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/spamassassin-3.0.5-3.el4.src.rpm
93b3839225e48238d564fecb6581aeff
spamassassin-3.0.5-3.el4.src.rpm
i386:
59c978c6a49b57f8b933bb61af93a1d8
spamassassin-3.0.5-3.el4.i386.rpm
x86_64:
23ac93dad62bcfd36f35423ffdaee2f9
spamassassin-3.0.5-3.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/spamassassin-3.0.5-3.el4.src.rpm
93b3839225e48238d564fecb6581aeff
spamassassin-3.0.5-3.el4.src.rpm
i386:
59c978c6a49b57f8b933bb61af93a1d8
spamassassin-3.0.5-3.el4.i386.rpm
ia64:
fa88d6b5a97ab24352c612e9e0fb6d1d
spamassassin-3.0.5-3.el4.ia64.rpm
x86_64:
23ac93dad62bcfd36f35423ffdaee2f9
spamassassin-3.0.5-3.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/spamassassin-3.0.5-3.el4.src.rpm
93b3839225e48238d564fecb6581aeff
spamassassin-3.0.5-3.el4.src.rpm
i386:
59c978c6a49b57f8b933bb61af93a1d8
spamassassin-3.0.5-3.el4.i386.rpm
ia64:
fa88d6b5a97ab24352c612e9e0fb6d1d
spamassassin-3.0.5-3.el4.ia64.rpm
x86_64:
23ac93dad62bcfd36f35423ffdaee2f9
spamassassin-3.0.5-3.el4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key
and details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3351
8. Contact:
The Red Hat security contact is <[email protected]>. More
contact details at https://www.redhat.com/security/team/contact/
Copyright 2006 Red Hat, Inc.
Red Hat Security Advisory
Synopsis: Moderate: RHAPS security and enhancement update
Advisory ID: RHSA-2006:0161-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0161.html
Issue date: 2006-03-07
Updated on: 2006-03-07
Product: Red Hat Application Server
CVE Names: CVE-2005-3510 CVE-2005-3745
1. Summary:
Red Hat Application Server Release 2 Update 1 is now
available.
This update contains an upgrade of several RHAPS components to
newer releases, including JOnAS 4.6.3, Tomcat 5.5.12 and Struts
1.2.8.
This update has been rated as having moderate security impact by
the Red Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Application Server v2 4AS – noarch
Red Hat Application Server v2 4ES – noarch
Red Hat Application Server v2 4WS – noarch
3. Problem description:
Red Hat Application Server packages provide a J2EE Application
Server and Web container as well as the underlying Java stack.
A denial of service flaw was found in the way Apache Tomcat
displays directory listings. A remote attacker could cause Tomcat
to consume large amounts of CPU resources by sending multiple
requests for a directory containing a large number of files. The
Common Vulnerabilities and Exposures project has assigned the name
CVE-2005-3510 to this issue. This update contains a version of
Apache Tomcat that will recover after the aforementioned attack.
Users are also advised to disable directory listing for web
directories that contain very large numbers of files.
A cross-site scripting flaw was found in the way Struts displays
error pages. It may be possible for an attacker to construct a
specially crafted URL which could fool a victim into believing they
are viewing a trusted site. The Common Vulnerabilities and
Exposures project has assigned the name CVE-2005-3745 to this
issue. Please note that this issue does not affect Struts running
on Tomcat or JOnAS, which is our supported usage of Struts.
Additionally, this update replaces some other outdated packages
with new versions. Several bug fixes and enhancements are included
in these new versions.
IMPORTANT: Before applying this update, read the detailed
installation/upgrade instructions in the RELEASE_NOTES
document.
All users of Red Hat Application Server should upgrade to these
updated packages, which contain packages that are not vulnerable to
these issues.
4. Solution:
Before applying this update, make sure all previously released
errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.
Please note that this update is also available via Red Hat
Network. Many people find this an easier way to apply updates. To
use Red Hat Network, launch the Red Hat Update Agent with the
following command:
up2date
This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.
IMPORTANT: For this errata, use the ‘up2date’ command (with no
arguments). DO NOT partially upgrade the packages for this errata
as this can result in a non-consistent set of packages being
installed.
The update will cause applications to be undeployed from the
server. Redeploy all desired applications after the upgrade —
rerun GenIC for faster deployment by the server as it will not have
to replace stubs from the previous version on the fly.
The ‘jeremie’ protocol option for the JOnAS J2EE Application
Server is now deprecated and unsupported. If your JOnAS server is
using the ‘jeremie’ protocol option, make sure you change the
configuration to use the ‘jrmp’ protocol instead before restarting
the server. A server configured to use the ‘jeremie’ protocol may
not function properly after the upgrade.
5. Bug IDs fixed (http://bugzilla.redhat.com/):
172557 – CVE-2005-3510 Possible Tomcat DoS
173929 – CVE-2005-3745 struts cross site scripting flaw
6. RPMs required:
Red Hat Application Server v2 4AS:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/ant-1.6.5-1jpp_1rh.src.rpm
f21de3e8f6cdf2b01c26abbfbd2ed4ee
ant-1.6.5-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/avalon-logkit-1.2-2jpp_4rh.src.rpm
c6316e235f48bbb877fbebe410c04981
avalon-logkit-1.2-2jpp_4rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/axis-1.2.1-1jpp_3rh.src.rpm
8189ce885ed519aa16247c965d212be7
axis-1.2.1-1jpp_3rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/c-jdbc-1.1-1jpp_2rh.src.rpm
da0dbdfb908a8288827beebe78834077
c-jdbc-1.1-1jpp_2rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/carol-2.0.11-1jpp_3rh.src.rpm
6de91bd415f36d984a701f943ea043a6
carol-2.0.11-1jpp_3rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/carol-irmi-1.0.1-1jpp_1rh.src.rpm
8add7459d7671a5e896598a9dfc61949
carol-irmi-1.0.1-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/classpathx-jaf-1.0-2jpp_6rh.src.rpm
0e53b81070adf94ad91ffbc4e7983653
classpathx-jaf-1.0-2jpp_6rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/classpathx-mail-1.1.1-2jpp_8rh.src.rpm
17a050636b7fe0d818da3b4fc3f7ba96
classpathx-mail-1.1.1-2jpp_8rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/ews-mapper-1.1-1jpp_1rh.src.rpm
2ddc8c52fc848c625a682e456283b93a
ews-mapper-1.1-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/geronimo-specs-1.0-0.M4.1jpp_10rh.src.rpm
319c1d8263aaee56351424bbeaf488fe
geronimo-specs-1.0-0.M4.1jpp_10rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/howl-logger-0.1.11-1jpp_1rh.src.rpm
52b2c0353cff4552a85cb5ad8722a750
howl-logger-0.1.11-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/ishmael-0.1.9-1jpp_1rh.src.rpm
c06c2e7ae1c640e64e8c57bbac81edfd
ishmael-0.1.9-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/jacorb-2.2.2-1jpp_3rh.src.rpm
a032b03084805f287048da86a0e3e58b
jacorb-2.2.2-1jpp_3rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/jonas-4.6.3-1jpp_5rh.src.rpm
f285ff1e3efb86ad74baaea62306753a
jonas-4.6.3-1jpp_5rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/jonathan-jeremie-4.2.2-1jpp_1rh.src.rpm
96b99986677b30a9b8d605b17dd9e9f0
jonathan-jeremie-4.2.2-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/joram-4.3.9-1jpp_2rh.src.rpm
ea063d384b34774e2f410052b9ec749c
joram-4.3.9-1jpp_2rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/jorm-2.7-1jpp_1rh.src.rpm
39697ff8dff38ee2d0cbaa8ad76de519
jorm-2.7-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/jorm-rdb-adapter-3.1-1jpp_1rh.src.rpm
cd65f91437f4f65caf67eaf720a08d04
jorm-rdb-adapter-3.1-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/jotm-2.0.11-1jpp_1rh.src.rpm
afd04f05bedf33469f779fb06e10df71
jotm-2.0.11-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/log4j-1.2.12-1jpp_1rh.src.rpm
77bc48f57792c8a9c470021fed9b0414
log4j-1.2.12-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/medor-1.6.1-1jpp_1rh.src.rpm
f45165f5c9c1887741ee21b73f168316
medor-1.6.1-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/medor-expression-1.6.1-1jpp_1rh.src.rpm
784a1bf8096158cdd62ee222436f6e85
medor-expression-1.6.1-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/mx4j-3.0.1-1jpp_4rh.src.rpm
d53337b58af93d6083a8fbbcb16792d7
mx4j-3.0.1-1jpp_4rh.src.rpm
79cf72e5ca74b4567f9fdad77016d48e
objectweb-emb-1.0.2-0.20051006.1jpp_3rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/octopus-3.4-1jpp_1rh.src.rpm
7018c3a73c75ab94776a9c0ae62626eb
octopus-3.4-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/opensaml-1.1b-1jpp_1rh.src.rpm
fb035b35a535763438c92725b28fd24c
opensaml-1.1b-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/perseus-cache-1.5.3-1jpp_1rh.src.rpm
18df42e638e9cd74a27b6e0ae2b5d375
perseus-cache-1.5.3-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/perseus-persistence-1.5.1-1jpp_1rh.src.rpm
34815ba163abd84c5f0dc28284396368
perseus-persistence-1.5.1-1jpp_1rh.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/rh-jonas-docs-4.6.3-2.src.rpm
1f68abf0dc5830e6a6f80d48fdfdfaa8