Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > June 2005 > Four Red Hat Security Advisories: 1. RHSA-2005:498-01 - spamassassin security update 2. RHSA-2005:517-01 - HelixPlayer security update 3. RHSA-2005:523-01 - RealPlayer security update 4. RHSA-2005:524-01 - freeradius security update

June 2005

Four Red Hat Security Advisories: 1. RHSA-2005:498-01 - spamassassin security update 2. RHSA-2005:517-01 - HelixPlayer security update 3. RHSA-2005:523-01 - RealPlayer security update 4. RHSA-2005:524-01 - freeradius security update

ID: 00515
Ref: 475/2005
Date: 24 June 2005:14:28:58
Version: 1
Title: Four Red Hat Security Advisories: 1. RHSA-2005:498-01 - spamassassin security update 2. RHSA-2005:517-01 - HelixPlayer security update 3. RHSA-2005:523-01 - RealPlayer security update 4. RHSA-2005:524-01 - freeradius security update
Abstract:
Vendors affected: Red Hat
Operating systems affected: Red Hat
Applications affected: Red Hat
Title
=====

Four Red Hat Security Advisories:
1. RHSA-2005:498-01 - spamassassin security update
2. RHSA-2005:517-01 - HelixPlayer security update
3. RHSA-2005:523-01 - RealPlayer security update
4. RHSA-2005:524-01 - freeradius security update


Detail
======

1. SpamAssassin provides a way to reduce unsolicited commercial email (SPAM)
from incoming email. A denial of service bug has been found in SpamAssassin.

2. HelixPlayer is a media player. A buffer overflow bug was found in the way
HelixPlayer processes SMIL files.

3. RealPlayer is a media player that provides solid media playback locally and
via streaming. It plays RealAudio, RealVideo, MP3, 3GPP Video, Flash, SMIL
2.0, JPEG, GIF, PNG, RealPix, RealText, and more. A buffer overflow bug was
found in the way RealPlayer processes SMIL files.

4. FreeRADIUS is a high-performance and highly configurable free RADIUS server
designed to allow centralized authentication and authorization for a network.
A buffer overflow bug was found in the way FreeRADIUS escapes data in an
SQL query.



1.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Moderate: spamassassin security update
Advisory ID: RHSA-2005:498-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-498.html
Issue date: 2005-06-23
Updated on: 2005-06-23
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-1266
- - ---------------------------------------------------------------------

1. Summary:

An updated spamassassin package that fixes a denial of service bug when
parsing malformed messages is now available.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

SpamAssassin provides a way to reduce unsolicited commercial email (SPAM)
from incoming email.

A denial of service bug has been found in SpamAssassin. An attacker could
construct a message in such a way that would cause SpamAssassin to consume
CPU resources. If a number of these messages were sent it could lead to a
denial of service, potentially preventing the delivery or filtering of
email. The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-1266 to this issue.

SpamAssassin version 3.0.4 additionally solves a number of bugs including:
- - - #156390 Spamassassin consumes too much memory during learning
- - - #155423 URI blacklist spam bypass
- - - #147464 Users may now disable subject rewriting
- - - Smarter default Bayes scores
- - - Numerous other bug fixes that improve spam filter accuracy and safety

For full details, please refer to the change details of 3.0.2, 3.0.3, and
3.0.4 in SpamAssassin's online documentation at the following address:
http://wiki.apache.org/spamassassin/NextRelease

Users of SpamAssassin should update to this updated package, containing
version 3.0.4 which is not vulnerable to this issue and resolves these bugs.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

147464 - spamassassin no longer allows disabling subject rewriting
151433 - spamd generate child processes which occupies all memory
159198 - CAN-2005-1266 spamassassin DoS


6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/spamassassin-3.0.4-1.el4.src.rpm
0cfa5b1fd18aa2f410fed837928b455c spamassassin-3.0.4-1.el4.src.rpm

i386:
c5e89bce23bff4757cb542cf56826e54 spamassassin-3.0.4-1.el4.i386.rpm

ia64:
84e256c709e69590520976c43d19c900 spamassassin-3.0.4-1.el4.ia64.rpm

ppc:
3bdc20c485ee078b6a0607cdf99bff5d spamassassin-3.0.4-1.el4.ppc.rpm

s390:
f85e251044675dd7fb3b5d9d1c0eb674 spamassassin-3.0.4-1.el4.s390.rpm

s390x:
09f74fbccdae19059115a670d90f5f98 spamassassin-3.0.4-1.el4.s390x.rpm

x86_64:
2c44a9c80b1629af93b4543413c0c652 spamassassin-3.0.4-1.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/spamassassin-3.0.4-1.el4.src.rpm
0cfa5b1fd18aa2f410fed837928b455c spamassassin-3.0.4-1.el4.src.rpm

i386:
c5e89bce23bff4757cb542cf56826e54 spamassassin-3.0.4-1.el4.i386.rpm

x86_64:
2c44a9c80b1629af93b4543413c0c652 spamassassin-3.0.4-1.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/spamassassin-3.0.4-1.el4.src.rpm
0cfa5b1fd18aa2f410fed837928b455c spamassassin-3.0.4-1.el4.src.rpm

i386:
c5e89bce23bff4757cb542cf56826e54 spamassassin-3.0.4-1.el4.i386.rpm

ia64:
84e256c709e69590520976c43d19c900 spamassassin-3.0.4-1.el4.ia64.rpm

x86_64:
2c44a9c80b1629af93b4543413c0c652 spamassassin-3.0.4-1.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/spamassassin-3.0.4-1.el4.src.rpm
0cfa5b1fd18aa2f410fed837928b455c spamassassin-3.0.4-1.el4.src.rpm

i386:
c5e89bce23bff4757cb542cf56826e54 spamassassin-3.0.4-1.el4.i386.rpm

ia64:
84e256c709e69590520976c43d19c900 spamassassin-3.0.4-1.el4.ia64.rpm

x86_64:
2c44a9c80b1629af93b4543413c0c652 spamassassin-3.0.4-1.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1266

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCuw7PXlSAg2UNWIIRAs9pAJ9SoZqMqhePjwiJ/LxmPHcFo+k32wCfRyg2
4aoZNEFsVWV92tQ7E2ttTfY=
=oW32
- -----END PGP SIGNATURE-----


2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Critical: HelixPlayer security update
Advisory ID: RHSA-2005:517-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-517.html
Issue date: 2005-06-23
Updated on: 2005-06-23
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-1766
- - ---------------------------------------------------------------------

1. Summary:

An updated HelixPlayer package that fixes a buffer overflow issue is now
available.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ppc, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, x86_64
Red Hat Enterprise Linux WS version 4 - i386, x86_64

3. Problem description:

HelixPlayer is a media player.

A buffer overflow bug was found in the way HelixPlayer processes SMIL files.
An attacker could create a specially crafted SMIL file, which when combined
with a malicious web server, could execute arbitrary code when opened by a
user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-1766 to this issue.

All users of HelixPlayer are advised to upgrade to this updated package,
which contains HelixPlayer version 10.0.5 and is not vulnerable to this issue.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

159871 - CAN-2005-1766 HelixPlayer heap overflow


6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/HelixPlayer-1.0.5-0.EL4.1.src.rpm
08f868c1d1b7d9674c8c757438f3bdf3 HelixPlayer-1.0.5-0.EL4.1.src.rpm

i386:
679711b03ecb529acd7eae0ed2537fb4 HelixPlayer-1.0.5-0.EL4.1.i386.rpm

ppc:
7b235efc96792aff7a96a9019763239e HelixPlayer-1.0.5-0.EL4.1.ppc.rpm

x86_64:
679711b03ecb529acd7eae0ed2537fb4 HelixPlayer-1.0.5-0.EL4.1.i386.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/HelixPlayer-1.0.5-0.EL4.1.src.rpm
08f868c1d1b7d9674c8c757438f3bdf3 HelixPlayer-1.0.5-0.EL4.1.src.rpm

i386:
679711b03ecb529acd7eae0ed2537fb4 HelixPlayer-1.0.5-0.EL4.1.i386.rpm

x86_64:
679711b03ecb529acd7eae0ed2537fb4 HelixPlayer-1.0.5-0.EL4.1.i386.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/HelixPlayer-1.0.5-0.EL4.1.src.rpm
08f868c1d1b7d9674c8c757438f3bdf3 HelixPlayer-1.0.5-0.EL4.1.src.rpm

i386:
679711b03ecb529acd7eae0ed2537fb4 HelixPlayer-1.0.5-0.EL4.1.i386.rpm

x86_64:
679711b03ecb529acd7eae0ed2537fb4 HelixPlayer-1.0.5-0.EL4.1.i386.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/HelixPlayer-1.0.5-0.EL4.1.src.rpm
08f868c1d1b7d9674c8c757438f3bdf3 HelixPlayer-1.0.5-0.EL4.1.src.rpm

i386:
679711b03ecb529acd7eae0ed2537fb4 HelixPlayer-1.0.5-0.EL4.1.i386.rpm

x86_64:
679711b03ecb529acd7eae0ed2537fb4 HelixPlayer-1.0.5-0.EL4.1.i386.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1766

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCuw8VXlSAg2UNWIIRAgLYAKCOny/6nMgy2dHRpyBf09qJyQCF+gCfWM+W
2zeaekd2RJwPp4Sb+F11jjw=
=d3/R
- -----END PGP SIGNATURE-----


3.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Critical: RealPlayer security update
Advisory ID: RHSA-2005:523-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-523.html
Issue date: 2005-06-23
Updated on: 2005-06-23
Product: Red Hat Enterprise Linux Extras
CVE Names: CAN-2005-1766
- - ---------------------------------------------------------------------

1. Summary:

An updated RealPlayer package that fixes a buffer overflow issue is now
available.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 Extras - i386, x86_64
Red Hat Desktop version 3 Extras - i386, x86_64
Red Hat Enterprise Linux ES version 3 Extras - i386, x86_64
Red Hat Enterprise Linux WS version 3 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64

3. Problem description:

RealPlayer is a media player that provides solid media playback locally and
via streaming. It plays RealAudio, RealVideo, MP3, 3GPP Video, Flash, SMIL
2.0, JPEG, GIF, PNG, RealPix, RealText, and more.

A buffer overflow bug was found in the way RealPlayer processes SMIL files.
An attacker could create a specially crafted SMIL file, which when combined
with a malicious Web server, could execute arbitrary code when opened by a
user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-1766 to this issue.

All users of RealPlayer are advised to upgrade to this updated package,
which contains RealPlayer version 10.0.5 and is not vulnerable to this issue.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

159864 - CAN-2005-1766 RealPlayer heap overflow
159868 - CAN-2005-1766 RealPlayer heap overflow


6. RPMs required:

Red Hat Enterprise Linux AS version 3 Extras:

i386:
7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm

x86_64:
7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm

Red Hat Desktop version 3 Extras:

i386:
7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm

x86_64:
7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm

Red Hat Enterprise Linux ES version 3 Extras:

i386:
7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm

x86_64:
7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm

Red Hat Enterprise Linux WS version 3 Extras:

i386:
7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm

x86_64:
7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm

Red Hat Enterprise Linux AS version 4 Extras:

i386:
a894c6c6ab69e12f2d2696c1367a9b2c RealPlayer-10.0.5-1.i386.rpm

x86_64:
a894c6c6ab69e12f2d2696c1367a9b2c RealPlayer-10.0.5-1.i386.rpm

Red Hat Desktop version 4 Extras:

i386:
a894c6c6ab69e12f2d2696c1367a9b2c RealPlayer-10.0.5-1.i386.rpm

x86_64:
a894c6c6ab69e12f2d2696c1367a9b2c RealPlayer-10.0.5-1.i386.rpm

Red Hat Enterprise Linux ES version 4 Extras:

i386:
a894c6c6ab69e12f2d2696c1367a9b2c RealPlayer-10.0.5-1.i386.rpm

x86_64:
a894c6c6ab69e12f2d2696c1367a9b2c RealPlayer-10.0.5-1.i386.rpm

Red Hat Enterprise Linux WS version 4 Extras:

i386:
a894c6c6ab69e12f2d2696c1367a9b2c RealPlayer-10.0.5-1.i386.rpm

x86_64:
a894c6c6ab69e12f2d2696c1367a9b2c RealPlayer-10.0.5-1.i386.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1766

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCuw8vXlSAg2UNWIIRAqXhAKC2XVyqAErU3zZxq0ePL7n6JN2J2wCeJFnl
gOqcfKgGUYfRTfTsEMZ9Gzo=
=fq4v
- -----END PGP SIGNATURE-----



4.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Moderate: freeradius security update
Advisory ID: RHSA-2005:524-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-524.html
Issue date: 2005-06-23
Updated on: 2005-06-23
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-1454 CAN-2005-1455
- - ---------------------------------------------------------------------

1. Summary:

Updated freeradius packages that fix a buffer overflow and possible SQL
injection attacks in the sql module are now available.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

3. Problem description:

FreeRADIUS is a high-performance and highly configurable free RADIUS server
designed to allow centralized authentication and authorization for a network.

A buffer overflow bug was found in the way FreeRADIUS escapes data in an
SQL query. An attacker may be able to crash FreeRADIUS if they cause
FreeRADIUS to escape a string containing three or less characters. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-1454 to this issue.

Additionally a bug was found in the way FreeRADIUS escapes SQL data. It is
possible that an authenticated user could execute arbitrary SQL queries by
sending a specially crafted request to FreeRADIUS. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-1455 to this issue.

Users of FreeRADIUS should update to these erratum packages, which contain
backported patches and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

156941 - CAN-2005-1454 Multiple issues in freeradius (CAN-2005-1455)


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/freeradius-1.0.1-1.1.RHEL3.src.rpm
1fd359fe09899c240dd58c6b1cba38b7 freeradius-1.0.1-1.1.RHEL3.src.rpm

i386:
8fd519d93b3871849933b28f7e1bc2d9 freeradius-1.0.1-1.1.RHEL3.i386.rpm

ia64:
5442a3527c92a8d07d08acd77dace190 freeradius-1.0.1-1.1.RHEL3.ia64.rpm

ppc:
fd51f53af3f1e45fe6c0dad9a68fbad0 freeradius-1.0.1-1.1.RHEL3.ppc.rpm

s390:
536f28bdca07bf52391d5cae2e8f073c freeradius-1.0.1-1.1.RHEL3.s390.rpm

s390x:
209ec09aa78f6e0e4ab8f26f4b356182 freeradius-1.0.1-1.1.RHEL3.s390x.rpm

x86_64:
4b1d9482db8d45cb79e6c522e72cb25a freeradius-1.0.1-1.1.RHEL3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/freeradius-1.0.1-1.1.RHEL3.src.rpm
1fd359fe09899c240dd58c6b1cba38b7 freeradius-1.0.1-1.1.RHEL3.src.rpm

i386:
8fd519d93b3871849933b28f7e1bc2d9 freeradius-1.0.1-1.1.RHEL3.i386.rpm

ia64:
5442a3527c92a8d07d08acd77dace190 freeradius-1.0.1-1.1.RHEL3.ia64.rpm

x86_64:
4b1d9482db8d45cb79e6c522e72cb25a freeradius-1.0.1-1.1.RHEL3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/freeradius-1.0.1-3.RHEL4.src.rpm
454ecaca99cdbbbd70d31b72aae7e682 freeradius-1.0.1-3.RHEL4.src.rpm

i386:
ff75a31027509f376c3706efaeb10305 freeradius-1.0.1-3.RHEL4.i386.rpm
ff28f13e57713e277a74b789969bc583 freeradius-mysql-1.0.1-3.RHEL4.i386.rpm
3dc1a74e7dd8ce755e60887ac4fd73cc freeradius-postgresql-1.0.1-3.RHEL4.i386.rpm
eab011f77b2bce24d42e5608abcea1ed freeradius-unixODBC-1.0.1-3.RHEL4.i386.rpm

ia64:
0eac053fe887cd2f8c805badd511b91e freeradius-1.0.1-3.RHEL4.ia64.rpm
de0ccf2e0a508eba3062bfdd5b222835 freeradius-mysql-1.0.1-3.RHEL4.ia64.rpm
0de26700a43c17adeec0498db847a5bc freeradius-postgresql-1.0.1-3.RHEL4.ia64.rpm
bcc8c5f0ea86f06cbb8f182e0b2e427f freeradius-unixODBC-1.0.1-3.RHEL4.ia64.rpm

ppc:
0bdd63fef27bd242ed17f48598e25194 freeradius-1.0.1-3.RHEL4.ppc.rpm
68eadec552a9d1f1ec5bd15b90f91b3a freeradius-mysql-1.0.1-3.RHEL4.ppc.rpm
8be58c952be576172e7f5c50908a3fde freeradius-postgresql-1.0.1-3.RHEL4.ppc.rpm
76013d354aa7ad542685dc72d62edde5 freeradius-unixODBC-1.0.1-3.RHEL4.ppc.rpm

s390:
d42b57021c61dbfea75314cf7a947f8b freeradius-1.0.1-3.RHEL4.s390.rpm
0a86a8b88be9aff82f04ea734b1e43eb freeradius-mysql-1.0.1-3.RHEL4.s390.rpm
cdf1a574f93ade40e99e086f28c81b14 freeradius-postgresql-1.0.1-3.RHEL4.s390.rpm
8441481b5543541d5aae8a3d7bd896cc freeradius-unixODBC-1.0.1-3.RHEL4.s390.rpm

s390x:
67feac31092680e592c0c0ed7e31ee0c freeradius-1.0.1-3.RHEL4.s390x.rpm
a369980828701e0694200269c6fd8777 freeradius-mysql-1.0.1-3.RHEL4.s390x.rpm
5d43a5e4ea7b32c74c9b5488172781f7 freeradius-postgresql-1.0.1-3.RHEL4.s390x.rpm
19d3425135a11bfe28fcf09438d298f6 freeradius-unixODBC-1.0.1-3.RHEL4.s390x.rpm

x86_64:
216dcc841b3ef864f866d0536d2e4769 freeradius-1.0.1-3.RHEL4.x86_64.rpm
3a709b00d74cd9e89f1bf1d82f0874a4 freeradius-mysql-1.0.1-3.RHEL4.x86_64.rpm
a41378ac35d1b3ab52b9f0217812aef2 freeradius-postgresql-1.0.1-3.RHEL4.x86_64.rpm
422c04328234167649bb811f882cb774 freeradius-unixODBC-1.0.1-3.RHEL4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/freeradius-1.0.1-3.RHEL4.src.rpm
454ecaca99cdbbbd70d31b72aae7e682 freeradius-1.0.1-3.RHEL4.src.rpm

i386:
ff75a31027509f376c3706efaeb10305 freeradius-1.0.1-3.RHEL4.i386.rpm
ff28f13e57713e277a74b789969bc583 freeradius-mysql-1.0.1-3.RHEL4.i386.rpm
3dc1a74e7dd8ce755e60887ac4fd73cc freeradius-postgresql-1.0.1-3.RHEL4.i386.rpm
eab011f77b2bce24d42e5608abcea1ed freeradius-unixODBC-1.0.1-3.RHEL4.i386.rpm

ia64:
0eac053fe887cd2f8c805badd511b91e freeradius-1.0.1-3.RHEL4.ia64.rpm
de0ccf2e0a508eba3062bfdd5b222835 freeradius-mysql-1.0.1-3.RHEL4.ia64.rpm
0de26700a43c17adeec0498db847a5bc freeradius-postgresql-1.0.1-3.RHEL4.ia64.rpm
bcc8c5f0ea86f06cbb8f182e0b2e427f freeradius-unixODBC-1.0.1-3.RHEL4.ia64.rpm

x86_64:
216dcc841b3ef864f866d0536d2e4769 freeradius-1.0.1-3.RHEL4.x86_64.rpm
3a709b00d74cd9e89f1bf1d82f0874a4 freeradius-mysql-1.0.1-3.RHEL4.x86_64.rpm
a41378ac35d1b3ab52b9f0217812aef2 freeradius-postgresql-1.0.1-3.RHEL4.x86_64.rpm
422c04328234167649bb811f882cb774 freeradius-unixODBC-1.0.1-3.RHEL4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1455

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCuw9EXlSAg2UNWIIRArAuAJ0bMr7qTjecKGU6RRtqDzBqLa7l+QCgxTyb
G3LY9a35RPjFeBUG3RdZs4g=
=cKr1
- -----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |