Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > July 2005 > Red Hat - Three Security Advisories

July 2005

Red Hat - Three Security Advisories

ID: 00617
Ref: 574/05
Date: 25 July 2005:12:07:47
Version: 1
Title: Red Hat - Three Security Advisories
Abstract: 1. Moderate: httpd security update [RHSA-2005:582-01], 2. Important: mozilla security update [RHSA-2005:587-01], 3. Important: fetchmail security update [RHSA-2005:640-01]
Vendors affected: Red Hat
Operating systems affected: Red Hat
Applications affected: Red Hat

Title
=====

Red Hat - Three Security Advisories:
1. Moderate: httpd security update [RHSA-2005:582-01]
2. Important: mozilla security update [RHSA-2005:587-01]
3. Important: fetchmail security update [RHSA-2005:640-01]


Detail
======

Security advisory summaries:

1. Updated Apache httpd packages to correct two security issues are now
available for Red Hat Enterprise Linux 3 and 4.

2. Updated mozilla packages that fix various security issues are now available.

3. A buffer overflow was discovered in fetchmail's POP3 client. A malicious
server could cause send a carefully crafted message UID and cause fetchmail
to crash or potentially execute arbitrary code as the user running
fetchmail.


Security advisory content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Moderate: httpd security update
Advisory ID: RHSA-2005:582-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-582.html
Issue date: 2005-07-25
Updated on: 2005-07-25
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-1268 CAN-2005-2088
- - ---------------------------------------------------------------------

1. Summary:

Updated Apache httpd packages to correct two security issues are now
available for Red Hat Enterprise Linux 3 and 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The Apache HTTP Server is a powerful, full-featured, efficient, and
freely-available Web server.

Watchfire reported a flaw that occured when using the Apache server as an
HTTP proxy. A remote attacker could send an HTTP request with both a
"Transfer-Encoding: chunked" header and a "Content-Length" header. This
caused Apache to incorrectly handle and forward the body of the request in
a way that the receiving server processes it as a separate HTTP request.
This could allow the bypass of Web application firewall protection or lead
to cross-site scripting (XSS) attacks. The Common Vulnerabilities and
Exposures project (cve.mitre.org) assigned the name CAN-2005-2088 to this
issue.

Marc Stern reported an off-by-one overflow in the mod_ssl CRL verification
callback. In order to exploit this issue the Apache server would need to
be configured to use a malicious certificate revocation list (CRL). The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the
name CAN-2005-1268 to this issue.

Users of Apache httpd should update to these errata packages that contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

161893 - Bug 145666 is missing a ',' after REDIRECT_REMOTE_USER
162244 - CAN-2005-2088 httpd proxy request smuggling
163013 - CAN-2005-1268 mod_ssl off-by-one


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd-2.0.46-46.2.ent.src.rpm
2485d59f9189bb5a5e9463867cb00937 httpd-2.0.46-46.2.ent.src.rpm

i386:
5915db1d48c7e002164887a49156f038 httpd-2.0.46-46.2.ent.i386.rpm
dcd3540ca04584c48b126d19b4d02f00 httpd-devel-2.0.46-46.2.ent.i386.rpm
16497b8e37ecefc801109a3aafe9e2cd mod_ssl-2.0.46-46.2.ent.i386.rpm

ia64:
fe914bbf691939bfb2f87a002ec2e7a8 httpd-2.0.46-46.2.ent.ia64.rpm
e3f48f063d1eec644797347299ebd317 httpd-devel-2.0.46-46.2.ent.ia64.rpm
b8fc362a02f2d1a74ebd1e8573288831 mod_ssl-2.0.46-46.2.ent.ia64.rpm

ppc:
d74b60a2081276c375074735c200bf71 httpd-2.0.46-46.2.ent.ppc.rpm
debba18353c314f1156b379fff3e0ba3 httpd-devel-2.0.46-46.2.ent.ppc.rpm
d4055c6b92c696c90259753c195dd2f5 mod_ssl-2.0.46-46.2.ent.ppc.rpm

s390:
9c0c7fd62f33cb30e479d920b296ae52 httpd-2.0.46-46.2.ent.s390.rpm
772353077869e3daa4cd9a223626b87e httpd-devel-2.0.46-46.2.ent.s390.rpm
4ad4d92181a4d3dec2a7a7f2a6c802fd mod_ssl-2.0.46-46.2.ent.s390.rpm

s390x:
7acb2591480191fc2388050a1fcbbd6f httpd-2.0.46-46.2.ent.s390x.rpm
759af088061f6de619f45d2a4186f391 httpd-devel-2.0.46-46.2.ent.s390x.rpm
0df3c03a9ddec5969f5e44a344f25797 mod_ssl-2.0.46-46.2.ent.s390x.rpm

x86_64:
ceff2faef7e7761e0c3af1afddd90089 httpd-2.0.46-46.2.ent.x86_64.rpm
36d38f054073c6ba6fe191661e5a3262 httpd-devel-2.0.46-46.2.ent.x86_64.rpm
3364d1be17046cf4b34e2d07eb480c0c mod_ssl-2.0.46-46.2.ent.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/httpd-2.0.46-46.2.ent.src.rpm
2485d59f9189bb5a5e9463867cb00937 httpd-2.0.46-46.2.ent.src.rpm

i386:
5915db1d48c7e002164887a49156f038 httpd-2.0.46-46.2.ent.i386.rpm
dcd3540ca04584c48b126d19b4d02f00 httpd-devel-2.0.46-46.2.ent.i386.rpm
16497b8e37ecefc801109a3aafe9e2cd mod_ssl-2.0.46-46.2.ent.i386.rpm

x86_64:
ceff2faef7e7761e0c3af1afddd90089 httpd-2.0.46-46.2.ent.x86_64.rpm
36d38f054073c6ba6fe191661e5a3262 httpd-devel-2.0.46-46.2.ent.x86_64.rpm
3364d1be17046cf4b34e2d07eb480c0c mod_ssl-2.0.46-46.2.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd-2.0.46-46.2.ent.src.rpm
2485d59f9189bb5a5e9463867cb00937 httpd-2.0.46-46.2.ent.src.rpm

i386:
5915db1d48c7e002164887a49156f038 httpd-2.0.46-46.2.ent.i386.rpm
dcd3540ca04584c48b126d19b4d02f00 httpd-devel-2.0.46-46.2.ent.i386.rpm
16497b8e37ecefc801109a3aafe9e2cd mod_ssl-2.0.46-46.2.ent.i386.rpm

ia64:
fe914bbf691939bfb2f87a002ec2e7a8 httpd-2.0.46-46.2.ent.ia64.rpm
e3f48f063d1eec644797347299ebd317 httpd-devel-2.0.46-46.2.ent.ia64.rpm
b8fc362a02f2d1a74ebd1e8573288831 mod_ssl-2.0.46-46.2.ent.ia64.rpm

x86_64:
ceff2faef7e7761e0c3af1afddd90089 httpd-2.0.46-46.2.ent.x86_64.rpm
36d38f054073c6ba6fe191661e5a3262 httpd-devel-2.0.46-46.2.ent.x86_64.rpm
3364d1be17046cf4b34e2d07eb480c0c mod_ssl-2.0.46-46.2.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd-2.0.46-46.2.ent.src.rpm
2485d59f9189bb5a5e9463867cb00937 httpd-2.0.46-46.2.ent.src.rpm

i386:
5915db1d48c7e002164887a49156f038 httpd-2.0.46-46.2.ent.i386.rpm
dcd3540ca04584c48b126d19b4d02f00 httpd-devel-2.0.46-46.2.ent.i386.rpm
16497b8e37ecefc801109a3aafe9e2cd mod_ssl-2.0.46-46.2.ent.i386.rpm

ia64:
fe914bbf691939bfb2f87a002ec2e7a8 httpd-2.0.46-46.2.ent.ia64.rpm
e3f48f063d1eec644797347299ebd317 httpd-devel-2.0.46-46.2.ent.ia64.rpm
b8fc362a02f2d1a74ebd1e8573288831 mod_ssl-2.0.46-46.2.ent.ia64.rpm

x86_64:
ceff2faef7e7761e0c3af1afddd90089 httpd-2.0.46-46.2.ent.x86_64.rpm
36d38f054073c6ba6fe191661e5a3262 httpd-devel-2.0.46-46.2.ent.x86_64.rpm
3364d1be17046cf4b34e2d07eb480c0c mod_ssl-2.0.46-46.2.ent.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd-2.0.52-12.1.ent.src.rpm
4bf86a415d443e3f9e82a8655f70491d httpd-2.0.52-12.1.ent.src.rpm

i386:
f0ff91d7729f04fcb6b772f87b01c179 httpd-2.0.52-12.1.ent.i386.rpm
5bfd6d2f6c3b1da7dd0e49ff845ec22c httpd-devel-2.0.52-12.1.ent.i386.rpm
5cd0e2f836bca3d18cd85d580b1df21d httpd-manual-2.0.52-12.1.ent.i386.rpm
5eeef4820af8a522e0cd8c38dd50705c httpd-suexec-2.0.52-12.1.ent.i386.rpm
8c88eec014875998f0d61ed71005d764 mod_ssl-2.0.52-12.1.ent.i386.rpm

ia64:
d461e0a6b0b00511f55f2407e466ce46 httpd-2.0.52-12.1.ent.ia64.rpm
97d80a559ec7287d2d5f5f2d2c6ad358 httpd-devel-2.0.52-12.1.ent.ia64.rpm
718fd0a64412ade9e587ecb2efec2f8d httpd-manual-2.0.52-12.1.ent.ia64.rpm
ca9b95e1307733fb7405ee2637d258b3 httpd-suexec-2.0.52-12.1.ent.ia64.rpm
10d218820e3916ea405c487f00b2adef mod_ssl-2.0.52-12.1.ent.ia64.rpm

ppc:
1a5a5c16643d4dde9cbb7b91da6ee148 httpd-2.0.52-12.1.ent.ppc.rpm
d7394c176ccf80e7e5b5349d7ea56849 httpd-devel-2.0.52-12.1.ent.ppc.rpm
021f850d3602a95333c4bd09a5157f3a httpd-manual-2.0.52-12.1.ent.ppc.rpm
86bc7a492b98346c43e9896c2ba69e42 httpd-suexec-2.0.52-12.1.ent.ppc.rpm
9d8b653242aa26be29c935821d69a3d7 mod_ssl-2.0.52-12.1.ent.ppc.rpm

s390:
49b18d9f25642358fc51b9ee899ce821 httpd-2.0.52-12.1.ent.s390.rpm
134b801a276e12c3c18cf8c3224de76b httpd-devel-2.0.52-12.1.ent.s390.rpm
b83871e54a55b528bfd721d09a3750c7 httpd-manual-2.0.52-12.1.ent.s390.rpm
787d97aa79b2e56baa3f0e32a4381ede httpd-suexec-2.0.52-12.1.ent.s390.rpm
387c3be4fbe49a71c1b25692d195bb25 mod_ssl-2.0.52-12.1.ent.s390.rpm

s390x:
b332322b6ab797bba039212403240cb9 httpd-2.0.52-12.1.ent.s390x.rpm
67b79e022ea14b19e5c6a50862db2b36 httpd-devel-2.0.52-12.1.ent.s390x.rpm
b09d1feaa0370a17d629ab0e2499ff33 httpd-manual-2.0.52-12.1.ent.s390x.rpm
dad3f84731db6346251bcae31528b8fa httpd-suexec-2.0.52-12.1.ent.s390x.rpm
a0c61974562e85e3b89957d478be6c42 mod_ssl-2.0.52-12.1.ent.s390x.rpm

x86_64:
8a92e250417a3dee66927f566c04becd httpd-2.0.52-12.1.ent.x86_64.rpm
84ad072a58b1410ece325c35b3b4b07f httpd-devel-2.0.52-12.1.ent.x86_64.rpm
d3ca7c4932a1004b5f009b4ddc9d8895 httpd-manual-2.0.52-12.1.ent.x86_64.rpm
bd5ac6d9149784138adbaf6172602998 httpd-suexec-2.0.52-12.1.ent.x86_64.rpm
7912fac9169ce5071198c3503566cbaf mod_ssl-2.0.52-12.1.ent.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/httpd-2.0.52-12.1.ent.src.rpm
4bf86a415d443e3f9e82a8655f70491d httpd-2.0.52-12.1.ent.src.rpm

i386:
f0ff91d7729f04fcb6b772f87b01c179 httpd-2.0.52-12.1.ent.i386.rpm
5bfd6d2f6c3b1da7dd0e49ff845ec22c httpd-devel-2.0.52-12.1.ent.i386.rpm
5cd0e2f836bca3d18cd85d580b1df21d httpd-manual-2.0.52-12.1.ent.i386.rpm
5eeef4820af8a522e0cd8c38dd50705c httpd-suexec-2.0.52-12.1.ent.i386.rpm
8c88eec014875998f0d61ed71005d764 mod_ssl-2.0.52-12.1.ent.i386.rpm

x86_64:
8a92e250417a3dee66927f566c04becd httpd-2.0.52-12.1.ent.x86_64.rpm
84ad072a58b1410ece325c35b3b4b07f httpd-devel-2.0.52-12.1.ent.x86_64.rpm
d3ca7c4932a1004b5f009b4ddc9d8895 httpd-manual-2.0.52-12.1.ent.x86_64.rpm
bd5ac6d9149784138adbaf6172602998 httpd-suexec-2.0.52-12.1.ent.x86_64.rpm
7912fac9169ce5071198c3503566cbaf mod_ssl-2.0.52-12.1.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/httpd-2.0.52-12.1.ent.src.rpm
4bf86a415d443e3f9e82a8655f70491d httpd-2.0.52-12.1.ent.src.rpm

i386:
f0ff91d7729f04fcb6b772f87b01c179 httpd-2.0.52-12.1.ent.i386.rpm
5bfd6d2f6c3b1da7dd0e49ff845ec22c httpd-devel-2.0.52-12.1.ent.i386.rpm
5cd0e2f836bca3d18cd85d580b1df21d httpd-manual-2.0.52-12.1.ent.i386.rpm
5eeef4820af8a522e0cd8c38dd50705c httpd-suexec-2.0.52-12.1.ent.i386.rpm
8c88eec014875998f0d61ed71005d764 mod_ssl-2.0.52-12.1.ent.i386.rpm

ia64:
d461e0a6b0b00511f55f2407e466ce46 httpd-2.0.52-12.1.ent.ia64.rpm
97d80a559ec7287d2d5f5f2d2c6ad358 httpd-devel-2.0.52-12.1.ent.ia64.rpm
718fd0a64412ade9e587ecb2efec2f8d httpd-manual-2.0.52-12.1.ent.ia64.rpm
ca9b95e1307733fb7405ee2637d258b3 httpd-suexec-2.0.52-12.1.ent.ia64.rpm
10d218820e3916ea405c487f00b2adef mod_ssl-2.0.52-12.1.ent.ia64.rpm

x86_64:
8a92e250417a3dee66927f566c04becd httpd-2.0.52-12.1.ent.x86_64.rpm
84ad072a58b1410ece325c35b3b4b07f httpd-devel-2.0.52-12.1.ent.x86_64.rpm
d3ca7c4932a1004b5f009b4ddc9d8895 httpd-manual-2.0.52-12.1.ent.x86_64.rpm
bd5ac6d9149784138adbaf6172602998 httpd-suexec-2.0.52-12.1.ent.x86_64.rpm
7912fac9169ce5071198c3503566cbaf mod_ssl-2.0.52-12.1.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/httpd-2.0.52-12.1.ent.src.rpm
4bf86a415d443e3f9e82a8655f70491d httpd-2.0.52-12.1.ent.src.rpm

i386:
f0ff91d7729f04fcb6b772f87b01c179 httpd-2.0.52-12.1.ent.i386.rpm
5bfd6d2f6c3b1da7dd0e49ff845ec22c httpd-devel-2.0.52-12.1.ent.i386.rpm
5cd0e2f836bca3d18cd85d580b1df21d httpd-manual-2.0.52-12.1.ent.i386.rpm
5eeef4820af8a522e0cd8c38dd50705c httpd-suexec-2.0.52-12.1.ent.i386.rpm
8c88eec014875998f0d61ed71005d764 mod_ssl-2.0.52-12.1.ent.i386.rpm

ia64:
d461e0a6b0b00511f55f2407e466ce46 httpd-2.0.52-12.1.ent.ia64.rpm
97d80a559ec7287d2d5f5f2d2c6ad358 httpd-devel-2.0.52-12.1.ent.ia64.rpm
718fd0a64412ade9e587ecb2efec2f8d httpd-manual-2.0.52-12.1.ent.ia64.rpm
ca9b95e1307733fb7405ee2637d258b3 httpd-suexec-2.0.52-12.1.ent.ia64.rpm
10d218820e3916ea405c487f00b2adef mod_ssl-2.0.52-12.1.ent.ia64.rpm

x86_64:
8a92e250417a3dee66927f566c04becd httpd-2.0.52-12.1.ent.x86_64.rpm
84ad072a58b1410ece325c35b3b4b07f httpd-devel-2.0.52-12.1.ent.x86_64.rpm
d3ca7c4932a1004b5f009b4ddc9d8895 httpd-manual-2.0.52-12.1.ent.x86_64.rpm
bd5ac6d9149784138adbaf6172602998 httpd-suexec-2.0.52-12.1.ent.x86_64.rpm
7912fac9169ce5071198c3503566cbaf mod_ssl-2.0.52-12.1.ent.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf
http://issues.apache.org/bugzilla/show_bug.cgi?id=35081
http://issues.apache.org/bugzilla/show_bug.cgi?id=34588
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFC5JrDXlSAg2UNWIIRAnFCAKC51oPUM9bRwwvU7+E+pGrt75yiOQCfeL/i
TYL5ModguxnNAWldSyIGvm0=
=EmRB
- -----END PGP SIGNATURE-----




2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: mozilla security update
Advisory ID: RHSA-2005:587-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-587.html
Issue date: 2005-07-22
Updated on: 2005-07-22
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-1937 CAN-2005-2260 CAN-2005-2261 CAN-2005-2263 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270
- - ---------------------------------------------------------------------

1. Summary:

Updated mozilla packages that fix various security issues are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

Mozilla is an open source Web browser, advanced email and newsgroup client,
IRC chat client, and HTML editor.

A bug was found in the way Mozilla handled synthetic events. It is possible
that Web content could generate events such as keystrokes or mouse clicks
that could be used to steal data or execute malicious Javascript code. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-2260 to this issue.

A bug was found in the way Mozilla executed Javascript in XBL controls. It
is possible for a malicious webpage to leverage this vulnerability to
execute other JavaScript based attacks even when JavaScript is disabled.
(CAN-2005-2261)

A bug was found in the way Mozilla installed its extensions. If a user can
be tricked into visiting a malicious webpage, it may be possible to obtain
sensitive information such as cookies or passwords. (CAN-2005-2263)

A bug was found in the way Mozilla handled certain Javascript functions. It
is possible for a malicious webpage to crash the browser by executing
malformed Javascript code. (CAN-2005-2265)

A bug was found in the way Mozilla handled multiple frame domains. It is
possible for a frame as part of a malicious website to inject content into
a frame that belongs to another domain. This issue was previously fixed as
CAN-2004-0718 but was accidentally disabled. (CAN-2005-1937)

A bug was found in the way Mozilla handled child frames. It is possible for
a malicious framed page to steal sensitive information from its parent
page. (CAN-2005-2266)

A bug was found in the way Mozilla opened URLs from media players. If a
media player opens a URL which is Javascript, the Javascript executes
with access to the currently open webpage. (CAN-2005-2267)

A design flaw was found in the way Mozilla displayed alerts and prompts.
Alerts and prompts were given the generic title [JavaScript Application]
which prevented a user from knowing which site created them. (CAN-2005-2268)

A bug was found in the way Mozilla handled DOM node names. It is possible
for a malicious site to overwrite a DOM node name, allowing certain
privileged chrome actions to execute the malicious Javascript. (CAN-2005-2269)

A bug was found in the way Mozilla cloned base objects. It is possible for
Web content to traverse the prototype chain to gain access to privileged
chrome objects. (CAN-2005-2270)

Users of Mozilla are advised to upgrade to these updated packages, which
contain Mozilla version 1.7.10 and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

163065 - CAN-2005-1937 multiple mozilla issues (CAN-2005-2260 CAN-2005-2261 CAN-2005-2263 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270)


6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/galeon-1.2.14-1.2.6.src.rpm
0efc549b05541584bbe0580b309e626e galeon-1.2.14-1.2.6.src.rpm
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mozilla-1.7.10-1.1.2.1.src.rpm
b4f31dd3bab37f37a735988f9d9cb79c mozilla-1.7.10-1.1.2.1.src.rpm

i386:
503bd641193b7b938a790ac6811722b4 galeon-1.2.14-1.2.6.i386.rpm
54c16dcb9cb4b25fe9635703b8b3b64e mozilla-1.7.10-1.1.2.1.i386.rpm
70b9fd52c1ac5a16960494d7ef970181 mozilla-chat-1.7.10-1.1.2.1.i386.rpm
b8eb806bc1522f1fff47a19aedfb3185 mozilla-devel-1.7.10-1.1.2.1.i386.rpm
8b04844a9d203acdc094be6a6c79f60d mozilla-dom-inspector-1.7.10-1.1.2.1.i386.rpm
34ed2601c805dbbd7bce9c97a3243d50 mozilla-js-debugger-1.7.10-1.1.2.1.i386.rpm
8bb1cdafe228b9020d826ca19137b6e7 mozilla-mail-1.7.10-1.1.2.1.i386.rpm
31f8f5626982030594836bf64cc911be mozilla-nspr-1.7.10-1.1.2.1.i386.rpm
685d42ce2ab996af55547edb250b3bee mozilla-nspr-devel-1.7.10-1.1.2.1.i386.rpm
38f17f69c9e96ed7711911fd389dd6b0 mozilla-nss-1.7.10-1.1.2.1.i386.rpm
9f94a78d1309e727e6bf00c2419a5947 mozilla-nss-devel-1.7.10-1.1.2.1.i386.rpm

ia64:
fe007c5aeab15bb51fc6ef0d1ec27492 galeon-1.2.14-1.2.6.ia64.rpm
a14c8458ee5f5efebaf02cda1ebc0be4 mozilla-1.7.10-1.1.2.1.ia64.rpm
f04c19712e922b20629accebc242e975 mozilla-chat-1.7.10-1.1.2.1.ia64.rpm
2081d6ba23f7b20cf15f066097a45d21 mozilla-devel-1.7.10-1.1.2.1.ia64.rpm
7d8685c2fdec1a927839fbf50584c181 mozilla-dom-inspector-1.7.10-1.1.2.1.ia64.rpm
cd0a7d0907ef12686baa40c028cb654a mozilla-js-debugger-1.7.10-1.1.2.1.ia64.rpm
a8422ba50dedf0429c5899c811904dfa mozilla-mail-1.7.10-1.1.2.1.ia64.rpm
561dd683ad2d2167c5c336aed35ae1ac mozilla-nspr-1.7.10-1.1.2.1.ia64.rpm
ae7f3c458ae829fd1a38791f764b1b1d mozilla-nspr-devel-1.7.10-1.1.2.1.ia64.rpm
33f495c91192fe5bf5bcb03ca8a7ddae mozilla-nss-1.7.10-1.1.2.1.ia64.rpm
c189f674770639f564610c4017843b40 mozilla-nss-devel-1.7.10-1.1.2.1.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/galeon-1.2.14-1.2.6.src.rpm
0efc549b05541584bbe0580b309e626e galeon-1.2.14-1.2.6.src.rpm
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mozilla-1.7.10-1.1.2.1.src.rpm
b4f31dd3bab37f37a735988f9d9cb79c mozilla-1.7.10-1.1.2.1.src.rpm

ia64:
fe007c5aeab15bb51fc6ef0d1ec27492 galeon-1.2.14-1.2.6.ia64.rpm
a14c8458ee5f5efebaf02cda1ebc0be4 mozilla-1.7.10-1.1.2.1.ia64.rpm
f04c19712e922b20629accebc242e975 mozilla-chat-1.7.10-1.1.2.1.ia64.rpm
2081d6ba23f7b20cf15f066097a45d21 mozilla-devel-1.7.10-1.1.2.1.ia64.rpm
7d8685c2fdec1a927839fbf50584c181 mozilla-dom-inspector-1.7.10-1.1.2.1.ia64.rpm
cd0a7d0907ef12686baa40c028cb654a mozilla-js-debugger-1.7.10-1.1.2.1.ia64.rpm
a8422ba50dedf0429c5899c811904dfa mozilla-mail-1.7.10-1.1.2.1.ia64.rpm
561dd683ad2d2167c5c336aed35ae1ac mozilla-nspr-1.7.10-1.1.2.1.ia64.rpm
ae7f3c458ae829fd1a38791f764b1b1d mozilla-nspr-devel-1.7.10-1.1.2.1.ia64.rpm
33f495c91192fe5bf5bcb03ca8a7ddae mozilla-nss-1.7.10-1.1.2.1.ia64.rpm
c189f674770639f564610c4017843b40 mozilla-nss-devel-1.7.10-1.1.2.1.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/galeon-1.2.14-1.2.6.src.rpm
0efc549b05541584bbe0580b309e626e galeon-1.2.14-1.2.6.src.rpm
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mozilla-1.7.10-1.1.2.1.src.rpm
b4f31dd3bab37f37a735988f9d9cb79c mozilla-1.7.10-1.1.2.1.src.rpm

i386:
503bd641193b7b938a790ac6811722b4 galeon-1.2.14-1.2.6.i386.rpm
54c16dcb9cb4b25fe9635703b8b3b64e mozilla-1.7.10-1.1.2.1.i386.rpm
70b9fd52c1ac5a16960494d7ef970181 mozilla-chat-1.7.10-1.1.2.1.i386.rpm
b8eb806bc1522f1fff47a19aedfb3185 mozilla-devel-1.7.10-1.1.2.1.i386.rpm
8b04844a9d203acdc094be6a6c79f60d mozilla-dom-inspector-1.7.10-1.1.2.1.i386.rpm
34ed2601c805dbbd7bce9c97a3243d50 mozilla-js-debugger-1.7.10-1.1.2.1.i386.rpm
8bb1cdafe228b9020d826ca19137b6e7 mozilla-mail-1.7.10-1.1.2.1.i386.rpm
31f8f5626982030594836bf64cc911be mozilla-nspr-1.7.10-1.1.2.1.i386.rpm
685d42ce2ab996af55547edb250b3bee mozilla-nspr-devel-1.7.10-1.1.2.1.i386.rpm
38f17f69c9e96ed7711911fd389dd6b0 mozilla-nss-1.7.10-1.1.2.1.i386.rpm
9f94a78d1309e727e6bf00c2419a5947 mozilla-nss-devel-1.7.10-1.1.2.1.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/galeon-1.2.14-1.2.6.src.rpm
0efc549b05541584bbe0580b309e626e galeon-1.2.14-1.2.6.src.rpm
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mozilla-1.7.10-1.1.2.1.src.rpm
b4f31dd3bab37f37a735988f9d9cb79c mozilla-1.7.10-1.1.2.1.src.rpm

i386:
503bd641193b7b938a790ac6811722b4 galeon-1.2.14-1.2.6.i386.rpm
54c16dcb9cb4b25fe9635703b8b3b64e mozilla-1.7.10-1.1.2.1.i386.rpm
70b9fd52c1ac5a16960494d7ef970181 mozilla-chat-1.7.10-1.1.2.1.i386.rpm
b8eb806bc1522f1fff47a19aedfb3185 mozilla-devel-1.7.10-1.1.2.1.i386.rpm
8b04844a9d203acdc094be6a6c79f60d mozilla-dom-inspector-1.7.10-1.1.2.1.i386.rpm
34ed2601c805dbbd7bce9c97a3243d50 mozilla-js-debugger-1.7.10-1.1.2.1.i386.rpm
8bb1cdafe228b9020d826ca19137b6e7 mozilla-mail-1.7.10-1.1.2.1.i386.rpm
31f8f5626982030594836bf64cc911be mozilla-nspr-1.7.10-1.1.2.1.i386.rpm
685d42ce2ab996af55547edb250b3bee mozilla-nspr-devel-1.7.10-1.1.2.1.i386.rpm
38f17f69c9e96ed7711911fd389dd6b0 mozilla-nss-1.7.10-1.1.2.1.i386.rpm
9f94a78d1309e727e6bf00c2419a5947 mozilla-nss-devel-1.7.10-1.1.2.1.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mozilla-1.7.10-1.1.3.1.src.rpm
5be9293ad20481e090089248ec72f569 mozilla-1.7.10-1.1.3.1.src.rpm

i386:
a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm
b90d9ca49fe4e4609197459edffad028 mozilla-chat-1.7.10-1.1.3.1.i386.rpm
73e860293288e78a14c2f4edade4dee5 mozilla-devel-1.7.10-1.1.3.1.i386.rpm
cf36c0546533cf93cbb5e6cf15c9cc98 mozilla-dom-inspector-1.7.10-1.1.3.1.i386.rpm
ca8de793d9d2cf6a33243272aca73837 mozilla-js-debugger-1.7.10-1.1.3.1.i386.rpm
96357ec23c95a06b19d698ac2fcb9c27 mozilla-mail-1.7.10-1.1.3.1.i386.rpm
ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm
0d63d6fb2815aac46f24e8f7e6957ef1 mozilla-nspr-devel-1.7.10-1.1.3.1.i386.rpm
528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm
e786121ce22876d72ed2840aea3dce7c mozilla-nss-devel-1.7.10-1.1.3.1.i386.rpm

ia64:
5e3895eb658fac13a84b4ded56b99df2 mozilla-1.7.10-1.1.3.1.ia64.rpm
0fc33964f8f4436bfd758de7c1c68f84 mozilla-chat-1.7.10-1.1.3.1.ia64.rpm
d4c7da8a62f7eb6f7b6008c8daf379c6 mozilla-devel-1.7.10-1.1.3.1.ia64.rpm
2dc9329cabbb39479977799c73c5b6ab mozilla-dom-inspector-1.7.10-1.1.3.1.ia64.rpm
5e7454db9574fa6d143435c6fd6d8d06 mozilla-js-debugger-1.7.10-1.1.3.1.ia64.rpm
ae7cab7a1a246dba8e93a62447af31ca mozilla-mail-1.7.10-1.1.3.1.ia64.rpm
ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm
b5d1310782a64bf3f93e111a82894824 mozilla-nspr-1.7.10-1.1.3.1.ia64.rpm
a030311feee7fbbdca9c180c52d3b69b mozilla-nspr-devel-1.7.10-1.1.3.1.ia64.rpm
528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm
be9bf6d876580e3be201ff8400507193 mozilla-nss-1.7.10-1.1.3.1.ia64.rpm
476787654ef26f572369b59dd07974db mozilla-nss-devel-1.7.10-1.1.3.1.ia64.rpm

ppc:
a273881236ced7b3ed1421d858b942e3 mozilla-1.7.10-1.1.3.1.ppc.rpm
13dbbf154b0f92f26fe85774f87a5d04 mozilla-chat-1.7.10-1.1.3.1.ppc.rpm
e05025d348d7a41fb5d78d37e73e0ce9 mozilla-devel-1.7.10-1.1.3.1.ppc.rpm
c2f80509c8efeee780ed5f013b8750f3 mozilla-dom-inspector-1.7.10-1.1.3.1.ppc.rpm
3734bc8eef9c8b9e06ae069e2d3d98ac mozilla-js-debugger-1.7.10-1.1.3.1.ppc.rpm
d4d61cc3ab8b2577583d43f4d7c385c9 mozilla-mail-1.7.10-1.1.3.1.ppc.rpm
321254e75a1edb8ebefff3ec590b3f9a mozilla-nspr-1.7.10-1.1.3.1.ppc.rpm
2d4d76575d2972c54d33c4fd416d1615 mozilla-nspr-devel-1.7.10-1.1.3.1.ppc.rpm
bd668c7a1c61efbc506c1968f6c0e609 mozilla-nss-1.7.10-1.1.3.1.ppc.rpm
a6f36089b07858613cdd0f447e5d0a59 mozilla-nss-devel-1.7.10-1.1.3.1.ppc.rpm

s390:
d8f262dcb986d8f0f40a54d0fb288b05 mozilla-1.7.10-1.1.3.1.s390.rpm
7b0fb38d5411bcab949c25cedb9b6bfb mozilla-chat-1.7.10-1.1.3.1.s390.rpm
c3f41cc1cc498ba489b7210a8486f19b mozilla-devel-1.7.10-1.1.3.1.s390.rpm
cd1c01a2100ab991b415eba0a513883d mozilla-dom-inspector-1.7.10-1.1.3.1.s390.rpm
072cfe26cac9c47db3774f4f05b1254c mozilla-js-debugger-1.7.10-1.1.3.1.s390.rpm
1e998338017e650d59c3580fe66a977d mozilla-mail-1.7.10-1.1.3.1.s390.rpm
11182130e5eef2a02caa72e590363e94 mozilla-nspr-1.7.10-1.1.3.1.s390.rpm
c7cdafddf50765268a7760a9dfff8852 mozilla-nspr-devel-1.7.10-1.1.3.1.s390.rpm
645c5a31669b069d9b8482671fa8d7e4 mozilla-nss-1.7.10-1.1.3.1.s390.rpm
5ee7658c170115f7db183498b81661d1 mozilla-nss-devel-1.7.10-1.1.3.1.s390.rpm

s390x:
ebbb9ecaf288f22333c52ea17877f9f2 mozilla-1.7.10-1.1.3.1.s390x.rpm
b0cd7e2734f24c158448cfe78f3a661d mozilla-chat-1.7.10-1.1.3.1.s390x.rpm
f9cb2ec93ff7a313ed8696b83fe75fd1 mozilla-devel-1.7.10-1.1.3.1.s390x.rpm
cf7e733bb650b41af0d2eac59fa4b6d2 mozilla-dom-inspector-1.7.10-1.1.3.1.s390x.rpm
866d7496f6f47a0ca947018aecff7af8 mozilla-js-debugger-1.7.10-1.1.3.1.s390x.rpm
a4b6b093f937b40745c89521d79added mozilla-mail-1.7.10-1.1.3.1.s390x.rpm
11182130e5eef2a02caa72e590363e94 mozilla-nspr-1.7.10-1.1.3.1.s390.rpm
0ee073bacc4b220974c1d4efbcde0e7f mozilla-nspr-1.7.10-1.1.3.1.s390x.rpm
a7594b57fa06fcff1ef2b7f6ea78a8e8 mozilla-nspr-devel-1.7.10-1.1.3.1.s390x.rpm
645c5a31669b069d9b8482671fa8d7e4 mozilla-nss-1.7.10-1.1.3.1.s390.rpm
575e93f265982b2f4e113a07104a9c96 mozilla-nss-1.7.10-1.1.3.1.s390x.rpm
e453d176623d8312c1ad37488753b585 mozilla-nss-devel-1.7.10-1.1.3.1.s390x.rpm

x86_64:
a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm
18eca4706e6cf5e7fe5b04d141d8b894 mozilla-1.7.10-1.1.3.1.x86_64.rpm
7d56eaef3efd6043f6a7d821c454fb69 mozilla-chat-1.7.10-1.1.3.1.x86_64.rpm
d6aef40f00dbbca27add8718b1c0a1b2 mozilla-devel-1.7.10-1.1.3.1.x86_64.rpm
5b0bf6f2522b9005cd07ea2af26aae9c mozilla-dom-inspector-1.7.10-1.1.3.1.x86_64.rpm
d9454e562991a5aa925d382187b87dae mozilla-js-debugger-1.7.10-1.1.3.1.x86_64.rpm
bfbd3a65b3c42867ab8c7607f30c9240 mozilla-mail-1.7.10-1.1.3.1.x86_64.rpm
ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm
43d4d3c4b47d3ad0974e0ee575025f63 mozilla-nspr-1.7.10-1.1.3.1.x86_64.rpm
d0c34a693fdd32c9a9910c12524b7681 mozilla-nspr-devel-1.7.10-1.1.3.1.x86_64.rpm
528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm
9ffd15ddd436c95484b7628d6850e7db mozilla-nss-1.7.10-1.1.3.1.x86_64.rpm
a88940fc293380a0a79fa53a0fc67f36 mozilla-nss-devel-1.7.10-1.1.3.1.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mozilla-1.7.10-1.1.3.1.src.rpm
5be9293ad20481e090089248ec72f569 mozilla-1.7.10-1.1.3.1.src.rpm

i386:
a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm
b90d9ca49fe4e4609197459edffad028 mozilla-chat-1.7.10-1.1.3.1.i386.rpm
73e860293288e78a14c2f4edade4dee5 mozilla-devel-1.7.10-1.1.3.1.i386.rpm
cf36c0546533cf93cbb5e6cf15c9cc98 mozilla-dom-inspector-1.7.10-1.1.3.1.i386.rpm
ca8de793d9d2cf6a33243272aca73837 mozilla-js-debugger-1.7.10-1.1.3.1.i386.rpm
96357ec23c95a06b19d698ac2fcb9c27 mozilla-mail-1.7.10-1.1.3.1.i386.rpm
ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm
0d63d6fb2815aac46f24e8f7e6957ef1 mozilla-nspr-devel-1.7.10-1.1.3.1.i386.rpm
528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm
e786121ce22876d72ed2840aea3dce7c mozilla-nss-devel-1.7.10-1.1.3.1.i386.rpm

x86_64:
a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm
18eca4706e6cf5e7fe5b04d141d8b894 mozilla-1.7.10-1.1.3.1.x86_64.rpm
7d56eaef3efd6043f6a7d821c454fb69 mozilla-chat-1.7.10-1.1.3.1.x86_64.rpm
d6aef40f00dbbca27add8718b1c0a1b2 mozilla-devel-1.7.10-1.1.3.1.x86_64.rpm
5b0bf6f2522b9005cd07ea2af26aae9c mozilla-dom-inspector-1.7.10-1.1.3.1.x86_64.rpm
d9454e562991a5aa925d382187b87dae mozilla-js-debugger-1.7.10-1.1.3.1.x86_64.rpm
bfbd3a65b3c42867ab8c7607f30c9240 mozilla-mail-1.7.10-1.1.3.1.x86_64.rpm
ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm
43d4d3c4b47d3ad0974e0ee575025f63 mozilla-nspr-1.7.10-1.1.3.1.x86_64.rpm
d0c34a693fdd32c9a9910c12524b7681 mozilla-nspr-devel-1.7.10-1.1.3.1.x86_64.rpm
528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm
9ffd15ddd436c95484b7628d6850e7db mozilla-nss-1.7.10-1.1.3.1.x86_64.rpm
a88940fc293380a0a79fa53a0fc67f36 mozilla-nss-devel-1.7.10-1.1.3.1.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mozilla-1.7.10-1.1.3.1.src.rpm
5be9293ad20481e090089248ec72f569 mozilla-1.7.10-1.1.3.1.src.rpm

i386:
a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm
b90d9ca49fe4e4609197459edffad028 mozilla-chat-1.7.10-1.1.3.1.i386.rpm
73e860293288e78a14c2f4edade4dee5 mozilla-devel-1.7.10-1.1.3.1.i386.rpm
cf36c0546533cf93cbb5e6cf15c9cc98 mozilla-dom-inspector-1.7.10-1.1.3.1.i386.rpm
ca8de793d9d2cf6a33243272aca73837 mozilla-js-debugger-1.7.10-1.1.3.1.i386.rpm
96357ec23c95a06b19d698ac2fcb9c27 mozilla-mail-1.7.10-1.1.3.1.i386.rpm
ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm
0d63d6fb2815aac46f24e8f7e6957ef1 mozilla-nspr-devel-1.7.10-1.1.3.1.i386.rpm
528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm
e786121ce22876d72ed2840aea3dce7c mozilla-nss-devel-1.7.10-1.1.3.1.i386.rpm

ia64:
5e3895eb658fac13a84b4ded56b99df2 mozilla-1.7.10-1.1.3.1.ia64.rpm
0fc33964f8f4436bfd758de7c1c68f84 mozilla-chat-1.7.10-1.1.3.1.ia64.rpm
d4c7da8a62f7eb6f7b6008c8daf379c6 mozilla-devel-1.7.10-1.1.3.1.ia64.rpm
2dc9329cabbb39479977799c73c5b6ab mozilla-dom-inspector-1.7.10-1.1.3.1.ia64.rpm
5e7454db9574fa6d143435c6fd6d8d06 mozilla-js-debugger-1.7.10-1.1.3.1.ia64.rpm
ae7cab7a1a246dba8e93a62447af31ca mozilla-mail-1.7.10-1.1.3.1.ia64.rpm
ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm
b5d1310782a64bf3f93e111a82894824 mozilla-nspr-1.7.10-1.1.3.1.ia64.rpm
a030311feee7fbbdca9c180c52d3b69b mozilla-nspr-devel-1.7.10-1.1.3.1.ia64.rpm
528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm
be9bf6d876580e3be201ff8400507193 mozilla-nss-1.7.10-1.1.3.1.ia64.rpm
476787654ef26f572369b59dd07974db mozilla-nss-devel-1.7.10-1.1.3.1.ia64.rpm

x86_64:
a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm
18eca4706e6cf5e7fe5b04d141d8b894 mozilla-1.7.10-1.1.3.1.x86_64.rpm
7d56eaef3efd6043f6a7d821c454fb69 mozilla-chat-1.7.10-1.1.3.1.x86_64.rpm
d6aef40f00dbbca27add8718b1c0a1b2 mozilla-devel-1.7.10-1.1.3.1.x86_64.rpm
5b0bf6f2522b9005cd07ea2af26aae9c mozilla-dom-inspector-1.7.10-1.1.3.1.x86_64.rpm
d9454e562991a5aa925d382187b87dae mozilla-js-debugger-1.7.10-1.1.3.1.x86_64.rpm
bfbd3a65b3c42867ab8c7607f30c9240 mozilla-mail-1.7.10-1.1.3.1.x86_64.rpm
ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm
43d4d3c4b47d3ad0974e0ee575025f63 mozilla-nspr-1.7.10-1.1.3.1.x86_64.rpm
d0c34a693fdd32c9a9910c12524b7681 mozilla-nspr-devel-1.7.10-1.1.3.1.x86_64.rpm
528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm
9ffd15ddd436c95484b7628d6850e7db mozilla-nss-1.7.10-1.1.3.1.x86_64.rpm
a88940fc293380a0a79fa53a0fc67f36 mozilla-nss-devel-1.7.10-1.1.3.1.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mozilla-1.7.10-1.1.3.1.src.rpm
5be9293ad20481e090089248ec72f569 mozilla-1.7.10-1.1.3.1.src.rpm

i386:
a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm
b90d9ca49fe4e4609197459edffad028 mozilla-chat-1.7.10-1.1.3.1.i386.rpm
73e860293288e78a14c2f4edade4dee5 mozilla-devel-1.7.10-1.1.3.1.i386.rpm
cf36c0546533cf93cbb5e6cf15c9cc98 mozilla-dom-inspector-1.7.10-1.1.3.1.i386.rpm
ca8de793d9d2cf6a33243272aca73837 mozilla-js-debugger-1.7.10-1.1.3.1.i386.rpm
96357ec23c95a06b19d698ac2fcb9c27 mozilla-mail-1.7.10-1.1.3.1.i386.rpm
ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm
0d63d6fb2815aac46f24e8f7e6957ef1 mozilla-nspr-devel-1.7.10-1.1.3.1.i386.rpm
528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm
e786121ce22876d72ed2840aea3dce7c mozilla-nss-devel-1.7.10-1.1.3.1.i386.rpm

ia64:
5e3895eb658fac13a84b4ded56b99df2 mozilla-1.7.10-1.1.3.1.ia64.rpm
0fc33964f8f4436bfd758de7c1c68f84 mozilla-chat-1.7.10-1.1.3.1.ia64.rpm
d4c7da8a62f7eb6f7b6008c8daf379c6 mozilla-devel-1.7.10-1.1.3.1.ia64.rpm
2dc9329cabbb39479977799c73c5b6ab mozilla-dom-inspector-1.7.10-1.1.3.1.ia64.rpm
5e7454db9574fa6d143435c6fd6d8d06 mozilla-js-debugger-1.7.10-1.1.3.1.ia64.rpm
ae7cab7a1a246dba8e93a62447af31ca mozilla-mail-1.7.10-1.1.3.1.ia64.rpm
ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm
b5d1310782a64bf3f93e111a82894824 mozilla-nspr-1.7.10-1.1.3.1.ia64.rpm
a030311feee7fbbdca9c180c52d3b69b mozilla-nspr-devel-1.7.10-1.1.3.1.ia64.rpm
528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm
be9bf6d876580e3be201ff8400507193 mozilla-nss-1.7.10-1.1.3.1.ia64.rpm
476787654ef26f572369b59dd07974db mozilla-nss-devel-1.7.10-1.1.3.1.ia64.rpm

x86_64:
a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm
18eca4706e6cf5e7fe5b04d141d8b894 mozilla-1.7.10-1.1.3.1.x86_64.rpm
7d56eaef3efd6043f6a7d821c454fb69 mozilla-chat-1.7.10-1.1.3.1.x86_64.rpm
d6aef40f00dbbca27add8718b1c0a1b2 mozilla-devel-1.7.10-1.1.3.1.x86_64.rpm
5b0bf6f2522b9005cd07ea2af26aae9c mozilla-dom-inspector-1.7.10-1.1.3.1.x86_64.rpm
d9454e562991a5aa925d382187b87dae mozilla-js-debugger-1.7.10-1.1.3.1.x86_64.rpm
bfbd3a65b3c42867ab8c7607f30c9240 mozilla-mail-1.7.10-1.1.3.1.x86_64.rpm
ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm
43d4d3c4b47d3ad0974e0ee575025f63 mozilla-nspr-1.7.10-1.1.3.1.x86_64.rpm
d0c34a693fdd32c9a9910c12524b7681 mozilla-nspr-devel-1.7.10-1.1.3.1.x86_64.rpm
528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm
9ffd15ddd436c95484b7628d6850e7db mozilla-nss-1.7.10-1.1.3.1.x86_64.rpm
a88940fc293380a0a79fa53a0fc67f36 mozilla-nss-devel-1.7.10-1.1.3.1.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/devhelp-0.9.2-2.4.6.src.rpm
e744570e643ca7d711edc06fc5c0cb11 devhelp-0.9.2-2.4.6.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mozilla-1.7.10-1.4.1.src.rpm
6f0d2dcce1978e2bfe8383032e28e0c4 mozilla-1.7.10-1.4.1.src.rpm

i386:
6415ce5bc7747718f53d932ced954a6f devhelp-0.9.2-2.4.6.i386.rpm
d0d75f33bc9222bd854ff380de2f0ad2 devhelp-devel-0.9.2-2.4.6.i386.rpm
0c277762fddace5c02810fb386b8210a mozilla-1.7.10-1.4.1.i386.rpm
8175340ca355bc93ecb5b0fa2d537f28 mozilla-chat-1.7.10-1.4.1.i386.rpm
e935040b93af50d96d211716117318d6 mozilla-devel-1.7.10-1.4.1.i386.rpm
ee9649189d5c0433941fe3fda7ef2695 mozilla-dom-inspector-1.7.10-1.4.1.i386.rpm
01ef2f199e8eebae02ebefa64ccf6019 mozilla-js-debugger-1.7.10-1.4.1.i386.rpm
057789761797488246007f576febba49 mozilla-mail-1.7.10-1.4.1.i386.rpm
b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm
d2c07e11c1e451ba399aaa4d3a4f04d1 mozilla-nspr-devel-1.7.10-1.4.1.i386.rpm
660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm
37f8373b0b95fedeb6ad50adcf8368c5 mozilla-nss-devel-1.7.10-1.4.1.i386.rpm

ia64:
08df7c973605b47cd3f4ceb328432e53 mozilla-1.7.10-1.4.1.ia64.rpm
721fbcb141c34f9ad2f9749a4191b1ae mozilla-chat-1.7.10-1.4.1.ia64.rpm
04a79997bd50159edad681d803d36b81 mozilla-devel-1.7.10-1.4.1.ia64.rpm
a532b504a846ccf5445fec809da9dd27 mozilla-dom-inspector-1.7.10-1.4.1.ia64.rpm
9aa1f4b2f221390d368c3841870462a6 mozilla-js-debugger-1.7.10-1.4.1.ia64.rpm
6ad344d2c345e0e9043a461258a4d2e1 mozilla-mail-1.7.10-1.4.1.ia64.rpm
b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm
3029412a99acc58c97974e0762c1ca56 mozilla-nspr-1.7.10-1.4.1.ia64.rpm
afcc6928178beb17757184ba7bca3c9d mozilla-nspr-devel-1.7.10-1.4.1.ia64.rpm
660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm
fb3d8124f85521d1232424132b292765 mozilla-nss-1.7.10-1.4.1.ia64.rpm
e48ff1104d889f3cf76e1ce5d02d12ae mozilla-nss-devel-1.7.10-1.4.1.ia64.rpm

ppc:
3490e4c201149cd5a40d07199e09259a devhelp-0.9.2-2.4.6.ppc.rpm
77de6ca9b2341a1acc794cc3283e7892 devhelp-devel-0.9.2-2.4.6.ppc.rpm
e91228aae16cbd4432f1c6785e1910dc mozilla-1.7.10-1.4.1.ppc.rpm
8cd6c1947cbcbf5854d7372d5227c078 mozilla-chat-1.7.10-1.4.1.ppc.rpm
8141f353358737214cd661e8292e6256 mozilla-devel-1.7.10-1.4.1.ppc.rpm
51a02b5b5e63acbefa1fd92434739e76 mozilla-dom-inspector-1.7.10-1.4.1.ppc.rpm
5ad9e91f4b140f5f86ee6aaa13efc2b1 mozilla-js-debugger-1.7.10-1.4.1.ppc.rpm
dcfd4381d225cb01e65c2d2af6b85151 mozilla-mail-1.7.10-1.4.1.ppc.rpm
9a7b556b2307cfa2a660f8a4bdf39683 mozilla-nspr-1.7.10-1.4.1.ppc.rpm
e64ba39a25cbe666f68b88721ed0f80e mozilla-nspr-devel-1.7.10-1.4.1.ppc.rpm
9a57a6b889377fbb96e6aedbeb57cdef mozilla-nss-1.7.10-1.4.1.ppc.rpm
175d0d7b8a94a99a7c5df4f7e40dcd99 mozilla-nss-devel-1.7.10-1.4.1.ppc.rpm

s390:
5779cc03221cd93907bc53169d46f918 mozilla-1.7.10-1.4.1.s390.rpm
856e8bd10955d8749acffdbbd21a1b55 mozilla-chat-1.7.10-1.4.1.s390.rpm
02c2e88459afa2234c1dc34084ae272a mozilla-devel-1.7.10-1.4.1.s390.rpm
2cfa053e12aa3f3f64aee92a76402cbe mozilla-dom-inspector-1.7.10-1.4.1.s390.rpm
c7f83860518a9403c52b84fff95c295b mozilla-js-debugger-1.7.10-1.4.1.s390.rpm
caad7e8a27a26d2552f28959788a5553 mozilla-mail-1.7.10-1.4.1.s390.rpm
b678ab0dc75d79511b2c645b02543b9b mozilla-nspr-1.7.10-1.4.1.s390.rpm
fbc3c9bd3b91ed508f3ebd6cb5249990 mozilla-nspr-devel-1.7.10-1.4.1.s390.rpm
2e0101b6fe0e14984bb77e2d8de38ebf mozilla-nss-1.7.10-1.4.1.s390.rpm
8940aaee0a1cd6eaa6d30744673f3766 mozilla-nss-devel-1.7.10-1.4.1.s390.rpm

s390x:
faf9cf08a2fe9aecc5f0d87d903c41ce mozilla-1.7.10-1.4.1.s390x.rpm
8e6cf06518a6b5bbda90d3e977631b8d mozilla-chat-1.7.10-1.4.1.s390x.rpm
7e219d326f8a0806bd19b6eea112d41a mozilla-devel-1.7.10-1.4.1.s390x.rpm
a3d898bc0f391e0b44c7714c4fc95792 mozilla-dom-inspector-1.7.10-1.4.1.s390x.rpm
e79e1e56be0b37f042e0aabb765f7466 mozilla-js-debugger-1.7.10-1.4.1.s390x.rpm
4c3adcdda04fce563572832b0ca32189 mozilla-mail-1.7.10-1.4.1.s390x.rpm
b678ab0dc75d79511b2c645b02543b9b mozilla-nspr-1.7.10-1.4.1.s390.rpm
9c57538aea43d4436adb872df1679d5c mozilla-nspr-1.7.10-1.4.1.s390x.rpm
93def21691eb82d9f1b14a8a3611cad8 mozilla-nspr-devel-1.7.10-1.4.1.s390x.rpm
2e0101b6fe0e14984bb77e2d8de38ebf mozilla-nss-1.7.10-1.4.1.s390.rpm
f8481e9160b83ef6c6a6dd170504a8f5 mozilla-nss-1.7.10-1.4.1.s390x.rpm
57656885eba76655c12e0087111f4dba mozilla-nss-devel-1.7.10-1.4.1.s390x.rpm

x86_64:
c3a41ff5f79bb2e4bb95587492cac3eb devhelp-0.9.2-2.4.6.x86_64.rpm
7b7fe7d9c09046b4a1d6ed7f2f4deb7e devhelp-devel-0.9.2-2.4.6.x86_64.rpm
ed831e150aa80275e2eccf017610223d mozilla-1.7.10-1.4.1.x86_64.rpm
f87cc0db45edd6f05ca745031755d7c1 mozilla-chat-1.7.10-1.4.1.x86_64.rpm
1fa48e8af50a194e2f3334cfcb3179b5 mozilla-devel-1.7.10-1.4.1.x86_64.rpm
b74873dddb70ee940d42197d3c8b87d8 mozilla-dom-inspector-1.7.10-1.4.1.x86_64.rpm
99ee3b8c9a54174c19be51700697bce2 mozilla-js-debugger-1.7.10-1.4.1.x86_64.rpm
c11fa7562236caf2a5cce5eac603227a mozilla-mail-1.7.10-1.4.1.x86_64.rpm
b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm
36886d6b5f2326ef84ab8eafc2ee3d11 mozilla-nspr-1.7.10-1.4.1.x86_64.rpm
3c876bb470c007e81ce94879584cc179 mozilla-nspr-devel-1.7.10-1.4.1.x86_64.rpm
660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm
0a23d4014a0d23121ef378c303db5fec mozilla-nss-1.7.10-1.4.1.x86_64.rpm
d7186dbf2143a07439b8bd421a71a543 mozilla-nss-devel-1.7.10-1.4.1.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/devhelp-0.9.2-2.4.6.src.rpm
e744570e643ca7d711edc06fc5c0cb11 devhelp-0.9.2-2.4.6.src.rpm
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mozilla-1.7.10-1.4.1.src.rpm
6f0d2dcce1978e2bfe8383032e28e0c4 mozilla-1.7.10-1.4.1.src.rpm

i386:
6415ce5bc7747718f53d932ced954a6f devhelp-0.9.2-2.4.6.i386.rpm
d0d75f33bc9222bd854ff380de2f0ad2 devhelp-devel-0.9.2-2.4.6.i386.rpm
0c277762fddace5c02810fb386b8210a mozilla-1.7.10-1.4.1.i386.rpm
8175340ca355bc93ecb5b0fa2d537f28 mozilla-chat-1.7.10-1.4.1.i386.rpm
e935040b93af50d96d211716117318d6 mozilla-devel-1.7.10-1.4.1.i386.rpm
ee9649189d5c0433941fe3fda7ef2695 mozilla-dom-inspector-1.7.10-1.4.1.i386.rpm
01ef2f199e8eebae02ebefa64ccf6019 mozilla-js-debugger-1.7.10-1.4.1.i386.rpm
057789761797488246007f576febba49 mozilla-mail-1.7.10-1.4.1.i386.rpm
b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm
d2c07e11c1e451ba399aaa4d3a4f04d1 mozilla-nspr-devel-1.7.10-1.4.1.i386.rpm
660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm
37f8373b0b95fedeb6ad50adcf8368c5 mozilla-nss-devel-1.7.10-1.4.1.i386.rpm

x86_64:
c3a41ff5f79bb2e4bb95587492cac3eb devhelp-0.9.2-2.4.6.x86_64.rpm
7b7fe7d9c09046b4a1d6ed7f2f4deb7e devhelp-devel-0.9.2-2.4.6.x86_64.rpm
ed831e150aa80275e2eccf017610223d mozilla-1.7.10-1.4.1.x86_64.rpm
f87cc0db45edd6f05ca745031755d7c1 mozilla-chat-1.7.10-1.4.1.x86_64.rpm
1fa48e8af50a194e2f3334cfcb3179b5 mozilla-devel-1.7.10-1.4.1.x86_64.rpm
b74873dddb70ee940d42197d3c8b87d8 mozilla-dom-inspector-1.7.10-1.4.1.x86_64.rpm
99ee3b8c9a54174c19be51700697bce2 mozilla-js-debugger-1.7.10-1.4.1.x86_64.rpm
c11fa7562236caf2a5cce5eac603227a mozilla-mail-1.7.10-1.4.1.x86_64.rpm
b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm
36886d6b5f2326ef84ab8eafc2ee3d11 mozilla-nspr-1.7.10-1.4.1.x86_64.rpm
3c876bb470c007e81ce94879584cc179 mozilla-nspr-devel-1.7.10-1.4.1.x86_64.rpm
660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm
0a23d4014a0d23121ef378c303db5fec mozilla-nss-1.7.10-1.4.1.x86_64.rpm
d7186dbf2143a07439b8bd421a71a543 mozilla-nss-devel-1.7.10-1.4.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/devhelp-0.9.2-2.4.6.src.rpm
e744570e643ca7d711edc06fc5c0cb11 devhelp-0.9.2-2.4.6.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mozilla-1.7.10-1.4.1.src.rpm
6f0d2dcce1978e2bfe8383032e28e0c4 mozilla-1.7.10-1.4.1.src.rpm

i386:
6415ce5bc7747718f53d932ced954a6f devhelp-0.9.2-2.4.6.i386.rpm
d0d75f33bc9222bd854ff380de2f0ad2 devhelp-devel-0.9.2-2.4.6.i386.rpm
0c277762fddace5c02810fb386b8210a mozilla-1.7.10-1.4.1.i386.rpm
8175340ca355bc93ecb5b0fa2d537f28 mozilla-chat-1.7.10-1.4.1.i386.rpm
e935040b93af50d96d211716117318d6 mozilla-devel-1.7.10-1.4.1.i386.rpm
ee9649189d5c0433941fe3fda7ef2695 mozilla-dom-inspector-1.7.10-1.4.1.i386.rpm
01ef2f199e8eebae02ebefa64ccf6019 mozilla-js-debugger-1.7.10-1.4.1.i386.rpm
057789761797488246007f576febba49 mozilla-mail-1.7.10-1.4.1.i386.rpm
b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm
d2c07e11c1e451ba399aaa4d3a4f04d1 mozilla-nspr-devel-1.7.10-1.4.1.i386.rpm
660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm
37f8373b0b95fedeb6ad50adcf8368c5 mozilla-nss-devel-1.7.10-1.4.1.i386.rpm

ia64:
08df7c973605b47cd3f4ceb328432e53 mozilla-1.7.10-1.4.1.ia64.rpm
721fbcb141c34f9ad2f9749a4191b1ae mozilla-chat-1.7.10-1.4.1.ia64.rpm
04a79997bd50159edad681d803d36b81 mozilla-devel-1.7.10-1.4.1.ia64.rpm
a532b504a846ccf5445fec809da9dd27 mozilla-dom-inspector-1.7.10-1.4.1.ia64.rpm
9aa1f4b2f221390d368c3841870462a6 mozilla-js-debugger-1.7.10-1.4.1.ia64.rpm
6ad344d2c345e0e9043a461258a4d2e1 mozilla-mail-1.7.10-1.4.1.ia64.rpm
b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm
3029412a99acc58c97974e0762c1ca56 mozilla-nspr-1.7.10-1.4.1.ia64.rpm
afcc6928178beb17757184ba7bca3c9d mozilla-nspr-devel-1.7.10-1.4.1.ia64.rpm
660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm
fb3d8124f85521d1232424132b292765 mozilla-nss-1.7.10-1.4.1.ia64.rpm
e48ff1104d889f3cf76e1ce5d02d12ae mozilla-nss-devel-1.7.10-1.4.1.ia64.rpm

x86_64:
c3a41ff5f79bb2e4bb95587492cac3eb devhelp-0.9.2-2.4.6.x86_64.rpm
7b7fe7d9c09046b4a1d6ed7f2f4deb7e devhelp-devel-0.9.2-2.4.6.x86_64.rpm
ed831e150aa80275e2eccf017610223d mozilla-1.7.10-1.4.1.x86_64.rpm
f87cc0db45edd6f05ca745031755d7c1 mozilla-chat-1.7.10-1.4.1.x86_64.rpm
1fa48e8af50a194e2f3334cfcb3179b5 mozilla-devel-1.7.10-1.4.1.x86_64.rpm
b74873dddb70ee940d42197d3c8b87d8 mozilla-dom-inspector-1.7.10-1.4.1.x86_64.rpm
99ee3b8c9a54174c19be51700697bce2 mozilla-js-debugger-1.7.10-1.4.1.x86_64.rpm
c11fa7562236caf2a5cce5eac603227a mozilla-mail-1.7.10-1.4.1.x86_64.rpm
b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm
36886d6b5f2326ef84ab8eafc2ee3d11 mozilla-nspr-1.7.10-1.4.1.x86_64.rpm
3c876bb470c007e81ce94879584cc179 mozilla-nspr-devel-1.7.10-1.4.1.x86_64.rpm
660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm
0a23d4014a0d23121ef378c303db5fec mozilla-nss-1.7.10-1.4.1.x86_64.rpm
d7186dbf2143a07439b8bd421a71a543 mozilla-nss-devel-1.7.10-1.4.1.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/devhelp-0.9.2-2.4.6.src.rpm
e744570e643ca7d711edc06fc5c0cb11 devhelp-0.9.2-2.4.6.src.rpm
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mozilla-1.7.10-1.4.1.src.rpm
6f0d2dcce1978e2bfe8383032e28e0c4 mozilla-1.7.10-1.4.1.src.rpm

i386:
6415ce5bc7747718f53d932ced954a6f devhelp-0.9.2-2.4.6.i386.rpm
d0d75f33bc9222bd854ff380de2f0ad2 devhelp-devel-0.9.2-2.4.6.i386.rpm
0c277762fddace5c02810fb386b8210a mozilla-1.7.10-1.4.1.i386.rpm
8175340ca355bc93ecb5b0fa2d537f28 mozilla-chat-1.7.10-1.4.1.i386.rpm
e935040b93af50d96d211716117318d6 mozilla-devel-1.7.10-1.4.1.i386.rpm
ee9649189d5c0433941fe3fda7ef2695 mozilla-dom-inspector-1.7.10-1.4.1.i386.rpm
01ef2f199e8eebae02ebefa64ccf6019 mozilla-js-debugger-1.7.10-1.4.1.i386.rpm
057789761797488246007f576febba49 mozilla-mail-1.7.10-1.4.1.i386.rpm
b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm
d2c07e11c1e451ba399aaa4d3a4f04d1 mozilla-nspr-devel-1.7.10-1.4.1.i386.rpm
660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm
37f8373b0b95fedeb6ad50adcf8368c5 mozilla-nss-devel-1.7.10-1.4.1.i386.rpm

ia64:
08df7c973605b47cd3f4ceb328432e53 mozilla-1.7.10-1.4.1.ia64.rpm
721fbcb141c34f9ad2f9749a4191b1ae mozilla-chat-1.7.10-1.4.1.ia64.rpm
04a79997bd50159edad681d803d36b81 mozilla-devel-1.7.10-1.4.1.ia64.rpm
a532b504a846ccf5445fec809da9dd27 mozilla-dom-inspector-1.7.10-1.4.1.ia64.rpm
9aa1f4b2f221390d368c3841870462a6 mozilla-js-debugger-1.7.10-1.4.1.ia64.rpm
6ad344d2c345e0e9043a461258a4d2e1 mozilla-mail-1.7.10-1.4.1.ia64.rpm
b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm
3029412a99acc58c97974e0762c1ca56 mozilla-nspr-1.7.10-1.4.1.ia64.rpm
afcc6928178beb17757184ba7bca3c9d mozilla-nspr-devel-1.7.10-1.4.1.ia64.rpm
660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm
fb3d8124f85521d1232424132b292765 mozilla-nss-1.7.10-1.4.1.ia64.rpm
e48ff1104d889f3cf76e1ce5d02d12ae mozilla-nss-devel-1.7.10-1.4.1.ia64.rpm

x86_64:
c3a41ff5f79bb2e4bb95587492cac3eb devhelp-0.9.2-2.4.6.x86_64.rpm
7b7fe7d9c09046b4a1d6ed7f2f4deb7e devhelp-devel-0.9.2-2.4.6.x86_64.rpm
ed831e150aa80275e2eccf017610223d mozilla-1.7.10-1.4.1.x86_64.rpm
f87cc0db45edd6f05ca745031755d7c1 mozilla-chat-1.7.10-1.4.1.x86_64.rpm
1fa48e8af50a194e2f3334cfcb3179b5 mozilla-devel-1.7.10-1.4.1.x86_64.rpm
b74873dddb70ee940d42197d3c8b87d8 mozilla-dom-inspector-1.7.10-1.4.1.x86_64.rpm
99ee3b8c9a54174c19be51700697bce2 mozilla-js-debugger-1.7.10-1.4.1.x86_64.rpm
c11fa7562236caf2a5cce5eac603227a mozilla-mail-1.7.10-1.4.1.x86_64.rpm
b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm
36886d6b5f2326ef84ab8eafc2ee3d11 mozilla-nspr-1.7.10-1.4.1.x86_64.rpm
3c876bb470c007e81ce94879584cc179 mozilla-nspr-devel-1.7.10-1.4.1.x86_64.rpm
660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm
0a23d4014a0d23121ef378c303db5fec mozilla-nss-1.7.10-1.4.1.x86_64.rpm
d7186dbf2143a07439b8bd421a71a543 mozilla-nss-devel-1.7.10-1.4.1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2265
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2269
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2270

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFC4NELXlSAg2UNWIIRAtYWAKCN3IvqM+dURCGzNSQINm3d3Ap71wCeJQLA
EPnCPhBTu1CXMywFOBJitxE=
=RUJz
- -----END PGP SIGNATURE-----




3.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: fetchmail security update
Advisory ID: RHSA-2005:640-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-640.html
Issue date: 2005-07-25
Updated on: 2005-07-25
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-2335
- - ---------------------------------------------------------------------

1. Summary:

Updated fetchmail packages that fix a security flaw are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

Fetchmail is a remote mail retrieval and forwarding utility.

A buffer overflow was discovered in fetchmail's POP3 client. A malicious
server could cause send a carefully crafted message UID and cause fetchmail
to crash or potentially execute arbitrary code as the user running
fetchmail. The Common Vulnerabilities and Exposures project assigned the
name CAN-2005-2335 to this issue.

Users of fetchmail should update to this erratum package which contains a
backported patch to correct this issue.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

163816 - CAN-2005-2335 fetchmail overflow from malicious pop3 server


6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm
31686858a916ff3a956692767b54d069 fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm

i386:
858ca98c8dd78b81d166ef9e986d50aa fetchmail-5.9.0-21.7.3.el2.1.1.i386.rpm
3b0de7ddec9b7baf8e483671cc134042 fetchmailconf-5.9.0-21.7.3.el2.1.1.i386.rpm

ia64:
5119f1b228b5bf0bf68b7a4907f43c84 fetchmail-5.9.0-21.7.3.el2.1.1.ia64.rpm
eead1136cdaae89c4af5be3e5af15ee5 fetchmailconf-5.9.0-21.7.3.el2.1.1.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm
31686858a916ff3a956692767b54d069 fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm

ia64:
5119f1b228b5bf0bf68b7a4907f43c84 fetchmail-5.9.0-21.7.3.el2.1.1.ia64.rpm
eead1136cdaae89c4af5be3e5af15ee5 fetchmailconf-5.9.0-21.7.3.el2.1.1.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm
31686858a916ff3a956692767b54d069 fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm

i386:
858ca98c8dd78b81d166ef9e986d50aa fetchmail-5.9.0-21.7.3.el2.1.1.i386.rpm
3b0de7ddec9b7baf8e483671cc134042 fetchmailconf-5.9.0-21.7.3.el2.1.1.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm
31686858a916ff3a956692767b54d069 fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm

i386:
858ca98c8dd78b81d166ef9e986d50aa fetchmail-5.9.0-21.7.3.el2.1.1.i386.rpm
3b0de7ddec9b7baf8e483671cc134042 fetchmailconf-5.9.0-21.7.3.el2.1.1.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/fetchmail-6.2.0-3.el3.2.src.rpm
f8cf96a663157fefaeb4fc6f1a8cf63d fetchmail-6.2.0-3.el3.2.src.rpm

i386:
fdfe7a3616a60b838b55c2fa9e818ccf fetchmail-6.2.0-3.el3.2.i386.rpm

ia64:
cd02da478c2e507e094b3581edf8768b fetchmail-6.2.0-3.el3.2.ia64.rpm

ppc:
5e47a6d1f8babd0005baa45378a8e40c fetchmail-6.2.0-3.el3.2.ppc.rpm

s390:
d4b0e5c8bed708c6b3b2d8b00ba9262c fetchmail-6.2.0-3.el3.2.s390.rpm

s390x:
4a5f2fb842e10f1886d5b33afead33a9 fetchmail-6.2.0-3.el3.2.s390x.rpm

x86_64:
7bee2b44f864c4ffebdce96fce226d44 fetchmail-6.2.0-3.el3.2.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/fetchmail-6.2.0-3.el3.2.src.rpm
f8cf96a663157fefaeb4fc6f1a8cf63d fetchmail-6.2.0-3.el3.2.src.rpm

i386:
fdfe7a3616a60b838b55c2fa9e818ccf fetchmail-6.2.0-3.el3.2.i386.rpm

x86_64:
7bee2b44f864c4ffebdce96fce226d44 fetchmail-6.2.0-3.el3.2.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/fetchmail-6.2.0-3.el3.2.src.rpm
f8cf96a663157fefaeb4fc6f1a8cf63d fetchmail-6.2.0-3.el3.2.src.rpm

i386:
fdfe7a3616a60b838b55c2fa9e818ccf fetchmail-6.2.0-3.el3.2.i386.rpm

ia64:
cd02da478c2e507e094b3581edf8768b fetchmail-6.2.0-3.el3.2.ia64.rpm

x86_64:
7bee2b44f864c4ffebdce96fce226d44 fetchmail-6.2.0-3.el3.2.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/fetchmail-6.2.0-3.el3.2.src.rpm
f8cf96a663157fefaeb4fc6f1a8cf63d fetchmail-6.2.0-3.el3.2.src.rpm

i386:
fdfe7a3616a60b838b55c2fa9e818ccf fetchmail-6.2.0-3.el3.2.i386.rpm

ia64:
cd02da478c2e507e094b3581edf8768b fetchmail-6.2.0-3.el3.2.ia64.rpm

x86_64:
7bee2b44f864c4ffebdce96fce226d44 fetchmail-6.2.0-3.el3.2.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/fetchmail-6.2.5-6.el4.2.src.rpm
74a78227b3e3f5b8a0c392ea1325a2d3 fetchmail-6.2.5-6.el4.2.src.rpm

i386:
07da83424466fe1f855de9c82beb230c fetchmail-6.2.5-6.el4.2.i386.rpm

ia64:
289d48240464a4279b0774e79ebed25f fetchmail-6.2.5-6.el4.2.ia64.rpm

ppc:
6face3dff0e660e2d5eceb82150b371a fetchmail-6.2.5-6.el4.2.ppc.rpm

s390:
c0227905c02d361963da67f1ed45db38 fetchmail-6.2.5-6.el4.2.s390.rpm

s390x:
96d83be40ae7081aa1dd73ff54f389d8 fetchmail-6.2.5-6.el4.2.s390x.rpm

x86_64:
c92a8b8909a1ec1c27cb011d1aa0b924 fetchmail-6.2.5-6.el4.2.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/fetchmail-6.2.5-6.el4.2.src.rpm
74a78227b3e3f5b8a0c392ea1325a2d3 fetchmail-6.2.5-6.el4.2.src.rpm

i386:
07da83424466fe1f855de9c82beb230c fetchmail-6.2.5-6.el4.2.i386.rpm

x86_64:
c92a8b8909a1ec1c27cb011d1aa0b924 fetchmail-6.2.5-6.el4.2.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/fetchmail-6.2.5-6.el4.2.src.rpm
74a78227b3e3f5b8a0c392ea1325a2d3 fetchmail-6.2.5-6.el4.2.src.rpm

i386:
07da83424466fe1f855de9c82beb230c fetchmail-6.2.5-6.el4.2.i386.rpm

ia64:
289d48240464a4279b0774e79ebed25f fetchmail-6.2.5-6.el4.2.ia64.rpm

x86_64:
c92a8b8909a1ec1c27cb011d1aa0b924 fetchmail-6.2.5-6.el4.2.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/fetchmail-6.2.5-6.el4.2.src.rpm
74a78227b3e3f5b8a0c392ea1325a2d3 fetchmail-6.2.5-6.el4.2.src.rpm

i386:
07da83424466fe1f855de9c82beb230c fetchmail-6.2.5-6.el4.2.i386.rpm

ia64:
289d48240464a4279b0774e79ebed25f fetchmail-6.2.5-6.el4.2.ia64.rpm

x86_64:
c92a8b8909a1ec1c27cb011d1aa0b924 fetchmail-6.2.5-6.el4.2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2335

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFC5JrPXlSAg2UNWIIRApNfAJ49Y/eUstz4yT8V66zbRENv0CNypACeKEgE
PHYNiQJGyDPT4GFta7C+vvA=
=uMsb
- -----END PGP SIGNATURE-----



  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |