Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > September 2005 > Red Hat - Six Security Advisories

September 2005

Red Hat - Six Security Advisories

ID: 00849
Ref: 792/05
Date: 29 September 2005:13:38:55
Version: 1
Title: Red Hat - Six Security Advisories
Abstract:
Vendors affected: Red Hat
Operating systems affected: Red Hat
Applications affected: Red Hat

Title
=====

Red Hat - Six Security Advisories:
1. Low: ghostscript security update [RHSA-2005:081-01]
2. Low: slocate security update [RHSA-2005:345-02]
3. Low: net-snmp security update [RHSA-2005:373-01]
4. Low: openssh security update [RHSA-2005:550-01]
5. Low: binutils security update [RHSA-2005:659-01]
6. Updated kernel packages available [RHSA-2005:663-01]


Detail
======

Security advisory summaries:

1. Updated ghostscript packages that fix a PDF output issue and a temporary
file security bug are now available.

2. An updated slocate package that fixes a denial of service and various bugs
is now available.

3. Updated net-snmp packages that fix two security issues and various bugs
are now available.

4. Updated openssh packages that fix a potential security vulnerability and
various other bugs are now available.

5. An updated binutils package that fixes several bugs and minor security
issues is now available.

6. Updated kernel packages are now available as part of ongoing support and
maintenance of Red Hat Enterprise Linux version 3. This is the sixth
regular update.


Security advisory content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Low: ghostscript security update
Advisory ID: RHSA-2005:081-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-081.html
Issue date: 2005-09-28
Updated on: 2005-09-28
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0467
- - ---------------------------------------------------------------------

1. Summary:

Updated ghostscript packages that fix a PDF output issue and a temporary
file security bug are now available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Ghostscript is a program for displaying PostScript files or printing them
to non-PostScript printers.

A bug was found in the way several of Ghostscript's utility scripts created
temporary files. A local user could cause these utilities to overwrite
files that the victim running the utility has write access to. The Common
Vulnerabilities and Exposures project assigned the name CAN-2004-0967 to
this issue.

Additionally, this update addresses the following issue:

A problem has been identified in the PDF output driver, which can cause
output to be delayed indefinitely on some systems. The fix has been
backported from GhostScript 7.07.

All users of ghostscript should upgrade to these updated packages, which
contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

97583 - [7.05-20.1] gs gets stuck reading /dev/random
136321 - CAN-2004-0967 temporary file vulnerabilities in various ghostscript scripts.


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ghostscript-7.05-32.1.10.src.rpm
87e1d46ae49bb064bfd51edd9533c2fb ghostscript-7.05-32.1.10.src.rpm

i386:
dee9bec5beb1752031796689040312b5 ghostscript-7.05-32.1.10.i386.rpm
ae2af61ea81496cc5d8e7e5021143470 ghostscript-devel-7.05-32.1.10.i386.rpm
92e2a96299c1fb3539d3087f5155c39f hpijs-1.3-32.1.10.i386.rpm

ia64:
dee9bec5beb1752031796689040312b5 ghostscript-7.05-32.1.10.i386.rpm
73f845b1cbd06a0bb3b5c66fb8314dee ghostscript-7.05-32.1.10.ia64.rpm
be67339328dc16c6674da83da538550b ghostscript-devel-7.05-32.1.10.ia64.rpm
f43122f745873753078133f30d75386c hpijs-1.3-32.1.10.ia64.rpm

ppc:
c95035076fce72a1245933502a3a72c5 ghostscript-7.05-32.1.10.ppc.rpm
9ccfee1181811b647f084c9b4fb58f6d ghostscript-7.05-32.1.10.ppc64.rpm
ed15b258765009145a645513993e3fac ghostscript-devel-7.05-32.1.10.ppc.rpm
dc185146a03cad78cb148e9d9f701102 hpijs-1.3-32.1.10.ppc.rpm

s390:
2a1b3e34525b2a05b96e2d3b4eda0ac6 ghostscript-7.05-32.1.10.s390.rpm
ea7c23f7b9d485de8b47591e26f32324 ghostscript-devel-7.05-32.1.10.s390.rpm
7a032f8eb837e3850787dd328b1e4017 hpijs-1.3-32.1.10.s390.rpm

s390x:
2a1b3e34525b2a05b96e2d3b4eda0ac6 ghostscript-7.05-32.1.10.s390.rpm
f5b74aaca04b9d7fdf427d31706a68e2 ghostscript-7.05-32.1.10.s390x.rpm
cd03353a351f213cdb0e57168fb17a8d ghostscript-devel-7.05-32.1.10.s390x.rpm
a838f3035c1442db827b8430e5fdb1bf hpijs-1.3-32.1.10.s390x.rpm

x86_64:
dee9bec5beb1752031796689040312b5 ghostscript-7.05-32.1.10.i386.rpm
d37615952eeb5803b749083dcdda966c ghostscript-7.05-32.1.10.x86_64.rpm
819c35d32e4865a14868c3b19d32e7d0 ghostscript-devel-7.05-32.1.10.x86_64.rpm
6d801f7e7a811cf64bffb10ea9cee565 hpijs-1.3-32.1.10.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ghostscript-7.05-32.1.10.src.rpm
87e1d46ae49bb064bfd51edd9533c2fb ghostscript-7.05-32.1.10.src.rpm

i386:
dee9bec5beb1752031796689040312b5 ghostscript-7.05-32.1.10.i386.rpm
ae2af61ea81496cc5d8e7e5021143470 ghostscript-devel-7.05-32.1.10.i386.rpm
92e2a96299c1fb3539d3087f5155c39f hpijs-1.3-32.1.10.i386.rpm

x86_64:
dee9bec5beb1752031796689040312b5 ghostscript-7.05-32.1.10.i386.rpm
d37615952eeb5803b749083dcdda966c ghostscript-7.05-32.1.10.x86_64.rpm
819c35d32e4865a14868c3b19d32e7d0 ghostscript-devel-7.05-32.1.10.x86_64.rpm
6d801f7e7a811cf64bffb10ea9cee565 hpijs-1.3-32.1.10.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ghostscript-7.05-32.1.10.src.rpm
87e1d46ae49bb064bfd51edd9533c2fb ghostscript-7.05-32.1.10.src.rpm

i386:
dee9bec5beb1752031796689040312b5 ghostscript-7.05-32.1.10.i386.rpm
ae2af61ea81496cc5d8e7e5021143470 ghostscript-devel-7.05-32.1.10.i386.rpm
92e2a96299c1fb3539d3087f5155c39f hpijs-1.3-32.1.10.i386.rpm

ia64:
dee9bec5beb1752031796689040312b5 ghostscript-7.05-32.1.10.i386.rpm
73f845b1cbd06a0bb3b5c66fb8314dee ghostscript-7.05-32.1.10.ia64.rpm
be67339328dc16c6674da83da538550b ghostscript-devel-7.05-32.1.10.ia64.rpm
f43122f745873753078133f30d75386c hpijs-1.3-32.1.10.ia64.rpm

x86_64:
dee9bec5beb1752031796689040312b5 ghostscript-7.05-32.1.10.i386.rpm
d37615952eeb5803b749083dcdda966c ghostscript-7.05-32.1.10.x86_64.rpm
819c35d32e4865a14868c3b19d32e7d0 ghostscript-devel-7.05-32.1.10.x86_64.rpm
6d801f7e7a811cf64bffb10ea9cee565 hpijs-1.3-32.1.10.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ghostscript-7.05-32.1.10.src.rpm
87e1d46ae49bb064bfd51edd9533c2fb ghostscript-7.05-32.1.10.src.rpm

i386:
dee9bec5beb1752031796689040312b5 ghostscript-7.05-32.1.10.i386.rpm
ae2af61ea81496cc5d8e7e5021143470 ghostscript-devel-7.05-32.1.10.i386.rpm
92e2a96299c1fb3539d3087f5155c39f hpijs-1.3-32.1.10.i386.rpm

ia64:
dee9bec5beb1752031796689040312b5 ghostscript-7.05-32.1.10.i386.rpm
73f845b1cbd06a0bb3b5c66fb8314dee ghostscript-7.05-32.1.10.ia64.rpm
be67339328dc16c6674da83da538550b ghostscript-devel-7.05-32.1.10.ia64.rpm
f43122f745873753078133f30d75386c hpijs-1.3-32.1.10.ia64.rpm

x86_64:
dee9bec5beb1752031796689040312b5 ghostscript-7.05-32.1.10.i386.rpm
d37615952eeb5803b749083dcdda966c ghostscript-7.05-32.1.10.x86_64.rpm
819c35d32e4865a14868c3b19d32e7d0 ghostscript-devel-7.05-32.1.10.x86_64.rpm
6d801f7e7a811cf64bffb10ea9cee565 hpijs-1.3-32.1.10.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0467

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFDOrkuXlSAg2UNWIIRAgAcAJ4sJQbxSd9k0rZP2HvJVbdzUFL3VQCcCTr3
p2tdjvYpFT6VWXmv4uN+8YU=
=rk/r
- -----END PGP SIGNATURE-----




2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Low: slocate security update
Advisory ID: RHSA-2005:345-02
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-345.html
Issue date: 2005-09-28
Updated on: 2005-09-28
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-2499
- - ---------------------------------------------------------------------

1. Summary:

An updated slocate package that fixes a denial of service and various bugs
is now available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Slocate is a security-enhanced version of locate. Like locate, slocate
searches through a central database (updated nightly) for files that match
a given pattern. Slocate allows you to quickly find files anywhere on your
system.

A bug was found in the way slocate scans the local filesystem. A carefully
prepared directory structure could cause updatedb's file system scan to
fail silently, resulting in an incomplete slocate database. The Common
Vulnerabilities and Exposures project has assigned the name CAN-2005-2499
to this issue.

Additionally this update addresses the following issues:

- - - Files with a size of 2 GB and larger were not entered into the slocate
database.

- - - File system type exclusions were processed only when starting updatedb
and did not reflect file systems mounted while updatedb was running
(for example, automounted file systems).

- - - File system type exclusions were ignored for file systems that were
mounted to a path containing a symbolic link.

- - - Databases created by slocate were owned by the slocate group even if they
were created by regular users.

Users of slocate are advised to upgrade to this updated package, which
contains backported patches and is not affected by these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

132571 - Files > 2 GB are not entered into slocate data base
139950 - slocate collects .automount files over nfs
169453 - CAN-2005-2499 slocate DOS


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/slocate-2.7-3.RHEL3.6.src.rpm
0652f2d48a5f5bc146f62ddf18a859a2 slocate-2.7-3.RHEL3.6.src.rpm

i386:
7d238c27081ed073269359e79319b7bd slocate-2.7-3.RHEL3.6.i386.rpm

ia64:
390fc703afec21d6244c6e2aa1414ec2 slocate-2.7-3.RHEL3.6.ia64.rpm

ppc:
b07fd76ab3c6716c4253c74cb59c26a3 slocate-2.7-3.RHEL3.6.ppc.rpm

s390:
86b77a7eadc28dbe7379728dc816a96e slocate-2.7-3.RHEL3.6.s390.rpm

s390x:
4954e1ae86d8a391d44702f871dcfe49 slocate-2.7-3.RHEL3.6.s390x.rpm

x86_64:
1086c5a84f92aecc5c29340ea1a8f218 slocate-2.7-3.RHEL3.6.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/slocate-2.7-3.RHEL3.6.src.rpm
0652f2d48a5f5bc146f62ddf18a859a2 slocate-2.7-3.RHEL3.6.src.rpm

i386:
7d238c27081ed073269359e79319b7bd slocate-2.7-3.RHEL3.6.i386.rpm

x86_64:
1086c5a84f92aecc5c29340ea1a8f218 slocate-2.7-3.RHEL3.6.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/slocate-2.7-3.RHEL3.6.src.rpm
0652f2d48a5f5bc146f62ddf18a859a2 slocate-2.7-3.RHEL3.6.src.rpm

i386:
7d238c27081ed073269359e79319b7bd slocate-2.7-3.RHEL3.6.i386.rpm

ia64:
390fc703afec21d6244c6e2aa1414ec2 slocate-2.7-3.RHEL3.6.ia64.rpm

x86_64:
1086c5a84f92aecc5c29340ea1a8f218 slocate-2.7-3.RHEL3.6.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/slocate-2.7-3.RHEL3.6.src.rpm
0652f2d48a5f5bc146f62ddf18a859a2 slocate-2.7-3.RHEL3.6.src.rpm

i386:
7d238c27081ed073269359e79319b7bd slocate-2.7-3.RHEL3.6.i386.rpm

ia64:
390fc703afec21d6244c6e2aa1414ec2 slocate-2.7-3.RHEL3.6.ia64.rpm

x86_64:
1086c5a84f92aecc5c29340ea1a8f218 slocate-2.7-3.RHEL3.6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2499

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFDOrlgXlSAg2UNWIIRAvhiAJ9Dpia+9VodA62tLr9QfnjYZu4k6ACeJ6Kk
0nuP282PDddKDsIZVxvRNWU=
=XzVw
- -----END PGP SIGNATURE-----




3.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Low: net-snmp security update
Advisory ID: RHSA-2005:373-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-373.html
Issue date: 2005-09-28
Updated on: 2005-09-28
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-2177 CAN-2005-1740
- - ---------------------------------------------------------------------

1. Summary:

Updated net-snmp packages that fix two security issues and various bugs
are now available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

SNMP (Simple Network Management Protocol) is a protocol used for network
management.

A denial of service bug was found in the way net-snmp uses network stream
protocols. It is possible for a remote attacker to send a net-snmp agent a
specially crafted packet which will crash the agent. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-2177 to this issue.

An insecure temporary file usage bug was found in net-snmp's fixproc
command. It is possible for a local user to modify the content of temporary
files used by fixproc which can lead to arbitrary command execution. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-1740 to this issue.

Additionally the following bugs have been fixed:
- snmpwalk no longer hangs when a non-existant pid is listed.
- snmpd no longer segfaults due to incorrect handling of lmSensors.
- an incorrect assignment leading to invalid values in ASN mibs has been
fixed.
- on systems running a 64-bit kernel, the values in /proc/net/dev no
longer become too large to fit in a 32-bit object.
- the net-snmp-devel packages correctly depend on elfutils-libelf-devel.
- large file systems are correctly handled
- snmp daemon now reports gigabit Ethernet speeds correctly
- fixed consistency between IP adresses and hostnames in configuration file

All users of net-snmp should upgrade to these updated packages, which
resolve these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate. The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

5. Bug IDs fixed (http://bugzilla.redhat.com/):

130252 - net-snmp-devel should depend on elfutils-libelf-devel
152448 - snmpd.conf hostname vs. IP inconsistancy
154455 - 64bit network counters peg instead of wrapping
162907 - CAN-2005-2177 net-snmp denial of service
164639 - CAN-2005-1740 net-snmp insecure temporary file usage


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/net-snmp-5.0.9-2.30E.19.src.rpm
ee5408a229029780a4b807f104bd7c16 net-snmp-5.0.9-2.30E.19.src.rpm

i386:
275a760481290f8bfb0e460bcf76a325 net-snmp-5.0.9-2.30E.19.i386.rpm
5aecdf582c564baab3c3fb3ad9f3e3a7 net-snmp-devel-5.0.9-2.30E.19.i386.rpm
22f54a61c58138ae3398da63980f6dd8 net-snmp-libs-5.0.9-2.30E.19.i386.rpm
9a46b82749a974477ed0769e4177f558 net-snmp-perl-5.0.9-2.30E.19.i386.rpm
5e8362b644123bd9ac5c7c10ce9718d0 net-snmp-utils-5.0.9-2.30E.19.i386.rpm

ia64:
e291fa12809506c678cc06db3b24402c net-snmp-5.0.9-2.30E.19.ia64.rpm
2ebe00117531cc59f59a0639119d2916 net-snmp-devel-5.0.9-2.30E.19.ia64.rpm
22f54a61c58138ae3398da63980f6dd8 net-snmp-libs-5.0.9-2.30E.19.i386.rpm
5773f96c44192345e152662a91432ad4 net-snmp-libs-5.0.9-2.30E.19.ia64.rpm
7fbe51aa390d0ab0311e6b5ae5137ca6 net-snmp-perl-5.0.9-2.30E.19.ia64.rpm
27f322bcecf95453549714e082995c13 net-snmp-utils-5.0.9-2.30E.19.ia64.rpm

ppc:
e418231368a6ae213e83ce86836939d7 net-snmp-5.0.9-2.30E.19.ppc.rpm
44095fbfb80546604561a207795223aa net-snmp-devel-5.0.9-2.30E.19.ppc.rpm
e2f2643a3eefbaae591336829c10b420 net-snmp-libs-5.0.9-2.30E.19.ppc.rpm
f3b3f1ac8976655a6769944dc29e70aa net-snmp-libs-5.0.9-2.30E.19.ppc64.rpm
dfd86b8fc71e905b33d6a71f9abdd45e net-snmp-perl-5.0.9-2.30E.19.ppc.rpm
57ad01103e6b2fd1c26a5025fc9c6025 net-snmp-utils-5.0.9-2.30E.19.ppc.rpm

s390:
cfdd073e9a4c9ae200dca402cd1124aa net-snmp-5.0.9-2.30E.19.s390.rpm
a0124d0124a0dcf9a4324cda445aaf43 net-snmp-devel-5.0.9-2.30E.19.s390.rpm
5032fd899949fabb20d93b58c7e85c5c net-snmp-libs-5.0.9-2.30E.19.s390.rpm
3bc0d3c5807c8411c9ec9079bd3fec14 net-snmp-perl-5.0.9-2.30E.19.s390.rpm
9ea8019b4580a13e7239b8e70dfdbf00 net-snmp-utils-5.0.9-2.30E.19.s390.rpm

s390x:
190425e6825cd70fdb12010391eb6321 net-snmp-5.0.9-2.30E.19.s390x.rpm
226419dcf90b8816c0805a14a8377983 net-snmp-devel-5.0.9-2.30E.19.s390x.rpm
5032fd899949fabb20d93b58c7e85c5c net-snmp-libs-5.0.9-2.30E.19.s390.rpm
ace5ed4da0d27582a49f5e15457ef52e net-snmp-libs-5.0.9-2.30E.19.s390x.rpm
13851f5ca2d032df46ee7ef84037c181 net-snmp-perl-5.0.9-2.30E.19.s390x.rpm
82fd79794cffd287b6c533fb858c8a3c net-snmp-utils-5.0.9-2.30E.19.s390x.rpm

x86_64:
bf1370729dab554e1e4661e992e96c99 net-snmp-5.0.9-2.30E.19.x86_64.rpm
9806ba1a9b45fbefea87b3c7710e968e net-snmp-devel-5.0.9-2.30E.19.x86_64.rpm
22f54a61c58138ae3398da63980f6dd8 net-snmp-libs-5.0.9-2.30E.19.i386.rpm
748cf5f8dbbff7df95c8e68ab81fba3e net-snmp-libs-5.0.9-2.30E.19.x86_64.rpm
54026ee0559184d2ce6690d5f313a46e net-snmp-perl-5.0.9-2.30E.19.x86_64.rpm
cfd7ef629a6682b3baf592e4f9caa1ee net-snmp-utils-5.0.9-2.30E.19.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/net-snmp-5.0.9-2.30E.19.src.rpm
ee5408a229029780a4b807f104bd7c16 net-snmp-5.0.9-2.30E.19.src.rpm

i386:
275a760481290f8bfb0e460bcf76a325 net-snmp-5.0.9-2.30E.19.i386.rpm
5aecdf582c564baab3c3fb3ad9f3e3a7 net-snmp-devel-5.0.9-2.30E.19.i386.rpm
22f54a61c58138ae3398da63980f6dd8 net-snmp-libs-5.0.9-2.30E.19.i386.rpm
9a46b82749a974477ed0769e4177f558 net-snmp-perl-5.0.9-2.30E.19.i386.rpm
5e8362b644123bd9ac5c7c10ce9718d0 net-snmp-utils-5.0.9-2.30E.19.i386.rpm

x86_64:
bf1370729dab554e1e4661e992e96c99 net-snmp-5.0.9-2.30E.19.x86_64.rpm
9806ba1a9b45fbefea87b3c7710e968e net-snmp-devel-5.0.9-2.30E.19.x86_64.rpm
22f54a61c58138ae3398da63980f6dd8 net-snmp-libs-5.0.9-2.30E.19.i386.rpm
748cf5f8dbbff7df95c8e68ab81fba3e net-snmp-libs-5.0.9-2.30E.19.x86_64.rpm
54026ee0559184d2ce6690d5f313a46e net-snmp-perl-5.0.9-2.30E.19.x86_64.rpm
cfd7ef629a6682b3baf592e4f9caa1ee net-snmp-utils-5.0.9-2.30E.19.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/net-snmp-5.0.9-2.30E.19.src.rpm
ee5408a229029780a4b807f104bd7c16 net-snmp-5.0.9-2.30E.19.src.rpm

i386:
275a760481290f8bfb0e460bcf76a325 net-snmp-5.0.9-2.30E.19.i386.rpm
5aecdf582c564baab3c3fb3ad9f3e3a7 net-snmp-devel-5.0.9-2.30E.19.i386.rpm
22f54a61c58138ae3398da63980f6dd8 net-snmp-libs-5.0.9-2.30E.19.i386.rpm
9a46b82749a974477ed0769e4177f558 net-snmp-perl-5.0.9-2.30E.19.i386.rpm
5e8362b644123bd9ac5c7c10ce9718d0 net-snmp-utils-5.0.9-2.30E.19.i386.rpm

ia64:
e291fa12809506c678cc06db3b24402c net-snmp-5.0.9-2.30E.19.ia64.rpm
2ebe00117531cc59f59a0639119d2916 net-snmp-devel-5.0.9-2.30E.19.ia64.rpm
22f54a61c58138ae3398da63980f6dd8 net-snmp-libs-5.0.9-2.30E.19.i386.rpm
5773f96c44192345e152662a91432ad4 net-snmp-libs-5.0.9-2.30E.19.ia64.rpm
7fbe51aa390d0ab0311e6b5ae5137ca6 net-snmp-perl-5.0.9-2.30E.19.ia64.rpm
27f322bcecf95453549714e082995c13 net-snmp-utils-5.0.9-2.30E.19.ia64.rpm

x86_64:
bf1370729dab554e1e4661e992e96c99 net-snmp-5.0.9-2.30E.19.x86_64.rpm
9806ba1a9b45fbefea87b3c7710e968e net-snmp-devel-5.0.9-2.30E.19.x86_64.rpm
22f54a61c58138ae3398da63980f6dd8 net-snmp-libs-5.0.9-2.30E.19.i386.rpm
748cf5f8dbbff7df95c8e68ab81fba3e net-snmp-libs-5.0.9-2.30E.19.x86_64.rpm
54026ee0559184d2ce6690d5f313a46e net-snmp-perl-5.0.9-2.30E.19.x86_64.rpm
cfd7ef629a6682b3baf592e4f9caa1ee net-snmp-utils-5.0.9-2.30E.19.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/net-snmp-5.0.9-2.30E.19.src.rpm
ee5408a229029780a4b807f104bd7c16 net-snmp-5.0.9-2.30E.19.src.rpm

i386:
275a760481290f8bfb0e460bcf76a325 net-snmp-5.0.9-2.30E.19.i386.rpm
5aecdf582c564baab3c3fb3ad9f3e3a7 net-snmp-devel-5.0.9-2.30E.19.i386.rpm
22f54a61c58138ae3398da63980f6dd8 net-snmp-libs-5.0.9-2.30E.19.i386.rpm
9a46b82749a974477ed0769e4177f558 net-snmp-perl-5.0.9-2.30E.19.i386.rpm
5e8362b644123bd9ac5c7c10ce9718d0 net-snmp-utils-5.0.9-2.30E.19.i386.rpm

ia64:
e291fa12809506c678cc06db3b24402c net-snmp-5.0.9-2.30E.19.ia64.rpm
2ebe00117531cc59f59a0639119d2916 net-snmp-devel-5.0.9-2.30E.19.ia64.rpm
22f54a61c58138ae3398da63980f6dd8 net-snmp-libs-5.0.9-2.30E.19.i386.rpm
5773f96c44192345e152662a91432ad4 net-snmp-libs-5.0.9-2.30E.19.ia64.rpm
7fbe51aa390d0ab0311e6b5ae5137ca6 net-snmp-perl-5.0.9-2.30E.19.ia64.rpm
27f322bcecf95453549714e082995c13 net-snmp-utils-5.0.9-2.30E.19.ia64.rpm

x86_64:
bf1370729dab554e1e4661e992e96c99 net-snmp-5.0.9-2.30E.19.x86_64.rpm
9806ba1a9b45fbefea87b3c7710e968e net-snmp-devel-5.0.9-2.30E.19.x86_64.rpm
22f54a61c58138ae3398da63980f6dd8 net-snmp-libs-5.0.9-2.30E.19.i386.rpm
748cf5f8dbbff7df95c8e68ab81fba3e net-snmp-libs-5.0.9-2.30E.19.x86_64.rpm
54026ee0559184d2ce6690d5f313a46e net-snmp-perl-5.0.9-2.30E.19.x86_64.rpm
cfd7ef629a6682b3baf592e4f9caa1ee net-snmp-utils-5.0.9-2.30E.19.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFDOrl+XlSAg2UNWIIRAkMiAJ9oU7P///xrOGYBT6UreckIRDFCowCffzzh
lERNWXEpoPcrS/Omlvw2Gnk=
=/vlD
- -----END PGP SIGNATURE-----




4.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Low: openssh security update
Advisory ID: RHSA-2005:550-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-550.html
Issue date: 2005-09-28
Updated on: 2005-09-28
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-2069
- - ---------------------------------------------------------------------

1. Summary:

Updated openssh packages that fix a potential security vulnerability and
various other bugs are now available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This
includes the core files necessary for both the OpenSSH client and server.

A bug was found in the way the OpenSSH server handled the MaxStartups and
LoginGraceTime configuration variables. A malicious user could connect to
the SSH daemon in such a way that it would prevent additional logins from
occuring until the malicious connections are closed. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-2069 to this issue.

Additionally, the following issues are resolved with this update:

- - - The -q option of the ssh client did not suppress the banner message sent
by the server, which caused errors when used in scripts.

- - - The sshd daemon failed to close the client connection if multiple X
clients were forwarded over the connection and the client session exited.

- - - The sftp client leaked memory if used for extended periods.

- - - The sshd daemon called the PAM functions incorrectly if the user was
unknown on the system.

All users of openssh should upgrade to these updated packages, which
contain backported patches and resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

129289 - [PATCH] SSH -q flag does not suppress banner text
151080 - sftp over a persistent connection (days/weeks) develops a memory leak.
156996 - CAN-2004-2069 openssh DoS issue


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssh-3.6.1p2-33.30.6.src.rpm
f514321c6f738324ef5aa4df64a6e1c2 openssh-3.6.1p2-33.30.6.src.rpm

i386:
52e87b68f36f459088903be25e4dc9fd openssh-3.6.1p2-33.30.6.i386.rpm
4352bdb2f2c165818bb72723840bc96e openssh-askpass-3.6.1p2-33.30.6.i386.rpm
bccb045b7834a86051d4be555034f048 openssh-askpass-gnome-3.6.1p2-33.30.6.i386.rpm
4cda57abc7d85f321900d568a95c5480 openssh-clients-3.6.1p2-33.30.6.i386.rpm
b807bb89e975f7c6afe6f8270d1d5357 openssh-server-3.6.1p2-33.30.6.i386.rpm

ia64:
26481121cb896b726c8e891b801ef3d6 openssh-3.6.1p2-33.30.6.ia64.rpm
2f8aa489e8d9744cbafcd45730794395 openssh-askpass-3.6.1p2-33.30.6.ia64.rpm
fbdd53c3bf2288409aa0687f3717ea5b openssh-askpass-gnome-3.6.1p2-33.30.6.ia64.rpm
d60c195299c8e07e4c5e100f18e2145b openssh-clients-3.6.1p2-33.30.6.ia64.rpm
a0b7c2e40c942f7996003b3d33dc7094 openssh-server-3.6.1p2-33.30.6.ia64.rpm

ppc:
3e29708efad159fa8cc254662b6ff505 openssh-3.6.1p2-33.30.6.ppc.rpm
5c6363576c83399dfa948aa45d8f185e openssh-askpass-3.6.1p2-33.30.6.ppc.rpm
bea38750538bd370e65406b5b1eabf33 openssh-askpass-gnome-3.6.1p2-33.30.6.ppc.rpm
fc65f08b4c2e6ede36e0f7762140aa5c openssh-clients-3.6.1p2-33.30.6.ppc.rpm
ddb0d4bbf471f2c9a60ac8d928a1733e openssh-server-3.6.1p2-33.30.6.ppc.rpm

s390:
a09e96711d0f9e6527193eb3a3660ce1 openssh-3.6.1p2-33.30.6.s390.rpm
8fde7e1acc7593ba0048836f88c9548f openssh-askpass-3.6.1p2-33.30.6.s390.rpm
35e1caa39539fbdd1bd38f17ad66103d openssh-askpass-gnome-3.6.1p2-33.30.6.s390.rpm
c6f91623373358c892fcb36c7785d1c6 openssh-clients-3.6.1p2-33.30.6.s390.rpm
d13ba0dee80f74ac42eb2594fb1582cd openssh-server-3.6.1p2-33.30.6.s390.rpm

s390x:
c953f6bebbffc2c5e888a4b59c4cee7a openssh-3.6.1p2-33.30.6.s390x.rpm
3938bf4cb26335f471f494fd455427a0 openssh-askpass-3.6.1p2-33.30.6.s390x.rpm
06561eab8bd1a67fec7747c9b4ace426 openssh-askpass-gnome-3.6.1p2-33.30.6.s390x.rpm
42df2d392e3741527b820edb6e7fe8c0 openssh-clients-3.6.1p2-33.30.6.s390x.rpm
2bc0b74d772c4fea91ba835b23e86fae openssh-server-3.6.1p2-33.30.6.s390x.rpm

x86_64:
2778b91c7cb7735c4b60fac710a4e602 openssh-3.6.1p2-33.30.6.x86_64.rpm
ed944f1bdecb361ee6cf8e9429ccbc52 openssh-askpass-3.6.1p2-33.30.6.x86_64.rpm
252f1926456af7e2749fa34eafd91cec openssh-askpass-gnome-3.6.1p2-33.30.6.x86_64.rpm
9d788669ff55c53e49e35e1f0919c0ce openssh-clients-3.6.1p2-33.30.6.x86_64.rpm
3552034cbb2d541408fe82faf821a42f openssh-server-3.6.1p2-33.30.6.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openssh-3.6.1p2-33.30.6.src.rpm
f514321c6f738324ef5aa4df64a6e1c2 openssh-3.6.1p2-33.30.6.src.rpm

i386:
52e87b68f36f459088903be25e4dc9fd openssh-3.6.1p2-33.30.6.i386.rpm
4352bdb2f2c165818bb72723840bc96e openssh-askpass-3.6.1p2-33.30.6.i386.rpm
bccb045b7834a86051d4be555034f048 openssh-askpass-gnome-3.6.1p2-33.30.6.i386.rpm
4cda57abc7d85f321900d568a95c5480 openssh-clients-3.6.1p2-33.30.6.i386.rpm
b807bb89e975f7c6afe6f8270d1d5357 openssh-server-3.6.1p2-33.30.6.i386.rpm

x86_64:
2778b91c7cb7735c4b60fac710a4e602 openssh-3.6.1p2-33.30.6.x86_64.rpm
ed944f1bdecb361ee6cf8e9429ccbc52 openssh-askpass-3.6.1p2-33.30.6.x86_64.rpm
252f1926456af7e2749fa34eafd91cec openssh-askpass-gnome-3.6.1p2-33.30.6.x86_64.rpm
9d788669ff55c53e49e35e1f0919c0ce openssh-clients-3.6.1p2-33.30.6.x86_64.rpm
3552034cbb2d541408fe82faf821a42f openssh-server-3.6.1p2-33.30.6.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssh-3.6.1p2-33.30.6.src.rpm
f514321c6f738324ef5aa4df64a6e1c2 openssh-3.6.1p2-33.30.6.src.rpm

i386:
52e87b68f36f459088903be25e4dc9fd openssh-3.6.1p2-33.30.6.i386.rpm
4352bdb2f2c165818bb72723840bc96e openssh-askpass-3.6.1p2-33.30.6.i386.rpm
bccb045b7834a86051d4be555034f048 openssh-askpass-gnome-3.6.1p2-33.30.6.i386.rpm
4cda57abc7d85f321900d568a95c5480 openssh-clients-3.6.1p2-33.30.6.i386.rpm
b807bb89e975f7c6afe6f8270d1d5357 openssh-server-3.6.1p2-33.30.6.i386.rpm

ia64:
26481121cb896b726c8e891b801ef3d6 openssh-3.6.1p2-33.30.6.ia64.rpm
2f8aa489e8d9744cbafcd45730794395 openssh-askpass-3.6.1p2-33.30.6.ia64.rpm
fbdd53c3bf2288409aa0687f3717ea5b openssh-askpass-gnome-3.6.1p2-33.30.6.ia64.rpm
d60c195299c8e07e4c5e100f18e2145b openssh-clients-3.6.1p2-33.30.6.ia64.rpm
a0b7c2e40c942f7996003b3d33dc7094 openssh-server-3.6.1p2-33.30.6.ia64.rpm

x86_64:
2778b91c7cb7735c4b60fac710a4e602 openssh-3.6.1p2-33.30.6.x86_64.rpm
ed944f1bdecb361ee6cf8e9429ccbc52 openssh-askpass-3.6.1p2-33.30.6.x86_64.rpm
252f1926456af7e2749fa34eafd91cec openssh-askpass-gnome-3.6.1p2-33.30.6.x86_64.rpm
9d788669ff55c53e49e35e1f0919c0ce openssh-clients-3.6.1p2-33.30.6.x86_64.rpm
3552034cbb2d541408fe82faf821a42f openssh-server-3.6.1p2-33.30.6.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssh-3.6.1p2-33.30.6.src.rpm
f514321c6f738324ef5aa4df64a6e1c2 openssh-3.6.1p2-33.30.6.src.rpm

i386:
52e87b68f36f459088903be25e4dc9fd openssh-3.6.1p2-33.30.6.i386.rpm
4352bdb2f2c165818bb72723840bc96e openssh-askpass-3.6.1p2-33.30.6.i386.rpm
bccb045b7834a86051d4be555034f048 openssh-askpass-gnome-3.6.1p2-33.30.6.i386.rpm
4cda57abc7d85f321900d568a95c5480 openssh-clients-3.6.1p2-33.30.6.i386.rpm
b807bb89e975f7c6afe6f8270d1d5357 openssh-server-3.6.1p2-33.30.6.i386.rpm

ia64:
26481121cb896b726c8e891b801ef3d6 openssh-3.6.1p2-33.30.6.ia64.rpm
2f8aa489e8d9744cbafcd45730794395 openssh-askpass-3.6.1p2-33.30.6.ia64.rpm
fbdd53c3bf2288409aa0687f3717ea5b openssh-askpass-gnome-3.6.1p2-33.30.6.ia64.rpm
d60c195299c8e07e4c5e100f18e2145b openssh-clients-3.6.1p2-33.30.6.ia64.rpm
a0b7c2e40c942f7996003b3d33dc7094 openssh-server-3.6.1p2-33.30.6.ia64.rpm

x86_64:
2778b91c7cb7735c4b60fac710a4e602 openssh-3.6.1p2-33.30.6.x86_64.rpm
ed944f1bdecb361ee6cf8e9429ccbc52 openssh-askpass-3.6.1p2-33.30.6.x86_64.rpm
252f1926456af7e2749fa34eafd91cec openssh-askpass-gnome-3.6.1p2-33.30.6.x86_64.rpm
9d788669ff55c53e49e35e1f0919c0ce openssh-clients-3.6.1p2-33.30.6.x86_64.rpm
3552034cbb2d541408fe82faf821a42f openssh-server-3.6.1p2-33.30.6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2069

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFDOrmeXlSAg2UNWIIRAuF5AJ4lKY89ZylrKmOfz6MPg76isA4TBgCfTgWH
e1YnMwvvi28iiE9DO9zfGKc=
=dqOJ
- -----END PGP SIGNATURE-----




5.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Low: binutils security update
Advisory ID: RHSA-2005:659-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-659.html
Issue date: 2005-09-28
Updated on: 2005-09-28
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-1704
- - ---------------------------------------------------------------------

1. Summary:

An updated binutils package that fixes several bugs and minor security
issues is now available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Binutils is a collection of utilities used for the creation of executable
code. A number of bugs were found in various binutils tools.

Several integer overflow bugs were found in binutils. If a user is tricked
into processing a specially crafted executable with utilities such as
readelf, size, strings, objdump, or nm, it may allow the execution of
arbitrary code as the user running the utility. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1704
to this issue.

Additionally, the following bugs have been fixed:

- - -- correct alignment of .tbss section if the requested alignment
of .tbss is bigger than requested alignment of .tdata section
- - -- by default issue an error if IA-64 hint@pause instruction is
put into the B slot, add assembler command line switch to
override this behaviour

All users of binutils should upgrade to this updated package, which
contains backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

157983 - gcc produces inadequate alignment for __thread vars
164364 - CAN-2005-1704 Integer overflow in the Binary File Descriptor (BFD) library


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/binutils-2.14.90.0.4-39.src.rpm
64bdd095087e29551e0db7d77def0abb binutils-2.14.90.0.4-39.src.rpm

i386:
40f698290ea2271c9452dd40f0d88429 binutils-2.14.90.0.4-39.i386.rpm

ia64:
d3ec28074b9a8c2c0ff0e91570f1d3a8 binutils-2.14.90.0.4-39.ia64.rpm

ppc:
80f84bae3f54898f94bfca3f63281fe9 binutils-2.14.90.0.4-39.ppc.rpm

s390:
2decc07a7a4765f8b51c5a6e346a6ab9 binutils-2.14.90.0.4-39.s390.rpm

s390x:
525405b42381b13512b184ba2c43a12b binutils-2.14.90.0.4-39.s390x.rpm

x86_64:
3ea049872ff3705f9e6bfe42a8a3f964 binutils-2.14.90.0.4-39.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/binutils-2.14.90.0.4-39.src.rpm
64bdd095087e29551e0db7d77def0abb binutils-2.14.90.0.4-39.src.rpm

i386:
40f698290ea2271c9452dd40f0d88429 binutils-2.14.90.0.4-39.i386.rpm

x86_64:
3ea049872ff3705f9e6bfe42a8a3f964 binutils-2.14.90.0.4-39.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/binutils-2.14.90.0.4-39.src.rpm
64bdd095087e29551e0db7d77def0abb binutils-2.14.90.0.4-39.src.rpm

i386:
40f698290ea2271c9452dd40f0d88429 binutils-2.14.90.0.4-39.i386.rpm

ia64:
d3ec28074b9a8c2c0ff0e91570f1d3a8 binutils-2.14.90.0.4-39.ia64.rpm

x86_64:
3ea049872ff3705f9e6bfe42a8a3f964 binutils-2.14.90.0.4-39.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/binutils-2.14.90.0.4-39.src.rpm
64bdd095087e29551e0db7d77def0abb binutils-2.14.90.0.4-39.src.rpm

i386:
40f698290ea2271c9452dd40f0d88429 binutils-2.14.90.0.4-39.i386.rpm

ia64:
d3ec28074b9a8c2c0ff0e91570f1d3a8 binutils-2.14.90.0.4-39.ia64.rpm

x86_64:
3ea049872ff3705f9e6bfe42a8a3f964 binutils-2.14.90.0.4-39.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1704

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFDOrm6XlSAg2UNWIIRAnXtAJ9ZsYmD37uYtUeUKrjDhMmlD+gVPACgvjXT
RselqGu1H2x8QvkP6PrPd7E=
=dKlI
- -----END PGP SIGNATURE-----




6.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated kernel packages available for Red Hat Enterprise Linux 3 Update 6
Advisory ID: RHSA-2005:663-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-663.html
Issue date: 2005-09-28
Updated on: 2005-09-28
Product: Red Hat Enterprise Linux
Obsoletes: RHSA-2005:472
CVE Names: CAN-2004-0181 CAN-2004-1056 CAN-2005-0124 CAN-2005-0136 CAN-2005-0179 CAN-2005-0210 CAN-2005-0400 CAN-2005-0504 CAN-2005-0756 CAN-2005-0815 CAN-2005-1761 CAN-2005-1762 CAN-2005-1767 CAN-2005-1768 CAN-2005-2456 CAN-2005-2490 CAN-2005-2553 CAN-2005-2555
- - ---------------------------------------------------------------------

1. Summary:

Updated kernel packages are now available as part of ongoing support and
maintenance of Red Hat Enterprise Linux version 3. This is the sixth
regular update.

This security advisory has been rated as having important security impact
by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

This is the sixth regular kernel update to Red Hat Enterprise Linux 3.

New features introduced by this update include:

- diskdump support on HP Smart Array devices
- netconsole/netdump support over bonded interfaces
- new chipset and device support via PCI table updates
- support for new "oom-kill" and "kscand_work_percent" sysctls
- support for dual core processors and ACPI Power Management timers on
AMD64 and Intel EM64T systems

There were many bug fixes in various parts of the kernel. The ongoing
effort to resolve these problems has resulted in a marked improvement in
the reliability and scalability of Red Hat Enterprise Linux 3.

There were numerous driver updates and security fixes (elaborated below).
Other key areas affected by fixes in this update include kswapd, inode
handling, the SATA subsystem, diskdump handling, ptrace() syscall support,
and signal handling.

The following device drivers have been upgraded to new versions:

3w-9xxx ---- 2.24.03.008RH
cciss ------ 2.4.58.RH1
e100 ------- 3.4.8-k2
e1000 ------ 6.0.54-k2
emulex ----- 7.3.2
fusion ----- 2.06.16i.01
iscsi ------ 3.6.2.1
ipmi ------- 35.4
lpfcdfc ---- 1.2.1
qlogic ----- 7.05.00-RH1
tg3 -------- 3.27RH

The following security bugs were fixed in this update:

- a flaw in syscall argument checking on Itanium systems that allowed
a local user to cause a denial of service (crash) (CAN-2005-0136)

- a flaw in stack expansion that allowed a local user of mlockall()
to cause a denial of service (memory exhaustion) (CAN-2005-0179)

- a small memory leak in network packet defragmenting that allowed a
remote user to cause a denial of service (memory exhaustion) on
systems using netfilter (CAN-2005-0210)

- flaws in ptrace() syscall handling on AMD64 and Intel EM64T systems
that allowed a local user to cause a denial of service (crash)
(CAN-2005-0756, CAN-2005-1762, CAN-2005-2553)

- flaws in ISO-9660 file system handling that allowed the mounting of
an invalid image on a CD-ROM to cause a denial of service (crash)
or potentially execute arbitrary code (CAN-2005-0815)

- a flaw in ptrace() syscall handling on Itanium systems that allowed
a local user to cause a denial of service (crash) (CAN-2005-1761)

- a flaw in the alternate stack switching on AMD64 and Intel EM64T
systems that allowed a local user to cause a denial of service
(crash) (CAN-2005-1767)

- race conditions in the ia32-compat support for exec() syscalls on
AMD64, Intel EM64T, and Itanium systems that could allow a local
user to cause a denial of service (crash) (CAN-2005-1768)

- flaws in IPSEC network handling that allowed a local user to cause
a denial of service or potentially gain privileges (CAN-2005-2456,
CAN-2005-2555)

- a flaw in sendmsg() syscall handling on 64-bit systems that allowed
a local user to cause a denial of service or potentially gain
privileges (CAN-2005-2490)

- flaws in unsupported modules that allowed denial-of-service attacks
(crashes) or local privilege escalations on systems using the drm,
coda, or moxa modules (CAN-2004-1056, CAN-2005-0124, CAN-2005-0504)

- potential leaks of kernel data from jfs and ext2 file system handling
(CAN-2004-0181, CAN-2005-0400)

Note: The kernel-unsupported package contains various drivers and modules
that are unsupported and therefore might contain security problems that
have not been addressed.

All Red Hat Enterprise Linux 3 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.

4. Solution:

Before applying this update, make sure that all previously released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

79086 - Request for enhancement for callback function
98542 - iostat -x shows infeasible avgqu-sz results and max util
99502 - LTC3549 - ps wchan broken
116037 - Existence of race condition in Linux SD driver that leads to a deadlock
116317 - symbolic links have invalid permissions
116900 - RHEL3_U4 Data corruption in spite of using O_SYNC
119451 - System can hang while running multiple instances of fdisk
121041 - CAN-2004-0181 jfs infoleak
122982 - microcode_ctl errors with modprobe: Can't locate module char-major-10-184
123331 - LUN i not getting registered
128428 - Opteron gettimeofday granularity problem
128788 - RHEL3 U6: Diskdump support for Compaq Smart Array Controllers (cciss)
128907 - iostat -x 1 5 give bogus statistics...
129853 - RHEL3 U4: need netdump to work with the bonding driver
131029 - gart errors when using 2.4.21-15.0.3.EL.smp or -9.0.1 on AMD64 quad system
131136 - [Patch] Simultaneous calls to open() on a usb device hangs the kernel
131886 - __put_task_struct unresolved when loading externally compiled module
132754 - char-major-10-184 microcode error with kernel 2.4.21-15.ELhugemem
134579 - bogus data in /proc/partitions for IDE whole-disk device
137788 - Extraneous data in option name for scsi_mod
138192 - gart errors when using 2.4.21-20.EL on HP DL585
138534 - CAN-2004-1056 insufficient locking checks in DRM code
139033 - RHEL3 U5: netdump does not work over bonded interfaces
139113 - System hangs for 15-45 seconds on RHEL3 / kernel 2.4.21-20.EL
140849 - "fdisk -l" broken when over 26 EMC Powerpath disks
142263 - Only 16 EMC powerpath LUNs usable with LVM1
142532 - error unmounting /var filesystem while shutdown
142586 - Potential kernel DOS
142856 - 'ghosted' autofs shares disappear
142960 - Unable to umount /var during shutdown process when connected with ssh
143823 - [PATCH] Stale POSIX flock
144524 - CAN-2005-0179 RLIMIT_MEMLOCK bypass and (2.6) unprivileged user DoS
144781 - Kernel panic in shutdown path when iSCSI LUNs are mounted
145476 - netdump client/server problems
145551 - Use of bonding driver in mode 5 can cause multicast packet loss
145950 - high loads / high iowait / up 100% cpu time for kscand on oracle box
146080 - CAN-2005-0124 Coverity: coda fs flaw
146105 - CAN-2005-0504 moxa CAP_SYS_RAWIO missing (-unsupported)
146460 - Need openIPMI driver to work with IBM's x336 BMC [PATCH]
147823 - FEAT: RHEL3 U6: Enable dual-core processors from Intel
148862 - CAN-2005-0136 ptrace corner cases on ia64
149011 - Oracle 8 import of Oracle 9 database can lock system.
149405 - LTC13257-LTPstress sigaction01 Testcase Ends up Segmentation Fault [PATCH]
149636 - Kernel panic (EIP is at find_inode)
149691 - No data avaliable for eth card
149965 - panic at ia64_leave_kernel [kernel] 0x1 (2.4.21-27.EL)
150019 - Don't oom kill TASK_UNINTERRUPTIBLE processes
150130 - e1000 has memory leak when run continuously getting new dhcp leases.
150209 - Over time, autofs leaks kernel memory in the size-256 slab
151054 - kernel panic when bringing up and down multiple interfaces simultaneously
151488 - sk98lin driver drops udp packets
151920 - 8GB SMP servers appear to hang in VM subsystem under stress
152400 - CAN-2005-0400 ext2 mkdir() directory entry random kernel memory leak
152406 - CAN-2005-0815 isofs range checking flaws
153775 - [RHEL3-U6][Diskdump] Backtrace of OS_INIT doesn't work
154245 - RHEL3 U4 - kswapd/rpciod deadlock
154678 - [Texas Instruments] nfs bindresvport: Address already in use
154797 - [RHEL3 U6] diskdump fails with block_order=8
154925 - [RHEL3 U6] Diskdump fails if module parameter 'block_order' has too big value
155244 - Kernel Panics on kernel 2.4.21-27
155259 - [LSI Logic] Feature RHEL: Add mpt fusion SAS support, and new PCI IDs
155289 - [RHEL 3 U6]inode_lock deadlock/race?
155365 - 20041216 ROSE ndigis verification
155473 - ext3 data corruption under Samba share
155978 - CAN-2005-1762 x86_64 sysret exception leads to DoS
156142 - kernel may oops if more than 4k worth of string data returned in /proc/devices
156364 - [RHEL3] IPv6 Neighbor Cache : RHEL 3.0 does not update the IsRouter flag in the cache entry and improperly remove router from the Default Router List.
156608 - [RHEL3 U4] The system clock gains much time when netconle is activated.
156644 - CRM 479318 Unexpected IO-APIC on Opteron system
156831 - sd _mod doesn't handle removable drives (USB floppy) well
156923 - PPC64 not setting backchain in signal frames
156985 - FEAT: RHEL3 U6: cciss driver updates (STOPSHIP)
156989 - FEAT: RH EL 3 U6: diskdump driver
156991 - RHEL3 U6: Add 'ht' flag in EM64T /proc/cpuinfo [PATCH]
156993 - FEAT: RHEL3 U6: Add ICH4L support to kernel (MEDIUM)
156994 - 529692 - /proc/stat documentation is out of date.
156998 - RHEL 3 U6: Use of Performance Monitoring Counters based on Model number (x86-64)
157075 - When an AX100i SP reboot occurs, the Cisco iSCSI driver doesnt log back into array.
157434 - FEAT RHEL3 U6: Need e1000 driver Update to v.6.0.54 or higher (MUSTFIX)
157439 - LTC14642-NetDump is too slow to dump...[PATCH]
157446 - [RFE] [RHEL3 U6]Update 3w-9xxx driver
157571 - [CRM 511714] bonding and arp ping failure detection
157669 - attempt to access beyond end of device: ext2 symlink/EA problem
157846 - Potential kernel panic with stale POSIX locks
157849 - IPVS panic at ip_vs_conn_flush() when unloading ip_vs module
158358 - Updated Qlogic driver is requested in RHEL 3 U6
158456 - Update Emulex driver in RHEL 3 U6
158457 - Long tape commands (e.g. erase) timeout on dpt_i2o.
158459 - RHEL 3 configures non-existent SCSI target devices
158581 - FEAT RHEL3U6: new devices supported by tg3 (STOPSHIP)
158724 - CAN-2005-0210 dst leak
158814 - FEAT: [RHEL3 U6] add PCI_VENDOR_ID_NEC to megaraid subsysvid
158817 - Adding 3pardata to the scsi device whitelist
158877 - [RHEL3 U4] setsockopt SO_RCVTIMEO call fails from a 32 bit binary running on a x86_64 system
158880 - [Patch] RHEL3 U6: lower severity of blk: queue xxxx printks (~MF)
159045 - CAN-2005-1767 x86_64 crashes from context switches on stk-seg-fault stack
159300 - FEAT: RHEL3 U6: Update e100 driver to later than v.3.4.1
159330 - x86_64 kernel stops allocating memory too early when overcommit_memory set to strict
159420 - RHEL3 U6: ESB2 support (PATA, SATA, USB, SMBUS, LPC, Audio and AHCI)
159790 - ptrace changes to registers during ia32 syscall tracing stop are lost
159814 - x86-64 PTRACE_SETOPTIONS does not support most option flags
159823 - CAN-2005-1761 local user can use ptrace to crash system
159915 - CAN-2005-1762 x86_64 crash (ptrace-canonical)
159917 - CAN-2005-0756 x86_64 crash (ptrace-check-segment)
159938 - Diskdump disk controllers support
159979 - Fix dangling pointer in acpi_pci_root_add()
159989 - [RHEL3][PATCH] suppress medum-not-present messages from idefloppy
159991 - [taroon patch] fix for indefinite postponement under __alloc_pages()
159992 - Add docs detailing which drivers support netconsole
159993 - CAN-2005-2553 x86_64 fix for 32-bit ptrace find_target() oops
160093 - [RHEL3][PATCH] suppress medum-not-present messages from idefloppy
160199 - CAN-2005-1768 64bit execve() race leads to buffer overflow
160392 - Memory Leak in autofs
160400 - The AHCI driver was incorrectly resetting the hardware on error
160495 - RHEL 3 U5 code base contains duplicate USB ESSENTIAL_REALITY
160664 - cable link state ignored on ethernet card (b44).
160752 - accounting of SETITIMER_PROF inaccurate
160799 - Kernel panic: pci_map_single: high address but no IOMMU.
160820 - nVidia driver requires upstream page_attr patch
161097 - CRM 565876: samba-3.0.8pre1-smbmnt.patch to fix smbmount UID wraparound bug for RHEL3 Samba packages
161238 - superbh function causing a server to crash when Veritas Volume Manager Modules for VxVM 4.0 are loaded.
161657 - iscsi_sfnet driver does not calculate ConnFailTimeout correctly when greater than 15 secs
161957 - CRM: 507606 / short freezes on Informix server
161986 - RHEL3 U5 panic in kmem_cache_grow
162103 - add SGI scsi devices to list in scsi_scan.c
162603 - dpt_i2o driver oopses on insmod in U5
163152 - Initiator does not retry login on target error when PortalFailover is disabled
164074 - Placeholder for 2.4.x SATA update 20050723-1
164185 - rpm install of -33.EL on ia64 gets unresolved pm_power_off symbol
164226 - User-mode program run on IA64 AS 3.0 causes system to crash due to invalid stack pointer
164819 - [RHEL3U6] diskdump - scsi dump fails with module CRC error
165467 - [RHEL3 U6] Fix to update openipmi drivers for Dell 8G server line (MUSTFIX)
165565 - CAN-2005-2456 IPSEC overflow
165739 - LTC14996-IPMI driver is broken on multiple platforms
165841 - [RHEL3U6] diskdump fails with machine check error on x86_64
165850 - Disable FAN processing in Emulex lpfc driver
165866 - Add Invista to RHEL 3 SCSI Whitelist
165993 - NFS deadlock when multiple processes creating/deleting a file
166066 - IBM TapeLibrary 3583
166132 - CAN-2005-2555 IPSEC lacks restrictions
166172 - Kernel crash on 2.4.21-34 base due to kiobuf_init() setting the initialized state when expand_kiobuf() was not called.
166329 - CAN-2005-2490 sendmsg compat stack overflow
167047 - cciss, add pci id for P400
167222 - [BETA RHEL3 U6] kernel panic while booting numa=off on x86_64
167265 - drivers/addon/lpfc/lpfcdfc/Makefile change causing intermittent build failures
167369 - [RHEL3] cosmetic change to IPMI drivers to update version revision number


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-37.EL.src.rpm
e6108d7306a287a840f7c30bfeccba75 kernel-2.4.21-37.EL.src.rpm

i386:
24024fe9b3193481b6b21f867fcfc781 kernel-2.4.21-37.EL.athlon.rpm
0003c5fe364b249f78be426c4a62fcf5 kernel-2.4.21-37.EL.i686.rpm
18e3b2c8d83e231c643838ce400ca0bb kernel-BOOT-2.4.21-37.EL.i386.rpm
b5edf6be7d814b24d0bf5a3628c18cbc kernel-doc-2.4.21-37.EL.i386.rpm
d4719d3183bf1ca319532aa2a9ebe9c4 kernel-hugemem-2.4.21-37.EL.i686.rpm
76446bd5fc2667445be1bca8dda588b4 kernel-hugemem-unsupported-2.4.21-37.EL.i686.rpm
508cf0f34c04da1b911621aeb1070321 kernel-smp-2.4.21-37.EL.athlon.rpm
2bdfc7a71802f60d1c844d5137dcc255 kernel-smp-2.4.21-37.EL.i686.rpm
1882c97258377bef50b9db0df4a5cf9f kernel-smp-unsupported-2.4.21-37.EL.athlon.rpm
03581f6d868efb9e5bce35625b5d8daa kernel-smp-unsupported-2.4.21-37.EL.i686.rpm
ae7bad600f1d8963f734168436e18db2 kernel-source-2.4.21-37.EL.i386.rpm
72e0653010d19e8ed68c6732f6e2b271 kernel-unsupported-2.4.21-37.EL.athlon.rpm
d62ebb552a8b47ac1b117c762d05ba73 kernel-unsupported-2.4.21-37.EL.i686.rpm

ia64:
70a3b87f906126d91ef2264a0f6650ee kernel-2.4.21-37.EL.ia64.rpm
f7ca10f3a01c71e5ab23adaaab35ef62 kernel-doc-2.4.21-37.EL.ia64.rpm
49d6534a07e3946873f8999da8f59887 kernel-source-2.4.21-37.EL.ia64.rpm
6c3798182a8469f2cbfb2be8af76fd9a kernel-unsupported-2.4.21-37.EL.ia64.rpm

ppc:
5b863fa036a70582198cbf2fc136be46 kernel-2.4.21-37.EL.ppc64iseries.rpm
eda3399747f8e54c36c5e230811ea9fc kernel-2.4.21-37.EL.ppc64pseries.rpm
6985b82adc890f8873591266a9da4070 kernel-doc-2.4.21-37.EL.ppc64.rpm
e2d499ed6fd904e5a672b7330d7fef72 kernel-source-2.4.21-37.EL.ppc64.rpm
dda7e7baefb028e6e6341f15d1f7c9bf kernel-unsupported-2.4.21-37.EL.ppc64iseries.rpm
e06a22a694d8b3825227a779460527a1 kernel-unsupported-2.4.21-37.EL.ppc64pseries.rpm

s390:
ec0162d8a6aa2486413d16b358728647 kernel-2.4.21-37.EL.s390.rpm
bf545a3700abd36242230248b6f49a34 kernel-doc-2.4.21-37.EL.s390.rpm
60fffc4834ab716aee3d7d70cf21e79f kernel-source-2.4.21-37.EL.s390.rpm
69204c00d6dbb585d6c62441ab6d87fe kernel-unsupported-2.4.21-37.EL.s390.rpm

s390x:
ce3087f1eb23d676acb52870ef40fcfc kernel-2.4.21-37.EL.s390x.rpm
c90ba228d51e3ea9d8b00ac62958ac6b kernel-doc-2.4.21-37.EL.s390x.rpm
d9d6f9ea55db73544d5a7e41397d2c8f kernel-source-2.4.21-37.EL.s390x.rpm
897d706f8bac2d870d3380d8edd6794f kernel-unsupported-2.4.21-37.EL.s390x.rpm

x86_64:
931b4ddb3af86aac5b801bd2587eb723 kernel-2.4.21-37.EL.ia32e.rpm
8d1adc29f437dc5cf62ec08d3da6ae53 kernel-2.4.21-37.EL.x86_64.rpm
9460d2e2df9b07a0af26eb69896adc44 kernel-doc-2.4.21-37.EL.x86_64.rpm
aa025df62ceb220adbf5aea14cc10e6e kernel-smp-2.4.21-37.EL.x86_64.rpm
9c442639c8e232b3aee13c163a82e848 kernel-smp-unsupported-2.4.21-37.EL.x86_64.rpm
6da838c902259f34e4d371c950e9a6d9 kernel-source-2.4.21-37.EL.x86_64.rpm
53b7464a7fcdbfefb6f3e0da044cea0f kernel-unsupported-2.4.21-37.EL.ia32e.rpm
3f266854de88d229ca1831bf2e476787 kernel-unsupported-2.4.21-37.EL.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-37.EL.src.rpm
e6108d7306a287a840f7c30bfeccba75 kernel-2.4.21-37.EL.src.rpm

i386:
24024fe9b3193481b6b21f867fcfc781 kernel-2.4.21-37.EL.athlon.rpm
0003c5fe364b249f78be426c4a62fcf5 kernel-2.4.21-37.EL.i686.rpm
18e3b2c8d83e231c643838ce400ca0bb kernel-BOOT-2.4.21-37.EL.i386.rpm
b5edf6be7d814b24d0bf5a3628c18cbc kernel-doc-2.4.21-37.EL.i386.rpm
d4719d3183bf1ca319532aa2a9ebe9c4 kernel-hugemem-2.4.21-37.EL.i686.rpm
76446bd5fc2667445be1bca8dda588b4 kernel-hugemem-unsupported-2.4.21-37.EL.i686.rpm
508cf0f34c04da1b911621aeb1070321 kernel-smp-2.4.21-37.EL.athlon.rpm
2bdfc7a71802f60d1c844d5137dcc255 kernel-smp-2.4.21-37.EL.i686.rpm
1882c97258377bef50b9db0df4a5cf9f kernel-smp-unsupported-2.4.21-37.EL.athlon.rpm
03581f6d868efb9e5bce35625b5d8daa kernel-smp-unsupported-2.4.21-37.EL.i686.rpm
ae7bad600f1d8963f734168436e18db2 kernel-source-2.4.21-37.EL.i386.rpm
72e0653010d19e8ed68c6732f6e2b271 kernel-unsupported-2.4.21-37.EL.athlon.rpm
d62ebb552a8b47ac1b117c762d05ba73 kernel-unsupported-2.4.21-37.EL.i686.rpm

x86_64:
931b4ddb3af86aac5b801bd2587eb723 kernel-2.4.21-37.EL.ia32e.rpm
8d1adc29f437dc5cf62ec08d3da6ae53 kernel-2.4.21-37.EL.x86_64.rpm
9460d2e2df9b07a0af26eb69896adc44 kernel-doc-2.4.21-37.EL.x86_64.rpm
aa025df62ceb220adbf5aea14cc10e6e kernel-smp-2.4.21-37.EL.x86_64.rpm
9c442639c8e232b3aee13c163a82e848 kernel-smp-unsupported-2.4.21-37.EL.x86_64.rpm
6da838c902259f34e4d371c950e9a6d9 kernel-source-2.4.21-37.EL.x86_64.rpm
53b7464a7fcdbfefb6f3e0da044cea0f kernel-unsupported-2.4.21-37.EL.ia32e.rpm
3f266854de88d229ca1831bf2e476787 kernel-unsupported-2.4.21-37.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-37.EL.src.rpm
e6108d7306a287a840f7c30bfeccba75 kernel-2.4.21-37.EL.src.rpm

i386:
24024fe9b3193481b6b21f867fcfc781 kernel-2.4.21-37.EL.athlon.rpm
0003c5fe364b249f78be426c4a62fcf5 kernel-2.4.21-37.EL.i686.rpm
18e3b2c8d83e231c643838ce400ca0bb kernel-BOOT-2.4.21-37.EL.i386.rpm
b5edf6be7d814b24d0bf5a3628c18cbc kernel-doc-2.4.21-37.EL.i386.rpm
d4719d3183bf1ca319532aa2a9ebe9c4 kernel-hugemem-2.4.21-37.EL.i686.rpm
76446bd5fc2667445be1bca8dda588b4 kernel-hugemem-unsupported-2.4.21-37.EL.i686.rpm
508cf0f34c04da1b911621aeb1070321 kernel-smp-2.4.21-37.EL.athlon.rpm
2bdfc7a71802f60d1c844d5137dcc255 kernel-smp-2.4.21-37.EL.i686.rpm
1882c97258377bef50b9db0df4a5cf9f kernel-smp-unsupported-2.4.21-37.EL.athlon.rpm
03581f6d868efb9e5bce35625b5d8daa kernel-smp-unsupported-2.4.21-37.EL.i686.rpm
ae7bad600f1d8963f734168436e18db2 kernel-source-2.4.21-37.EL.i386.rpm
72e0653010d19e8ed68c6732f6e2b271 kernel-unsupported-2.4.21-37.EL.athlon.rpm
d62ebb552a8b47ac1b117c762d05ba73 kernel-unsupported-2.4.21-37.EL.i686.rpm

ia64:
70a3b87f906126d91ef2264a0f6650ee kernel-2.4.21-37.EL.ia64.rpm
f7ca10f3a01c71e5ab23adaaab35ef62 kernel-doc-2.4.21-37.EL.ia64.rpm
49d6534a07e3946873f8999da8f59887 kernel-source-2.4.21-37.EL.ia64.rpm
6c3798182a8469f2cbfb2be8af76fd9a kernel-unsupported-2.4.21-37.EL.ia64.rpm

x86_64:
931b4ddb3af86aac5b801bd2587eb723 kernel-2.4.21-37.EL.ia32e.rpm
8d1adc29f437dc5cf62ec08d3da6ae53 kernel-2.4.21-37.EL.x86_64.rpm
9460d2e2df9b07a0af26eb69896adc44 kernel-doc-2.4.21-37.EL.x86_64.rpm
aa025df62ceb220adbf5aea14cc10e6e kernel-smp-2.4.21-37.EL.x86_64.rpm
9c442639c8e232b3aee13c163a82e848 kernel-smp-unsupported-2.4.21-37.EL.x86_64.rpm
6da838c902259f34e4d371c950e9a6d9 kernel-source-2.4.21-37.EL.x86_64.rpm
53b7464a7fcdbfefb6f3e0da044cea0f kernel-unsupported-2.4.21-37.EL.ia32e.rpm
3f266854de88d229ca1831bf2e476787 kernel-unsupported-2.4.21-37.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-37.EL.src.rpm
e6108d7306a287a840f7c30bfeccba75 kernel-2.4.21-37.EL.src.rpm

i386:
24024fe9b3193481b6b21f867fcfc781 kernel-2.4.21-37.EL.athlon.rpm
0003c5fe364b249f78be426c4a62fcf5 kernel-2.4.21-37.EL.i686.rpm
18e3b2c8d83e231c643838ce400ca0bb kernel-BOOT-2.4.21-37.EL.i386.rpm
b5edf6be7d814b24d0bf5a3628c18cbc kernel-doc-2.4.21-37.EL.i386.rpm
d4719d3183bf1ca319532aa2a9ebe9c4 kernel-hugemem-2.4.21-37.EL.i686.rpm
76446bd5fc2667445be1bca8dda588b4 kernel-hugemem-unsupported-2.4.21-37.EL.i686.rpm
508cf0f34c04da1b911621aeb1070321 kernel-smp-2.4.21-37.EL.athlon.rpm
2bdfc7a71802f60d1c844d5137dcc255 kernel-smp-2.4.21-37.EL.i686.rpm
1882c97258377bef50b9db0df4a5cf9f kernel-smp-unsupported-2.4.21-37.EL.athlon.rpm
03581f6d868efb9e5bce35625b5d8daa kernel-smp-unsupported-2.4.21-37.EL.i686.rpm
ae7bad600f1d8963f734168436e18db2 kernel-source-2.4.21-37.EL.i386.rpm
72e0653010d19e8ed68c6732f6e2b271 kernel-unsupported-2.4.21-37.EL.athlon.rpm
d62ebb552a8b47ac1b117c762d05ba73 kernel-unsupported-2.4.21-37.EL.i686.rpm

ia64:
70a3b87f906126d91ef2264a0f6650ee kernel-2.4.21-37.EL.ia64.rpm
f7ca10f3a01c71e5ab23adaaab35ef62 kernel-doc-2.4.21-37.EL.ia64.rpm
49d6534a07e3946873f8999da8f59887 kernel-source-2.4.21-37.EL.ia64.rpm
6c3798182a8469f2cbfb2be8af76fd9a kernel-unsupported-2.4.21-37.EL.ia64.rpm

x86_64:
931b4ddb3af86aac5b801bd2587eb723 kernel-2.4.21-37.EL.ia32e.rpm
8d1adc29f437dc5cf62ec08d3da6ae53 kernel-2.4.21-37.EL.x86_64.rpm
9460d2e2df9b07a0af26eb69896adc44 kernel-doc-2.4.21-37.EL.x86_64.rpm
aa025df62ceb220adbf5aea14cc10e6e kernel-smp-2.4.21-37.EL.x86_64.rpm
9c442639c8e232b3aee13c163a82e848 kernel-smp-unsupported-2.4.21-37.EL.x86_64.rpm
6da838c902259f34e4d371c950e9a6d9 kernel-source-2.4.21-37.EL.x86_64.rpm
53b7464a7fcdbfefb6f3e0da044cea0f kernel-unsupported-2.4.21-37.EL.ia32e.rpm
3f266854de88d229ca1831bf2e476787 kernel-unsupported-2.4.21-37.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0124
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0210
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0400
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0756
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1762
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1768
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2555

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFDOrneXlSAg2UNWIIRAlo5AKCoWzCTFjpFve/teIYCQ0IWEFFcvACfT4PU
Y5zug/Wn2ZE9D6MEpYhiOeE=
=NV2I
- -----END PGP SIGNATURE-----



  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |