Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 554
Alerts This Week
Warning Icon 1 554

Red Hat 6.2 RHSA-2000:028-02 Critical: SSL Session Compromise Issue

red hat
Calendar Grey May 19, 2000
Dist Redhat Esm H88
To resolve SSL certificate problems in Netscape 4.73, follow essential steps to prevent session hijacking and enhance security measures.

These new packages fix bugs in SSL certificate validation; these bugs could allow for the compromising of encrypted SSL sessions.

Solution

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where filename is the name of the RPM.

For Red Hat Linux 5.0 and 5.1, use the Red Hat Linux 5.2 packages. For Red Hat Linux 6.0 and 6.1, use the Red Hat Linux 6.2 packages.

5. Bug IDs fixed ( for more info):

11379 - Netscape 4.73 release for security problems in 4.72


6. RPMs required:

Red Hat Linux 5.2:

intel:

sources:

Red Hat Linux 6.2:

intel:

alpha:

sources:

7. Verification:

MD5 sum Package Name 3e881194baf12d2d7e761a63041ba404 5.2/SRPMS/netscape-4.73-0.5.2.src.rpm 52498e09827f5e854f99e320e2923fc4 5.2/i386/netscape-common-4.73-0.5.2.i386.rpm 1e15dfb4454c36e7352cd1803974f871 5.2/i386/netscape-communicator-4.73-0.5.2.i386.rpm 703a4a0b80ca0c45967cb8cc569b0600 5.2/i386/netscape-navigator-4.73-0.5.2.i386.rpm a83932536aef2837be8733621c3415d0 6.2/SRPMS/netscape-4.73-1.src.rpm bb79a4d70ebc7ab6cd91c04fbb951ca8 6.2/SRPMS/netscape-alpha-4.73-1.src.rpm e800a7af7c20be924469aedb75ad807f 6.2/alpha/netscape-common-4.73-1.alpha.rpm 9502f4ec6d2c99f8f61329898f31450f 6.2/alpha/netscape-communicator-4.73-1.alpha.rpm d812be498d83e19dba903282c8805ee2 6.2/alpha/netscape-navigator-4.73-1.alpha.rpm de054f11902c5777446baff909da817c 6.2/i386/netscape-common-4.73-1.i386.rpm d3825c0c61838da0b35570fb0dc7e743 6.2/i386/netscape-communicator-4.73-1.i386.rpm aea9965093a8202196f637e8385035d9 6.2/i386/netscape-navigator-4.73-1.i386.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:

You can verify each package with the following command: rpm --checksig

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

Summary

References

N/A

`

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2000:028-02
Issue date: 2000-05-19
Updated on: 2000-05-19
Product: Red Hat Linux
Keywords: netscape SSL telnet rlogin
Cross references: ;vid=1188
:

Topic

Relevant Releases Architectures

Red Hat Linux 5.2 - i386

Red Hat Linux 6.2 - i386 alpha

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.