Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Red Hat Enterprise 4: RHSA-2007:0208-02 Low: w3c-libwww Buffer Overflow

red hat
Calendar Grey May 1, 2007
Dist Redhat Esm H88
Patch deployment initiated to rectify minor vulnerabilities such as buffer overflow within w3c-libwww for Fedora servers.
Updated w3c-libwww packages that fix a security issue and a bug are now available

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

163664 - /usr/lib64/libmd5.so is broken. 169495 - CVE-2005-3183 Multiple bugs in libwww - one exploitable - in Library/src/HTBound.c

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS: f5c93edc9bd1a7543d617a412a391ca2 w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm

i386: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm e992c6ad896a93590ae4ab02b861bf72 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.i386.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 86ec9f9c056f6cc6405b1fa7dfa62d47 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.i386.rpm

ia64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 363e79315dbac0a85f48848cc6d7d582 w3c-libwww-5.4.0-10.1.RHEL4.2.ia64.rpm 55c54d4dbc71f571d9445d1ef787fed8 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.ia64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 29a2d58abf333a413b046429d41fa30b w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.ia64.rpm 8f70d61a913814b945ee01cd9b1aef97 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.ia64.rpm

ppc: e20415ead6919058b5e0792e7f038201 w3c-libwww-5.4.0-10.1.RHEL4.2.ppc.rpm 54e29e788248fba9c1a1b1a21468de37 w3c-libwww-5.4.0-10.1.RHEL4.2.ppc64.rpm 6718eb3dc7804724e7d2c48f1f29b66b w3c-libwww-apps-5.4.0-10.1.RHEL4.2.ppc.rpm 38faec06014cb339e95f4b7c4cf602d3 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.ppc.rpm 6d1b95e5446ee605df8c7d1e01625209 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.ppc64.rpm b4babec6d53b2d34db31be94e0dbfb26 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.ppc.rpm

s390: ba843212e12261ad439c9703a33f3ed6 w3c-libwww-5.4.0-10.1.RHEL4.2.s390.rpm 5e6d19c48b5a5ffae7048ccab6d68d06 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.s390.rpm 134fd18a7741d12ad813f572793b2088 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.s390.rpm 2a2f963f31a9920b4577e4ce7ab39e3c w3c-libwww-devel-5.4.0-10.1.RHEL4.2.s390.rpm

s390x: ba843212e12261ad439c9703a33f3ed6 w3c-libwww-5.4.0-10.1.RHEL4.2.s390.rpm ebd676d4cbc19756aabf06ba6537262c w3c-libwww-5.4.0-10.1.RHEL4.2.s390x.rpm dc750df9eb1e58bb0887e4969e3d7a8d w3c-libwww-apps-5.4.0-10.1.RHEL4.2.s390x.rpm 134fd18a7741d12ad813f572793b2088 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.s390.rpm 1e03d6c927269840db1520a26cf2880c w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.s390x.rpm 68054495a7e29a855f85b83bac370e57 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.s390x.rpm

x86_64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 313ef638f3107724fb43814ab7bca32c w3c-libwww-5.4.0-10.1.RHEL4.2.x86_64.rpm 74e2e34acb1fdd4d0b2fda8b45db506c w3c-libwww-apps-5.4.0-10.1.RHEL4.2.x86_64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm af7ab7aa6348de6c1176fae0bdf5c62c w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.x86_64.rpm eebdfad543cc4ee56a15a6f928c833f6 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: f5c93edc9bd1a7543d617a412a391ca2 w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm

i386: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm e992c6ad896a93590ae4ab02b861bf72 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.i386.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 86ec9f9c056f6cc6405b1fa7dfa62d47 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.i386.rpm

x86_64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 313ef638f3107724fb43814ab7bca32c w3c-libwww-5.4.0-10.1.RHEL4.2.x86_64.rpm 74e2e34acb1fdd4d0b2fda8b45db506c w3c-libwww-apps-5.4.0-10.1.RHEL4.2.x86_64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm af7ab7aa6348de6c1176fae0bdf5c62c w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.x86_64.rpm eebdfad543cc4ee56a15a6f928c833f6 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: f5c93edc9bd1a7543d617a412a391ca2 w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm

i386: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm e992c6ad896a93590ae4ab02b861bf72 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.i386.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 86ec9f9c056f6cc6405b1fa7dfa62d47 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.i386.rpm

ia64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 363e79315dbac0a85f48848cc6d7d582 w3c-libwww-5.4.0-10.1.RHEL4.2.ia64.rpm 55c54d4dbc71f571d9445d1ef787fed8 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.ia64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 29a2d58abf333a413b046429d41fa30b w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.ia64.rpm 8f70d61a913814b945ee01cd9b1aef97 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.ia64.rpm

x86_64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 313ef638f3107724fb43814ab7bca32c w3c-libwww-5.4.0-10.1.RHEL4.2.x86_64.rpm 74e2e34acb1fdd4d0b2fda8b45db506c w3c-libwww-apps-5.4.0-10.1.RHEL4.2.x86_64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm af7ab7aa6348de6c1176fae0bdf5c62c w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.x86_64.rpm eebdfad543cc4ee56a15a6f928c833f6 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: f5c93edc9bd1a7543d617a412a391ca2 w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm

i386: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm e992c6ad896a93590ae4ab02b861bf72 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.i386.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 86ec9f9c056f6cc6405b1fa7dfa62d47 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.i386.rpm

ia64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 363e79315dbac0a85f48848cc6d7d582 w3c-libwww-5.4.0-10.1.RHEL4.2.ia64.rpm 55c54d4dbc71f571d9445d1ef787fed8 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.ia64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 29a2d58abf333a413b046429d41fa30b w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.ia64.rpm 8f70d61a913814b945ee01cd9b1aef97 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.ia64.rpm

x86_64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 313ef638f3107724fb43814ab7bca32c w3c-libwww-5.4.0-10.1.RHEL4.2.x86_64.rpm 74e2e34acb1fdd4d0b2fda8b45db506c w3c-libwww-apps-5.4.0-10.1.RHEL4.2.x86_64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm af7ab7aa6348de6c1176fae0bdf5c62c w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.x86_64.rpm eebdfad543cc4ee56a15a6f928c833f6 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2005-3183 https://access.redhat.com/security/updates/classification#low

Package List


Severity
low
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2007:0208-02
Issue date: 2007-05-01
Updated on: 2007-05-01
Product: Red Hat Enterprise Linux

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here