Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Red Hat Powertools: RHSA-2002:027-22 Critical: zlib DoS Attack

red hat
Calendar Grey March 11, 2002
Dist Redhat Esm H88
Critical flaw discovered in the OpenSSL module of Ubuntu Core, exposing critical Denial-of-Service risks. Immediate updates necessary to maintain system integrity.
This vulnerability makes it easy to perform various denial-of-service attacks against such programs

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.

Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed ( for more info):



6. RPMs required:

Red Hat Powertools 6.2:

SRPMS:



alpha:



i386:



sparc:


Red Hat Powertools 7.0:

SRPMS:


alpha:


i386:


Red Hat Powertools 7.1:

SRPMS:



alpha:





i386:








7. Verification:

MD5 sum Package Name 04a498e3a9122b133c7beb6bd61f7002 6.2/en/powertools/SRPMS/freeamp-2.0.8-3.62.src.rpm beb533f4769300842e9690573f8f5042 6.2/en/powertools/SRPMS/vnc-3.3.3-2.3.src.rpm 4ed9222dbb7efa7e91ec934007353123 6.2/en/powertools/alpha/freeamp-2.0.8-3.62.alpha.rpm d9b06f36f340b8cc1b1b0908f236aa92 6.2/en/powertools/alpha/vnc-3.3.3-2.3.alpha.rpm da6f8b0fdd725b70b3717642592ac57f 6.2/en/powertools/i386/freeamp-2.0.8-3.62.i386.rpm 45f7de3b77c693141214ea0858bdd758 6.2/en/powertools/i386/vnc-3.3.3-2.3.i386.rpm df7b617bd40a5bc7399def5a0b790d72 6.2/en/powertools/sparc/vnc-3.3.3-2.3.sparc.rpm 9728e294268313afb5d34635844bf325 7.0/en/powertools/SRPMS/freeamp-2.0.8-4.src.rpm 7980ec91d94bde4c38f26027d6a5c79e 7.0/en/powertools/alpha/freeamp-2.0.8-4.alpha.rpm 581445aca1ab654e9859631a2da1f25d 7.0/en/powertools/i386/freeamp-2.0.8-4.i386.rpm dcd4dac892444055519cbb5f4dbf3d25 7.1/en/powertools/SRPMS/amaya-4.0-4.src.rpm 452b8aad8b8782aee15e4bca9f32a47e 7.1/en/powertools/SRPMS/qt-embedded-2.3.2-1.src.rpm 3316b0c47c6d890271f7b88fe9d4b2ed 7.1/en/powertools/alpha/qt-embedded-2.3.2-1.alpha.rpm 481e6bab8b5882b0786170675521a2b3 7.1/en/powertools/alpha/qt-embedded-designer-2.3.2-1.alpha.rpm 10cf10058023b7908630910024a80020 7.1/en/powertools/alpha/qt-embedded-devel-2.3.2-1.alpha.rpm 7c41b1ed87341249f72054ad13b2b17a 7.1/en/powertools/alpha/qt-embedded-static-2.3.2-1.alpha.rpm 9d0d12d364e6e760db9465286ae9d0c8 7.1/en/powertools/i386/amaya-4.0-4.i386.rpm e6e968596f8df709c255fc26884aaeac 7.1/en/powertools/i386/qt-embedded-2.3.2-1.i386.rpm 732a30933fffb2fb807574e1614a8dfe 7.1/en/powertools/i386/qt-embedded-designer-2.3.2-1.i386.rpm d6debb26c81d7d3c84ad0257f8d7631b 7.1/en/powertools/i386/qt-embedded-devel-2.3.2-1.i386.rpm 14233bdde094d7ba2d2b4d63ea5f8e3f 7.1/en/powertools/i386/qt-embedded-static-2.3.2-1.i386.rpm


These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About

You can verify each package with the following command: rpm --checksig

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

Summary

Topics%20covered

Topics Covered

security advisory denial of service Red Hat Powertools system update zlib library exploit mitigation

References

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0059 to this issue. Red Hat would like to thank CERT/CC for their help in coordinating this issue with other vendors. CVE -CVE-2002-0059 Copyright(c) 2000, 2001, 2002 Red Hat, Inc. `

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2002:027-22
Issue date: 2002-02-11
Updated on: 2002-03-11
Product: Red Hat Powertools
Keywords: zlib double free
Cross references: RHSA-2002:026
Obsoletes:
:

Topic

Topics%20covered

Topics Covered

security advisory denial of service Red Hat Powertools system update zlib library exploit mitigation

Relevant Releases Architectures

Red Hat Powertools 6.0 - alpha, i386, sparc

Red Hat Powertools 6.1 - alpha, i386, sparc

Red Hat Powertools 6.2 - alpha, i386, sparc

Red Hat Powertools 7.0 - alpha, i386

Red Hat Powertools 7.1 - alpha, i386

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here