SciLinux: CVE-2005-3191 SL 40,41,42 i386

Date:         Wed, 21 Dec 2005 17:28:24 -0600
Reply-To:     Connie Sieh 
Sender:       Security Errata for Scientific Linux
              
From:         Connie Sieh 
Subject:      ERRATA for SL 40,41,42 i386 now available
Comments: To: scientific-linux-errata@fnal.gov

The following ERRATA for SL 40,41,42 i386 are now available from:

Synopsis:          Important: cups security update
Advisory ID:       RHSA-2005:878-01
CVE Names:         CVE-2005-3191 CVE-2005-3192 CVE-2005-3193
 
  cups-1.1.22-0.rc1.9.9.i386.rpm
  cups-devel-1.1.22-0.rc1.9.9.i386.rpm
  cups-libs-1.1.22-0.rc1.9.9.i386.rpm

Synopsis:          Moderate: curl security update
Advisory ID:       RHSA-2005:875-01
CVE Names:         CVE-2005-4077

  curl-7.12.1-8.rhel4.i386.rpm
  curl-devel-7.12.1-8.rhel4.i386.rpm

Synopsis:          Important: gpdf security update
Advisory ID:       RHSA-2005:867-01
CVE Names:         CVE-2005-3191 CVE-2005-3192 CVE-2005-3193

  gpdf-2.8.2-7.3.i386.rpm

Synopsis:       Moderate Java plugin security update
Sun Alert ID:   102003
Product:        j2sdk
Summary:        Security Vulnerabilities in the Java Runtime Environment 
		may allow an untrusted applet to elevate its privileges

https://www.oracle.com/java/technologies/

Notes: Many users will have a dead link in places like
/usr/lib/firefox-1.0.7/plugins/libjavaplugin_oji.so
This is a known result of the upgrade.  This is because the plugin is now
put in the directory  /usr/lib/mozilla/plugins/
Putting the plugin in that directory works for all Scientific Linux
versions of mozilla and firefox.

Note that j2sdk-1.4.2_10-fcs.i586.rpm has NOT been signed by us.  The 
license and the rpm itself do not all for it.

  j2sdk-1.4.2_10-fcs.i586.rpm
  java-1.4.2-sun-compat-1.4.2.10-1jpp.i586.rpm

Synopsis:          Important: kdegraphics security update
Advisory ID:       RHSA-2005:868-01
CVE Names:         CVE-2005-3191 CVE-2005-3192 CVE-2005-3193

  kdegraphics-3.3.1-3.6.i386.rpm
  kdegraphics-devel-3.3.1-3.6.i386.rpm

Synopsis:          Moderate: perl security update
Advisory ID:       RHSA-2005:880-01
CVE Names:         CVE-2005-3962

  perl-5.8.5-24.RHEL4.i386.rpm
  perl-suidperl-5.8.5-24.RHEL4.i386.rpm

Synopsis:          Important: udev security update
Advisory ID:       RHSA-2005:864-01
CVE Names:         CVE-2005-3631

  udev-039-10.10.EL4.3.i386.rpm

Synopsis:          Important: xpdf security update
Advisory ID:       RHSA-2005:840-02
CVE Names:         CVE-2005-3191 CVE-2005-3192 CVE-2005-3193

  xpdf-3.00-11.10.i386.rpm

-Connie Sieh
-Troy Dawson
lastline

Date: Wed, 21 Dec 2005 17:28:24 -0600Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: ERRATA for SL 40,41,42 i386 now availableComments: To: scientific-linux-errata@fnal.govThe following ERRATA for SL 40,41,42 i386 are now available from:Synopsis: Important: cups security updateAdvisory ID: RHSA-2005:878-01CVE Names: CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 cups-1.1.22-0.rc1.9.9.i386.rpm cups-devel-1.1.22-0.rc1.9.9.i386.rpm cups-libs-1.1.22-0.rc1.9.9.i386.rpmSynopsis: Moderate: curl security updateAdvisory ID: RHSA-2005:875-01CVE Names: CVE-2005-4077 curl-7.12.1-8.rhel4.i386.rpm curl-devel-7.12.1-8.rhel4.i386.rpmSynopsis: Important: gpdf security updateAdvisory ID: RHSA-2005:867-01CVE Names: CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 gpdf-2.8.2-7.3.i386.rpmSynopsis: Moderate Java plugin security updateSun Alert ID: 102003Product: j2sdkSummary: Security Vulnerabilities in the Java Runtime Environment may allow an untrusted applet to elevate its privilegeshttps://www.oracle.com/java/technologies/Notes: Many users will have a dead link in places like/usr/lib/firefox-1.0.7/plugins/libjavaplugin_oji.soThis is a known result of the upgrade. This is because the plugin is nowput in the directory /usr/lib/mozilla/plugins/Putting the plugin in that directory works for all Scientific Linuxversions of mozilla and firefox.Note that j2sdk-1.4.2_10-fcs.i586.rpm has NOT been signed by us. The license and the rpm itself do not all for it. j2sdk-1.4.2_10-fcs.i586.rpm java-1.4.2-sun-compat-1.4.2.10-1jpp.i586.rpmSynopsis: Important: kdegraphics security updateAdvisory ID: RHSA-2005:868-01CVE Names: CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 kdegraphics-3.3.1-3.6.i386.rpm kdegraphics-devel-3.3.1-3.6.i386.rpmSynopsis: Moderate: perl security updateAdvisory ID: RHSA-2005:880-01CVE Names: CVE-2005-3962 perl-5.8.5-24.RHEL4.i386.rpm perl-suidperl-5.8.5-24.RHEL4.i386.rpmSynopsis: Important: udev security updateAdvisory ID: RHSA-2005:864-01CVE Names: CVE-2005-3631 udev-039-10.10.EL4.3.i386.rpmSynopsis: Important: xpdf security updateAdvisory ID: RHSA-2005:840-02CVE Names: CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 xpdf-3.00-11.10.i386.rpm-Connie Sieh-Troy Dawsonlastline

SciLinux: CVE-2005-3191 SL 40,41,42 i386

Summary

Security Fixes

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By