What Are You Looking For?

Sign Up
Date:         Tue, 14 Oct 2008 16:16:19 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Re: Security ERRATA for thunderbird on SL4.x, SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          
In-Reply-To:  <48E3DDC3.3070601@fnal.gov>

We had a compiling problem on the SL4 x86_64 rpms.  The compiling problem has 
been fixed and is working now.  Both the x86_64 and i386 rpm's have been 
rebuilt with the new name to keep consistency.
No code has been changed.  The rpm's were only recompiled.

SL 4.x

        SRPMS:
thunderbird-1.5.0.12-16.el4.sl.src.rpm
        i386:
thunderbird-1.5.0.12-16.el4.sl.i386.rpm
        x86_64:
thunderbird-1.5.0.12-16.el4.sl.x86_64.rpm

Troy Dawson

Troy J Dawson wrote:
> Synopsis:       Moderate: thunderbird security update
> Issue date:     2008-10-01
> CVE Names:      CVE-2008-0016 CVE-2008-3835 CVE-2008-4058
>                    CVE-2008-4059 CVE-2008-4060 CVE-2008-4061
>                    CVE-2008-4062 CVE-2008-4065 CVE-2008-4066
>                    CVE-2008-4067 CVE-2008-4068 CVE-2008-4070
> 
> 
> Several flaws were found in the processing of malformed HTML mail content.
> An HTML mail message containing malicious content could cause Thunderbird
> to crash or, potentially, execute arbitrary code as the user running
> Thunderbird. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060,
> CVE-2008-4061, CVE-2008-4062)
> 
> Several flaws were found in the way malformed HTML mail content was
> displayed. An HTML mail message containing specially crafted content could
> potentially trick a Thunderbird user into surrendering sensitive
> information. (CVE-2008-3835, CVE-2008-4067, CVE-2008-4068)
> 
> A flaw was found in Thunderbird that caused certain characters to be
> stripped from JavaScript code. This flaw could allow malicious JavaScript
> to bypass or evade script filters. (CVE-2008-4065, CVE-2008-4066)
> 
> Note: JavaScript support is disabled by default in Thunderbird; the above
> issue is not exploitable unless JavaScript is enabled.
> 
> A heap based buffer overflow flaw was found in the handling of cancelled
> newsgroup messages. If the user cancels a specially crafted newsgroup
> message it could cause Thunderbird to crash or, potentially, execute
> arbitrary code as the user running Thunderbird. (CVE-2008-4070)
> 
> Note2: On SL4 this updates fixes the bug that when a URL link is clicked,
> firefox wouldn't start.  Firefox now starts when a URL link is clicked.
> 
> SL 4.x
> 
>      SRPMS:
> thunderbird-1.5.0.12-16.el4.src.rpm
>      i386:
> thunderbird-1.5.0.12-16.el4.i386.rpm
>      x86_64:
> thunderbird-1.5.0.12-16.el4.x86_64.rpm
> 
> SL 5.x
> 
>      SRPMS:
> thunderbird-2.0.0.17-1.el5.src.rpm
>      i386:
> thunderbird-2.0.0.17-1.el5.i386.rpm
>      x86_64:
> thunderbird-2.0.0.17-1.el5.x86_64.rpm
> 
> -Connie Sieh
> -Troy Dawson
> 
> 
> 


-- 
__________________________________________________
Troy Dawson  dawson@fnal.gov  (630)840-6468
Fermilab  ComputingDivision/LCSI/CSI DSS Group
__________________________________________________
Date:         Tue, 14 Oct 2008 16:16:21 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Re: Security ERRATA for cups on SL3.x, SL4.x, SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          
In-Reply-To:  <48EFA6F5.4010005@fnal.gov>

We had a compiling problem on the SL4 x86_64 rpms.  The compiling problem has 
been fixed and is working now.  Both the x86_64 and i386 rpm's have been 
rebuilt with the new name to keep consistency.
No code has been changed.  The rpm's were only recompiled.

SL 4.x

        SRPMS:
cups-1.1.22-0.rc1.9.27.el4_7.1.sl.src.rpm
        i386:
cups-1.1.22-0.rc1.9.27.el4_7.1.sl.i386.rpm
cups-devel-1.1.22-0.rc1.9.27.el4_7.1.sl.i386.rpm
cups-libs-1.1.22-0.rc1.9.27.el4_7.1.sl.i386.rpm
        x86_64:
cups-1.1.22-0.rc1.9.27.el4_7.1.sl.x86_64.rpm
cups-devel-1.1.22-0.rc1.9.27.el4_7.1.sl.x86_64.rpm
cups-libs-1.1.22-0.rc1.9.27.el4_7.1.sl.i386.rpm
cups-libs-1.1.22-0.rc1.9.27.el4_7.1.sl.x86_64.rpm

Troy Dawson

Troy J Dawson wrote:
> Synopsis:       Important: cups security update
> Issue date:     2008-10-10
> CVE Names:      CVE-2008-3639 CVE-2008-3640 CVE-2008-3641
> 
> A buffer overflow flaw was discovered in the SGI image format decoding
> routines used by the CUPS image converting filter "imagetops". An attacker
> could create a malicious SGI image file that could, possibly, execute
> arbitrary code as the "lp" user if the file was printed. (CVE-2008-3639)
> 
> An integer overflow flaw leading to a heap buffer overflow was discovered
> in the Text-to-PostScript "texttops" filter. An attacker could create a
> malicious text file that could, possibly, execute arbitrary code as the
> "lp" user if the file was printed. (CVE-2008-3640)
> 
> An insufficient buffer bounds checking flaw was discovered in the
> HP-GL/2-to-PostScript "hpgltops" filter. An attacker could create a
> malicious HP-GL/2 file that could, possibly, execute arbitrary code as the
> "lp" user if the file was printed. (CVE-2008-3641)
> 
> SL 3.0.x
> 
>       SRPMS:
> cups-1.1.17-13.3.54.src.rpm
>       i386:
> cups-1.1.17-13.3.54.i386.rpm
> cups-devel-1.1.17-13.3.54.i386.rpm
> cups-libs-1.1.17-13.3.54.i386.rpm
>       x86_64:
> cups-1.1.17-13.3.54.x86_64.rpm
> cups-devel-1.1.17-13.3.54.x86_64.rpm
> cups-libs-1.1.17-13.3.54.i386.rpm
> cups-libs-1.1.17-13.3.54.x86_64.rpm
> 
> SL 4.x
> 
>       SRPMS:
> cups-1.1.22-0.rc1.9.27.el4_7.1.src.rpm
>       i386:
> cups-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm
> cups-devel-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm
> cups-libs-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm
>       x86_64:
> cups-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpm
> cups-devel-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpm
> cups-libs-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm
> cups-libs-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpm
> 
> SL 5.x
> 
>       SRPMS:
> cups-1.2.4-11.18.el5_2.2.src.rpm
>       i386:
> cups-1.2.4-11.18.el5_2.2.i386.rpm
> cups-devel-1.2.4-11.18.el5_2.2.i386.rpm
> cups-libs-1.2.4-11.18.el5_2.2.i386.rpm
> cups-lpd-1.2.4-11.18.el5_2.2.i386.rpm
>       x86_64:
> cups-1.2.4-11.18.el5_2.2.x86_64.rpm
> cups-devel-1.2.4-11.18.el5_2.2.i386.rpm
> cups-devel-1.2.4-11.18.el5_2.2.x86_64.rpm
> cups-libs-1.2.4-11.18.el5_2.2.i386.rpm
> cups-libs-1.2.4-11.18.el5_2.2.x86_64.rpm
> cups-lpd-1.2.4-11.18.el5_2.2.x86_64.rpm
> 
> -Connie Sieh
> -Troy Dawson
> 
> 
> 


-- 
__________________________________________________
Troy Dawson  dawson@fnal.gov  (630)840-6468
Fermilab  ComputingDivision/LCSI/CSI DSS Group
__________________________________________________
Date:         Wed, 15 Oct 2008 14:01:54 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      FASTBUGS for SL 4.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

The following FASTBUGS have been uploaded to


          i386:
bash-3.0-19.7.el4_7.1.x86_64.rpm
net-snmp-5.1.2-13.el4_7.1.i386.rpm
net-snmp-devel-5.1.2-13.el4_7.1.i386.rpm
net-snmp-libs-5.1.2-13.el4_7.1.i386.rpm
net-snmp-perl-5.1.2-13.el4_7.1.i386.rpm
net-snmp-utils-5.1.2-13.el4_7.1.i386.rpm
net-tools-1.60-40.el4.i386.rpm
nspr-4.7.1-1.el4.i386.rpm
nspr-4.7.1-1.el4.x86_64.rpm
nspr-devel-4.7.1-1.el4.x86_64.rpm
nss-3.12.1.1-1.el4.i386.rpm
nss-3.12.1.1-1.el4.x86_64.rpm
nss-devel-3.12.1.1-1.el4.x86_64.rpm
         x86_64:
bash-3.0-19.7.el4_7.1.x86_64.rpm
net-snmp-5.1.2-13.el4_7.1.x86_64.rpm
net-snmp-devel-5.1.2-13.el4_7.1.x86_64.rpm
net-snmp-libs-5.1.2-13.el4_7.1.i386.rpm
net-snmp-libs-5.1.2-13.el4_7.1.x86_64.rpm
net-snmp-perl-5.1.2-13.el4_7.1.x86_64.rpm
net-snmp-utils-5.1.2-13.el4_7.1.x86_64.rpm
net-tools-1.60-40.el4.x86_64.rpm
nspr-4.7.1-1.el4.i386.rpm
nspr-4.7.1-1.el4.x86_64.rpm
nspr-devel-4.7.1-1.el4.x86_64.rpm
nss-3.12.1.1-1.el4.i386.rpm
nss-3.12.1.1-1.el4.x86_64.rpm
nss-devel-3.12.1.1-1.el4.x86_64.rpm


-Connie Sieh
-Troy Dawson
Date:         Wed, 15 Oct 2008 14:03:23 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      FASTBUGS for SL 5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

The following FASTBUGS have been uploaded to



         i386:
cdda2wav-2.01-10.7.el5.x86_64.rpm
cdrecord-2.01-10.7.el5.x86_64.rpm
cdrecord-devel-2.01-10.7.el5.i386.rpm
cdrecord-devel-2.01-10.7.el5.x86_64.rpm
freeradius-1.1.3-1.4.el5.x86_64.rpm
freeradius-mysql-1.1.3-1.4.el5.x86_64.rpm
freeradius-postgresql-1.1.3-1.4.el5.x86_64.rpm
freeradius-unixODBC-1.1.3-1.4.el5.x86_64.rpm
inews-2.4.3-8.el5.x86_64.rpm
inn-2.4.3-8.el5.x86_64.rpm
inn-devel-2.4.3-8.el5.i386.rpm
inn-devel-2.4.3-8.el5.x86_64.rpm
libdhcp-1.20-5.el5_2.1.i386.rpm
libdhcp-devel-1.20-5.el5_2.1.i386.rpm
mkisofs-2.01-10.7.el5.x86_64.rpm
OpenIPMI-2.0.6-6.el5_2.2.i386.rpm
OpenIPMI-devel-2.0.6-6.el5_2.2.i386.rpm
OpenIPMI-libs-2.0.6-6.el5_2.2.i386.rpm
OpenIPMI-perl-2.0.6-6.el5_2.2.i386.rpm
OpenIPMI-python-2.0.6-6.el5_2.2.i386.rpm
OpenIPMI-tools-2.0.6-6.el5_2.2.i386.rpm
sabayon-2.12.4-6.el5.x86_64.rpm
sabayon-apply-2.12.4-6.el5.x86_64.rpm
xfig-3.2.4-21.3.el5.x86_64.rpm

        x86_64:
cdda2wav-2.01-10.7.el5.i386.rpm
cdrecord-2.01-10.7.el5.i386.rpm
cdrecord-devel-2.01-10.7.el5.i386.rpm
freeradius-1.1.3-1.4.el5.i386.rpm
freeradius-mysql-1.1.3-1.4.el5.i386.rpm
freeradius-postgresql-1.1.3-1.4.el5.i386.rpm
freeradius-unixODBC-1.1.3-1.4.el5.i386.rpm
inews-2.4.3-8.el5.i386.rpm
inn-2.4.3-8.el5.i386.rpm
inn-devel-2.4.3-8.el5.i386.rpm
libdhcp-1.20-5.el5_2.1.i386.rpm
libdhcp-1.20-5.el5_2.1.x86_64.rpm
libdhcp-devel-1.20-5.el5_2.1.i386.rpm
libdhcp-devel-1.20-5.el5_2.1.x86_64.rpm
mkisofs-2.01-10.7.el5.i386.rpm
OpenIPMI-2.0.6-6.el5_2.2.x86_64.rpm
OpenIPMI-devel-2.0.6-6.el5_2.2.i386.rpm
OpenIPMI-devel-2.0.6-6.el5_2.2.x86_64.rpm
OpenIPMI-libs-2.0.6-6.el5_2.2.i386.rpm
OpenIPMI-libs-2.0.6-6.el5_2.2.x86_64.rpm
OpenIPMI-perl-2.0.6-6.el5_2.2.x86_64.rpm
OpenIPMI-python-2.0.6-6.el5_2.2.x86_64.rpm
OpenIPMI-tools-2.0.6-6.el5_2.2.x86_64.rpm
sabayon-2.12.4-6.el5.i386.rpm
sabayon-apply-2.12.4-6.el5.i386.rpm
xfig-3.2.4-21.3.el5.i386.rpm


-Connie Sieh
-Troy Dawson
Date:         Wed, 22 Oct 2008 18:58:19 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA for ed on SL3.x, SL4.x, SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Moderate: ed security update
Issue date:	2008-10-21
CVE Names:	CVE-2008-3916

A heap-based buffer overflow was discovered in the way ed, the GNU line
editor, processed long file names. An attacker could create a file with 
a specially-crafted name that could possibly execute an arbitrary code 
when opened in the ed editor. (CVE-2008-3916)

SL 3.0.x

      SRPMS:
ed-0.2-33.30E.1.src.rpm
      i386:
ed-0.2-33.30E.1.i386.rpm
      x86_64:
ed-0.2-33.30E.1.x86_64.rpm

SL 4.x

      SRPMS:
ed-0.2-36.el4_7.1.src.rpm
      i386:
ed-0.2-36.el4_7.1.i386.rpm
      x86_64:
ed-0.2-36.el4_7.1.x86_64.rpm

SL 5.x

      SRPMS:
ed-0.2-39.el5_2.src.rpm
      i386:
ed-0.2-39.el5_2.i386.rpm
      x86_64:
ed-0.2-39.el5_2.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2008-0016 ed SL3.x, SL4.x, SL5.x i386/x86_64

Moderate: ed security update

Summary

Date:         Tue, 14 Oct 2008 16:16:19 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Re: Security ERRATA for thunderbird on SL4.x, SL5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          In-Reply-To:  <48E3DDC3.3070601@fnal.gov>We had a compiling problem on the SL4 x86_64 rpms.  The compiling problem has been fixed and is working now.  Both the x86_64 and i386 rpm's have been rebuilt with the new name to keep consistency.No code has been changed.  The rpm's were only recompiled.SL 4.x        SRPMS:thunderbird-1.5.0.12-16.el4.sl.src.rpm        i386:thunderbird-1.5.0.12-16.el4.sl.i386.rpm        x86_64:thunderbird-1.5.0.12-16.el4.sl.x86_64.rpmTroy DawsonTroy J Dawson wrote:> Synopsis:       Moderate: thunderbird security update> Issue date:     2008-10-01> CVE Names:      CVE-2008-0016 CVE-2008-3835 CVE-2008-4058>                    CVE-2008-4059 CVE-2008-4060 CVE-2008-4061>                    CVE-2008-4062 CVE-2008-4065 CVE-2008-4066>                    CVE-2008-4067 CVE-2008-4068 CVE-2008-4070> > > Several flaws were found in the processing of malformed HTML mail content.> An HTML mail message containing malicious content could cause Thunderbird> to crash or, potentially, execute arbitrary code as the user running> Thunderbird. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060,> CVE-2008-4061, CVE-2008-4062)> > Several flaws were found in the way malformed HTML mail content was> displayed. An HTML mail message containing specially crafted content could> potentially trick a Thunderbird user into surrendering sensitive> information. (CVE-2008-3835, CVE-2008-4067, CVE-2008-4068)> > A flaw was found in Thunderbird that caused certain characters to be> stripped from JavaScript code. This flaw could allow malicious JavaScript> to bypass or evade script filters. (CVE-2008-4065, CVE-2008-4066)> > Note: JavaScript support is disabled by default in Thunderbird; the above> issue is not exploitable unless JavaScript is enabled.> > A heap based buffer overflow flaw was found in the handling of cancelled> newsgroup messages. If the user cancels a specially crafted newsgroup> message it could cause Thunderbird to crash or, potentially, execute> arbitrary code as the user running Thunderbird. (CVE-2008-4070)> > Note2: On SL4 this updates fixes the bug that when a URL link is clicked,> firefox wouldn't start.  Firefox now starts when a URL link is clicked.> > SL 4.x> >      SRPMS:> thunderbird-1.5.0.12-16.el4.src.rpm>      i386:> thunderbird-1.5.0.12-16.el4.i386.rpm>      x86_64:> thunderbird-1.5.0.12-16.el4.x86_64.rpm> > SL 5.x> >      SRPMS:> thunderbird-2.0.0.17-1.el5.src.rpm>      i386:> thunderbird-2.0.0.17-1.el5.i386.rpm>      x86_64:> thunderbird-2.0.0.17-1.el5.x86_64.rpm> > -Connie Sieh> -Troy Dawson> > > -- __________________________________________________Troy Dawson  dawson@fnal.gov  (630)840-6468Fermilab  ComputingDivision/LCSI/CSI DSS Group__________________________________________________Date:         Tue, 14 Oct 2008 16:16:21 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Re: Security ERRATA for cups on SL3.x, SL4.x, SL5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          In-Reply-To:  <48EFA6F5.4010005@fnal.gov>We had a compiling problem on the SL4 x86_64 rpms.  The compiling problem has been fixed and is working now.  Both the x86_64 and i386 rpm's have been rebuilt with the new name to keep consistency.No code has been changed.  The rpm's were only recompiled.SL 4.x        SRPMS:cups-1.1.22-0.rc1.9.27.el4_7.1.sl.src.rpm        i386:cups-1.1.22-0.rc1.9.27.el4_7.1.sl.i386.rpmcups-devel-1.1.22-0.rc1.9.27.el4_7.1.sl.i386.rpmcups-libs-1.1.22-0.rc1.9.27.el4_7.1.sl.i386.rpm        x86_64:cups-1.1.22-0.rc1.9.27.el4_7.1.sl.x86_64.rpmcups-devel-1.1.22-0.rc1.9.27.el4_7.1.sl.x86_64.rpmcups-libs-1.1.22-0.rc1.9.27.el4_7.1.sl.i386.rpmcups-libs-1.1.22-0.rc1.9.27.el4_7.1.sl.x86_64.rpmTroy DawsonTroy J Dawson wrote:> Synopsis:       Important: cups security update> Issue date:     2008-10-10> CVE Names:      CVE-2008-3639 CVE-2008-3640 CVE-2008-3641> > A buffer overflow flaw was discovered in the SGI image format decoding> routines used by the CUPS image converting filter "imagetops". An attacker> could create a malicious SGI image file that could, possibly, execute> arbitrary code as the "lp" user if the file was printed. (CVE-2008-3639)> > An integer overflow flaw leading to a heap buffer overflow was discovered> in the Text-to-PostScript "texttops" filter. An attacker could create a> malicious text file that could, possibly, execute arbitrary code as the> "lp" user if the file was printed. (CVE-2008-3640)> > An insufficient buffer bounds checking flaw was discovered in the> HP-GL/2-to-PostScript "hpgltops" filter. An attacker could create a> malicious HP-GL/2 file that could, possibly, execute arbitrary code as the> "lp" user if the file was printed. (CVE-2008-3641)> > SL 3.0.x> >       SRPMS:> cups-1.1.17-13.3.54.src.rpm>       i386:> cups-1.1.17-13.3.54.i386.rpm> cups-devel-1.1.17-13.3.54.i386.rpm> cups-libs-1.1.17-13.3.54.i386.rpm>       x86_64:> cups-1.1.17-13.3.54.x86_64.rpm> cups-devel-1.1.17-13.3.54.x86_64.rpm> cups-libs-1.1.17-13.3.54.i386.rpm> cups-libs-1.1.17-13.3.54.x86_64.rpm> > SL 4.x> >       SRPMS:> cups-1.1.22-0.rc1.9.27.el4_7.1.src.rpm>       i386:> cups-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm> cups-devel-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm> cups-libs-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm>       x86_64:> cups-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpm> cups-devel-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpm> cups-libs-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm> cups-libs-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpm> > SL 5.x> >       SRPMS:> cups-1.2.4-11.18.el5_2.2.src.rpm>       i386:> cups-1.2.4-11.18.el5_2.2.i386.rpm> cups-devel-1.2.4-11.18.el5_2.2.i386.rpm> cups-libs-1.2.4-11.18.el5_2.2.i386.rpm> cups-lpd-1.2.4-11.18.el5_2.2.i386.rpm>       x86_64:> cups-1.2.4-11.18.el5_2.2.x86_64.rpm> cups-devel-1.2.4-11.18.el5_2.2.i386.rpm> cups-devel-1.2.4-11.18.el5_2.2.x86_64.rpm> cups-libs-1.2.4-11.18.el5_2.2.i386.rpm> cups-libs-1.2.4-11.18.el5_2.2.x86_64.rpm> cups-lpd-1.2.4-11.18.el5_2.2.x86_64.rpm> > -Connie Sieh> -Troy Dawson> > > -- __________________________________________________Troy Dawson  dawson@fnal.gov  (630)840-6468Fermilab  ComputingDivision/LCSI/CSI DSS Group__________________________________________________Date:         Wed, 15 Oct 2008 14:01:54 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      FASTBUGS for SL 4.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          The following FASTBUGS have been uploaded to          i386:bash-3.0-19.7.el4_7.1.x86_64.rpmnet-snmp-5.1.2-13.el4_7.1.i386.rpmnet-snmp-devel-5.1.2-13.el4_7.1.i386.rpmnet-snmp-libs-5.1.2-13.el4_7.1.i386.rpmnet-snmp-perl-5.1.2-13.el4_7.1.i386.rpmnet-snmp-utils-5.1.2-13.el4_7.1.i386.rpmnet-tools-1.60-40.el4.i386.rpmnspr-4.7.1-1.el4.i386.rpmnspr-4.7.1-1.el4.x86_64.rpmnspr-devel-4.7.1-1.el4.x86_64.rpmnss-3.12.1.1-1.el4.i386.rpmnss-3.12.1.1-1.el4.x86_64.rpmnss-devel-3.12.1.1-1.el4.x86_64.rpm         x86_64:bash-3.0-19.7.el4_7.1.x86_64.rpmnet-snmp-5.1.2-13.el4_7.1.x86_64.rpmnet-snmp-devel-5.1.2-13.el4_7.1.x86_64.rpmnet-snmp-libs-5.1.2-13.el4_7.1.i386.rpmnet-snmp-libs-5.1.2-13.el4_7.1.x86_64.rpmnet-snmp-perl-5.1.2-13.el4_7.1.x86_64.rpmnet-snmp-utils-5.1.2-13.el4_7.1.x86_64.rpmnet-tools-1.60-40.el4.x86_64.rpmnspr-4.7.1-1.el4.i386.rpmnspr-4.7.1-1.el4.x86_64.rpmnspr-devel-4.7.1-1.el4.x86_64.rpmnss-3.12.1.1-1.el4.i386.rpmnss-3.12.1.1-1.el4.x86_64.rpmnss-devel-3.12.1.1-1.el4.x86_64.rpm-Connie Sieh-Troy DawsonDate:         Wed, 15 Oct 2008 14:03:23 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      FASTBUGS for SL 5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          The following FASTBUGS have been uploaded to         i386:cdda2wav-2.01-10.7.el5.x86_64.rpmcdrecord-2.01-10.7.el5.x86_64.rpmcdrecord-devel-2.01-10.7.el5.i386.rpmcdrecord-devel-2.01-10.7.el5.x86_64.rpmfreeradius-1.1.3-1.4.el5.x86_64.rpmfreeradius-mysql-1.1.3-1.4.el5.x86_64.rpmfreeradius-postgresql-1.1.3-1.4.el5.x86_64.rpmfreeradius-unixODBC-1.1.3-1.4.el5.x86_64.rpminews-2.4.3-8.el5.x86_64.rpminn-2.4.3-8.el5.x86_64.rpminn-devel-2.4.3-8.el5.i386.rpminn-devel-2.4.3-8.el5.x86_64.rpmlibdhcp-1.20-5.el5_2.1.i386.rpmlibdhcp-devel-1.20-5.el5_2.1.i386.rpmmkisofs-2.01-10.7.el5.x86_64.rpmOpenIPMI-2.0.6-6.el5_2.2.i386.rpmOpenIPMI-devel-2.0.6-6.el5_2.2.i386.rpmOpenIPMI-libs-2.0.6-6.el5_2.2.i386.rpmOpenIPMI-perl-2.0.6-6.el5_2.2.i386.rpmOpenIPMI-python-2.0.6-6.el5_2.2.i386.rpmOpenIPMI-tools-2.0.6-6.el5_2.2.i386.rpmsabayon-2.12.4-6.el5.x86_64.rpmsabayon-apply-2.12.4-6.el5.x86_64.rpmxfig-3.2.4-21.3.el5.x86_64.rpm        x86_64:cdda2wav-2.01-10.7.el5.i386.rpmcdrecord-2.01-10.7.el5.i386.rpmcdrecord-devel-2.01-10.7.el5.i386.rpmfreeradius-1.1.3-1.4.el5.i386.rpmfreeradius-mysql-1.1.3-1.4.el5.i386.rpmfreeradius-postgresql-1.1.3-1.4.el5.i386.rpmfreeradius-unixODBC-1.1.3-1.4.el5.i386.rpminews-2.4.3-8.el5.i386.rpminn-2.4.3-8.el5.i386.rpminn-devel-2.4.3-8.el5.i386.rpmlibdhcp-1.20-5.el5_2.1.i386.rpmlibdhcp-1.20-5.el5_2.1.x86_64.rpmlibdhcp-devel-1.20-5.el5_2.1.i386.rpmlibdhcp-devel-1.20-5.el5_2.1.x86_64.rpmmkisofs-2.01-10.7.el5.i386.rpmOpenIPMI-2.0.6-6.el5_2.2.x86_64.rpmOpenIPMI-devel-2.0.6-6.el5_2.2.i386.rpmOpenIPMI-devel-2.0.6-6.el5_2.2.x86_64.rpmOpenIPMI-libs-2.0.6-6.el5_2.2.i386.rpmOpenIPMI-libs-2.0.6-6.el5_2.2.x86_64.rpmOpenIPMI-perl-2.0.6-6.el5_2.2.x86_64.rpmOpenIPMI-python-2.0.6-6.el5_2.2.x86_64.rpmOpenIPMI-tools-2.0.6-6.el5_2.2.x86_64.rpmsabayon-2.12.4-6.el5.i386.rpmsabayon-apply-2.12.4-6.el5.i386.rpmxfig-3.2.4-21.3.el5.i386.rpm-Connie Sieh-Troy DawsonDate:         Wed, 22 Oct 2008 18:58:19 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Security ERRATA for ed on SL3.x, SL4.x, SL5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          Synopsis:	Moderate: ed security updateIssue date:	2008-10-21CVE Names:	CVE-2008-3916A heap-based buffer overflow was discovered in the way ed, the GNU lineeditor, processed long file names. An attacker could create a file with a specially-crafted name that could possibly execute an arbitrary code when opened in the ed editor. (CVE-2008-3916)SL 3.0.x      SRPMS:ed-0.2-33.30E.1.src.rpm      i386:ed-0.2-33.30E.1.i386.rpm      x86_64:ed-0.2-33.30E.1.x86_64.rpmSL 4.x      SRPMS:ed-0.2-36.el4_7.1.src.rpm      i386:ed-0.2-36.el4_7.1.i386.rpm      x86_64:ed-0.2-36.el4_7.1.x86_64.rpmSL 5.x      SRPMS:ed-0.2-39.el5_2.src.rpm      i386:ed-0.2-39.el5_2.i386.rpm      x86_64:ed-0.2-39.el5_2.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity

Related News

Security Highlights from KubeCon + CloudNativeCon 2023

Nov 18, 2023

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo