Stay Vigilant with Timely Linux Security Advisories

Loading...

security advisoryred hatcritical impact

Red Hat Enterprise Linux 6 and 7: RHSA-2015-0067-01 Critical Java Update

Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: RHSA-2015:0067-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2015:0067.html Issue date: 2015-01-21 CVE Names: CVE-2014-3566 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 ==================================================================== 1. Summary: Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red HatEnterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support ifneeded. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via theRed Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1123870 - CVE-2015-0383 OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807) 1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack 1183020 - CVE-2014-6601 OpenJDK: class verifier insufficient invokespecial calls verification (Hotspot, 8058982) 1183021 - CVE-2015-0412 OpenJDK: insufficient code privileges checks (JAX-WS, 8054367) 1183023 - CVE-2015-0408 OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309) 1183031 - CVE-2015-0395 OpenJDK: phantom references handling issue in garbage collector (Hotspot, 8047125) 1183043 - CVE-2015-0407 OpenJDK: directory information leak via file chooser (Swing, 8055304) 1183044 - CVE-2015-0410 OpenJDK: DER decoder infinite loop (Security, 8059485) 1183049 - CVE-2014-6593 OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555) 1183645 - CVE-2014-6585 ICU: font parsing OOB read (OpenJDK 2D, 8055489) 1183646 - CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276) 1183715 - CVE-2014-6587 OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.src.rpm i386: java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el6_6.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v.6): i386: java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el6_6.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.0.el6_6.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): noarch: java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.0.el6_6.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.src.rpm i386: java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el6_6.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el6_6.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.0.el6_6.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation (v.6): Source: java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.src.rpm i386: java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el6_6.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el6_6.i686.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el6_6.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.0.el6_6.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el6_6.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: java-1.7.0-openjdk-1.7.0.75-2.5.4.2.el7_0.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.2.el7_0.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: java-1.7.0-openjdk-1.7.0.75-2.5.4.2.el7_0.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v.7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.2.el7_0.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: java-1.7.0-openjdk-1.7.0.75-2.5.4.2.el7_0.src.rpm ppc64: java-1.7.0-openjdk-1.7.0.75-2.5.4.2.el7_0.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.ppc64.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.2.el7_0.ppc64.rpm java-1.7.0-openjdk-headless-1.7.0.75-2.5.4.2.el7_0.ppc64.rpm s390x: java-1.7.0-openjdk-1.7.0.75-2.5.4.2.el7_0.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.s390x.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.2.el7_0.s390x.rpm java-1.7.0-openjdk-headless-1.7.0.75-2.5.4.2.el7_0.s390x.rpm x86_64: java-1.7.0-openjdk-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.2.el7_0.noarch.rpm ppc64: java-1.7.0-openjdk-accessibility-1.7.0.75-2.5.4.2.el7_0.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.ppc64.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.2.el7_0.ppc64.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.2.el7_0.ppc64.rpm s390x: java-1.7.0-openjdk-accessibility-1.7.0.75-2.5.4.2.el7_0.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.s390x.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.2.el7_0.s390x.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.2.el7_0.s390x.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.7.0-openjdk-1.7.0.75-2.5.4.2.el7_0.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.2.el7_0.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.75-2.5.4.2.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2014-3566 https://access.redhat.com/security/cve/CVE-2014-6585 https://access.redhat.com/security/cve/CVE-2014-6587 https://access.redhat.com/security/cve/CVE-2014-6591 https://access.redhat.com/security/cve/CVE-2014-6593 https://access.redhat.com/security/cve/CVE-2014-6601 https://access.redhat.com/security/cve/CVE-2015-0383 https://access.redhat.com/security/cve/CVE-2015-0395 https://access.redhat.com/security/cve/CVE-2015-0407 https://access.redhat.com/security/cve/CVE-2015-0408 https://access.redhat.com/security/cve/CVE-2015-0410 https://access.redhat.com/security/cve/CVE-2015-0412 https://access.redhat.com/security/updates/classification#critical https://bugzilla.redhat.com/show_bug.cgi?id=1152789#c82 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUwDLdXlSAg2UNWIIRAvITAJwNYQcKMQzMcUxd8kN51Ur4EaIwZACfa3pb CKtb1wylDFTrIMgCbaIMeCc=QHW4 -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Important Java security patch released by Red Hat addresses several vulnerabilities in java-1.7.0-openjdk impacting RHEL 6 and RHEL 7 systems.. Red Hat, OpenJDK, critical update, security patch, java fixes. . Severity: Critical. LinuxSecurity.com Team

Jan 21, 2015 •Critical Red Hat

security advisorymoderatesecurity update

Moderate SSL Vulnerability Patch for Red Hat Enterprise Linux 5 & 6

Updated jakarta-commons-httpclient packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: jakarta-commons-httpclient security update Advisory ID: RHSA-2013:0270-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2013:0270.html Issue date: 2013-02-19 CVE Names: CVE-2012-5783 ==================================================================== 1. Summary: Updated jakarta-commons-httpclient packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The Jakarta Commons HttpClient component can be used to build HTTP-aware client applications (such as webbrowsers and web service clients). The Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783) All users of jakarta-commons-httpclient are advised to upgrade to these updated packages, which correct this issue. Applications using the Jakarta Commons HttpClient component must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 873317 - CVE-2012-5783 jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: jakarta-commons-httpclient-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.i386.rpm x86_64: jakarta-commons-httpclient-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: i386: jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.i386.rpm x86_64: jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: jakarta-commons-httpclient-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.i386.rpm ia64: jakarta-commons-httpclient-3.0-7jpp.2.ia64.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.ia64.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.ia64.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.ia64.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.ia64.rpm ppc: jakarta-commons-httpclient-3.0-7jpp.2.ppc.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.ppc.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.ppc.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.ppc.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.ppc.rpm s390x: jakarta-commons-httpclient-3.0-7jpp.2.s390x.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.s390x.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.s390x.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.s390x.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.s390x.rpm x86_64: jakarta-commons-httpclient-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: i386: jakarta-commons-httpclient-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm x86_64: jakarta-commons-httpclient-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v.6): Source: i386: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.i686.rpm x86_64: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: jakarta-commons-httpclient-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: x86_64: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: i386: jakarta-commons-httpclient-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm ppc64: jakarta-commons-httpclient-3.1-0.7.el6_3.ppc64.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.ppc64.rpm s390x: jakarta-commons-httpclient-3.1-0.7.el6_3.s390x.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.s390x.rpm x86_64: jakarta-commons-httpclient-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.6): Source: i386: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.i686.rpm ppc64: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.ppc64.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.ppc64.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.ppc64.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.ppc64.rpm s390x: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.s390x.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.s390x.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.s390x.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.s390x.rpm x86_64: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: jakarta-commons-httpclient-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm x86_64: jakarta-commons-httpclient-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: i386: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.i686.rpm x86_64: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7.References: https://access.redhat.com/security/cve/CVE-2012-5783 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFRJA9fXlSAg2UNWIIRAsQ1AKCkuHaDELxc4oWJ8N3zkyqw8l1kUACgliOH FVcJP4CETrDazEdHeZsXoq8=rtPB -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . An update for jakarta-commons-httpclient on Red Hat Enterprise Linux has been released to remedy a moderate security vulnerability that affects SSL connections.. Red Hat Enterprise Linux,jakarta-commons-httpclient,SSL security,HTTPS connection integrity,maintaining secure communications. . LinuxSecurity.com Team

Feb 19, 2013 Red Hat

security advisorylow severityred hat enterprise

Red Hat Enterprise Linux 6: RHSA-2010:0862-02 Low: NSS SSL Flaw

Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Low: nss security update Advisory ID: RHSA-2010:0862-02 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2010:0862.html Issue date: 2010-11-10 CVE Names: CVE-2010-3170 ==================================================================== 1. Summary: Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the development of security-enabled client and server applications. A flaw was found in the way NSS matched SSL certificates when the certificates had a Common Name containing a wildcard and a partial IP address. NSS incorrectly accepted connections to IP addresses that fell within the SSL certificate's wildcard range asvalid SSL connections, possibly allowing an attacker to conduct a man-in-the-middle attack. (CVE-2010-3170) All NSS users should upgrade to these updated packages, which provide NSS version 3.12.8 to resolve this issue. After installing the update, applications using NSS must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 630047 - CVE-2010-3170 firefox/nss: doesn't handle IP-based wildcards in X509 certificates safely 642410 - nss update needed for firefox 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: i386: nss-3.12.8-1.el6_0.i686.rpm nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-softokn-3.12.8-1.el6_0.i686.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.i686.rpm nss-softokn-freebl-3.12.8-1.el6_0.i686.rpm nss-sysinit-3.12.8-1.el6_0.i686.rpm nss-tools-3.12.8-1.el6_0.i686.rpm nss-util-3.12.8-1.el6_0.i686.rpm nss-util-debuginfo-3.12.8-1.el6_0.i686.rpm x86_64: nss-3.12.8-1.el6_0.i686.rpm nss-3.12.8-1.el6_0.x86_64.rpm nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-softokn-3.12.8-1.el6_0.i686.rpm nss-softokn-3.12.8-1.el6_0.x86_64.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.i686.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-softokn-freebl-3.12.8-1.el6_0.i686.rpm nss-softokn-freebl-3.12.8-1.el6_0.x86_64.rpm nss-sysinit-3.12.8-1.el6_0.x86_64.rpm nss-tools-3.12.8-1.el6_0.x86_64.rpm nss-util-3.12.8-1.el6_0.i686.rpm nss-util-3.12.8-1.el6_0.x86_64.rpm nss-util-debuginfo-3.12.8-1.el6_0.i686.rpm nss-util-debuginfo-3.12.8-1.el6_0.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v.6): Source: i386: nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-devel-3.12.8-1.el6_0.i686.rpm nss-pkcs11-devel-3.12.8-1.el6_0.i686.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.i686.rpm nss-softokn-devel-3.12.8-1.el6_0.i686.rpm nss-util-debuginfo-3.12.8-1.el6_0.i686.rpm nss-util-devel-3.12.8-1.el6_0.i686.rpm x86_64: nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-devel-3.12.8-1.el6_0.i686.rpm nss-devel-3.12.8-1.el6_0.x86_64.rpm nss-pkcs11-devel-3.12.8-1.el6_0.i686.rpm nss-pkcs11-devel-3.12.8-1.el6_0.x86_64.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.i686.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-softokn-devel-3.12.8-1.el6_0.i686.rpm nss-softokn-devel-3.12.8-1.el6_0.x86_64.rpm nss-util-debuginfo-3.12.8-1.el6_0.i686.rpm nss-util-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-util-devel-3.12.8-1.el6_0.i686.rpm nss-util-devel-3.12.8-1.el6_0.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: nss-3.12.8-1.el6_0.i686.rpm nss-3.12.8-1.el6_0.x86_64.rpm nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-softokn-3.12.8-1.el6_0.i686.rpm nss-softokn-3.12.8-1.el6_0.x86_64.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.i686.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-softokn-freebl-3.12.8-1.el6_0.i686.rpm nss-softokn-freebl-3.12.8-1.el6_0.x86_64.rpm nss-sysinit-3.12.8-1.el6_0.x86_64.rpm nss-tools-3.12.8-1.el6_0.x86_64.rpm nss-util-3.12.8-1.el6_0.i686.rpm nss-util-3.12.8-1.el6_0.x86_64.rpm nss-util-debuginfo-3.12.8-1.el6_0.i686.rpm nss-util-debuginfo-3.12.8-1.el6_0.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v.6): Source: x86_64: nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-devel-3.12.8-1.el6_0.i686.rpm nss-devel-3.12.8-1.el6_0.x86_64.rpm nss-pkcs11-devel-3.12.8-1.el6_0.i686.rpm nss-pkcs11-devel-3.12.8-1.el6_0.x86_64.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.i686.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-softokn-devel-3.12.8-1.el6_0.i686.rpm nss-softokn-devel-3.12.8-1.el6_0.x86_64.rpm nss-util-debuginfo-3.12.8-1.el6_0.i686.rpm nss-util-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-util-devel-3.12.8-1.el6_0.i686.rpm nss-util-devel-3.12.8-1.el6_0.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: i386: nss-3.12.8-1.el6_0.i686.rpm nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-devel-3.12.8-1.el6_0.i686.rpm nss-softokn-3.12.8-1.el6_0.i686.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.i686.rpm nss-softokn-devel-3.12.8-1.el6_0.i686.rpm nss-softokn-freebl-3.12.8-1.el6_0.i686.rpm nss-sysinit-3.12.8-1.el6_0.i686.rpm nss-tools-3.12.8-1.el6_0.i686.rpm nss-util-3.12.8-1.el6_0.i686.rpm nss-util-debuginfo-3.12.8-1.el6_0.i686.rpm nss-util-devel-3.12.8-1.el6_0.i686.rpm ppc64: nss-3.12.8-1.el6_0.ppc.rpm nss-3.12.8-1.el6_0.ppc64.rpm nss-debuginfo-3.12.8-1.el6_0.ppc.rpm nss-debuginfo-3.12.8-1.el6_0.ppc64.rpm nss-devel-3.12.8-1.el6_0.ppc.rpm nss-devel-3.12.8-1.el6_0.ppc64.rpm nss-softokn-3.12.8-1.el6_0.ppc.rpm nss-softokn-3.12.8-1.el6_0.ppc64.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.ppc.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.ppc64.rpm nss-softokn-devel-3.12.8-1.el6_0.ppc.rpm nss-softokn-devel-3.12.8-1.el6_0.ppc64.rpm nss-softokn-freebl-3.12.8-1.el6_0.ppc.rpm nss-softokn-freebl-3.12.8-1.el6_0.ppc64.rpm nss-sysinit-3.12.8-1.el6_0.ppc64.rpm nss-tools-3.12.8-1.el6_0.ppc64.rpm nss-util-3.12.8-1.el6_0.ppc.rpm nss-util-3.12.8-1.el6_0.ppc64.rpm nss-util-debuginfo-3.12.8-1.el6_0.ppc.rpm nss-util-debuginfo-3.12.8-1.el6_0.ppc64.rpm nss-util-devel-3.12.8-1.el6_0.ppc.rpm nss-util-devel-3.12.8-1.el6_0.ppc64.rpm s390x: nss-3.12.8-1.el6_0.s390.rpm nss-3.12.8-1.el6_0.s390x.rpm nss-debuginfo-3.12.8-1.el6_0.s390.rpm nss-debuginfo-3.12.8-1.el6_0.s390x.rpm nss-devel-3.12.8-1.el6_0.s390.rpm nss-devel-3.12.8-1.el6_0.s390x.rpm nss-softokn-3.12.8-1.el6_0.s390.rpm nss-softokn-3.12.8-1.el6_0.s390x.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.s390.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.s390x.rpm nss-softokn-devel-3.12.8-1.el6_0.s390.rpm nss-softokn-devel-3.12.8-1.el6_0.s390x.rpm nss-softokn-freebl-3.12.8-1.el6_0.s390.rpm nss-softokn-freebl-3.12.8-1.el6_0.s390x.rpm nss-sysinit-3.12.8-1.el6_0.s390x.rpm nss-tools-3.12.8-1.el6_0.s390x.rpm nss-util-3.12.8-1.el6_0.s390.rpm nss-util-3.12.8-1.el6_0.s390x.rpm nss-util-debuginfo-3.12.8-1.el6_0.s390.rpm nss-util-debuginfo-3.12.8-1.el6_0.s390x.rpm nss-util-devel-3.12.8-1.el6_0.s390.rpm nss-util-devel-3.12.8-1.el6_0.s390x.rpm x86_64: nss-3.12.8-1.el6_0.i686.rpm nss-3.12.8-1.el6_0.x86_64.rpm nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-devel-3.12.8-1.el6_0.i686.rpm nss-devel-3.12.8-1.el6_0.x86_64.rpm nss-softokn-3.12.8-1.el6_0.i686.rpm nss-softokn-3.12.8-1.el6_0.x86_64.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.i686.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-softokn-devel-3.12.8-1.el6_0.i686.rpm nss-softokn-devel-3.12.8-1.el6_0.x86_64.rpm nss-softokn-freebl-3.12.8-1.el6_0.i686.rpm nss-softokn-freebl-3.12.8-1.el6_0.x86_64.rpm nss-sysinit-3.12.8-1.el6_0.x86_64.rpm nss-tools-3.12.8-1.el6_0.x86_64.rpm nss-util-3.12.8-1.el6_0.i686.rpm nss-util-3.12.8-1.el6_0.x86_64.rpm nss-util-debuginfo-3.12.8-1.el6_0.i686.rpm nss-util-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-util-devel-3.12.8-1.el6_0.i686.rpm nss-util-devel-3.12.8-1.el6_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: i386: nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-pkcs11-devel-3.12.8-1.el6_0.i686.rpm ppc64: nss-debuginfo-3.12.8-1.el6_0.ppc.rpm nss-debuginfo-3.12.8-1.el6_0.ppc64.rpm nss-pkcs11-devel-3.12.8-1.el6_0.ppc.rpm nss-pkcs11-devel-3.12.8-1.el6_0.ppc64.rpm s390x: nss-debuginfo-3.12.8-1.el6_0.s390.rpm nss-debuginfo-3.12.8-1.el6_0.s390x.rpm nss-pkcs11-devel-3.12.8-1.el6_0.s390.rpm nss-pkcs11-devel-3.12.8-1.el6_0.s390x.rpm x86_64: nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-pkcs11-devel-3.12.8-1.el6_0.i686.rpm nss-pkcs11-devel-3.12.8-1.el6_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v.6): Source: i386: nss-3.12.8-1.el6_0.i686.rpm nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-devel-3.12.8-1.el6_0.i686.rpm nss-softokn-3.12.8-1.el6_0.i686.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.i686.rpm nss-softokn-devel-3.12.8-1.el6_0.i686.rpm nss-softokn-freebl-3.12.8-1.el6_0.i686.rpm nss-sysinit-3.12.8-1.el6_0.i686.rpm nss-tools-3.12.8-1.el6_0.i686.rpm nss-util-3.12.8-1.el6_0.i686.rpm nss-util-debuginfo-3.12.8-1.el6_0.i686.rpm nss-util-devel-3.12.8-1.el6_0.i686.rpm x86_64: nss-3.12.8-1.el6_0.i686.rpm nss-3.12.8-1.el6_0.x86_64.rpm nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-devel-3.12.8-1.el6_0.i686.rpm nss-devel-3.12.8-1.el6_0.x86_64.rpm nss-softokn-3.12.8-1.el6_0.i686.rpm nss-softokn-3.12.8-1.el6_0.x86_64.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.i686.rpm nss-softokn-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-softokn-devel-3.12.8-1.el6_0.i686.rpm nss-softokn-devel-3.12.8-1.el6_0.x86_64.rpm nss-softokn-freebl-3.12.8-1.el6_0.i686.rpm nss-softokn-freebl-3.12.8-1.el6_0.x86_64.rpm nss-sysinit-3.12.8-1.el6_0.x86_64.rpm nss-tools-3.12.8-1.el6_0.x86_64.rpm nss-util-3.12.8-1.el6_0.i686.rpm nss-util-3.12.8-1.el6_0.x86_64.rpm nss-util-debuginfo-3.12.8-1.el6_0.i686.rpm nss-util-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-util-devel-3.12.8-1.el6_0.i686.rpm nss-util-devel-3.12.8-1.el6_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: i386: nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-pkcs11-devel-3.12.8-1.el6_0.i686.rpm x86_64: nss-debuginfo-3.12.8-1.el6_0.i686.rpm nss-debuginfo-3.12.8-1.el6_0.x86_64.rpm nss-pkcs11-devel-3.12.8-1.el6_0.i686.rpm nss-pkcs11-devel-3.12.8-1.el6_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2010-3170 https://access.redhat.com/security/updates/classification#low 8. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFM2vNDXlSAg2UNWIIRApQNAJ9Kr9KIIJnTX9BN4i7oYBBGPLKBWACfbyS1 wgSRoNeOv95ypUW44Fm3sNs=ef0G -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Recent modifications to NSS packages resolve a minor security vulnerability in Red Hat Enterprise Linux concerning SSL wildcards and IP addresses.. NSS Security Update, Red Hat Advisory, Low Severity Update, Man-in-the-Middle Threat. . Severity: Low. LinuxSecurity.com Team

Nov 10, 2010 •Low Red Hat

security advisorymoderatered hat

Red Hat 5: RHSA-2007:0965-01 Moderate: Ruby SSL Certificate Flaw

Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 5. An SSL certificate validation flaw was discovered in several Ruby Net modules. The libraries were not checking the requested host name against the common name (CN) in the SSL server certificate, possibly allowing a man in the middle attack. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: ruby security update Advisory ID: RHSA-2007:0965-01 Advisory URL: https://access.redhat.com/errata/RHSA-2007:0965.html Issue date: 2007-11-13 Updated on: 2007-11-13 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-5162 CVE-2007-5770 - ---------------------------------------------------------------------1. Summary: Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: Ruby is an interpreted scripting language for object-oriented programming. An SSL certificate validation flaw was discovered in several Ruby Net modules. The libraries were not checking the requested host name against the common name (CN) in the SSL server certificate, possibly allowing a man in the middle attack. (CVE-2007-5162, CVE-2007-5770) Users of Ruby should upgrade to these updated packages, which contain a backported patch to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system havebeen applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bug IDs fixed (http://bugzilla.redhat.com/): 313691 - CVE-2007-5162 ruby Net:HTTP insufficient verification of SSL certificate 362081 - CVE-2007-5770 ruby insufficient verification of SSL certificate in various net::* modules 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: bd2ba2ff48194091448b3c7c61fd218f ruby-1.8.5-5.el5_1.1.src.rpm i386: 9a1214c0884a6e4cfa181a693dbf1905 ruby-1.8.5-5.el5_1.1.i386.rpm affda32e3a7fbc2ff7b71820983fa10e ruby-debuginfo-1.8.5-5.el5_1.1.i386.rpm 3f99f3d8b23dbd04830d5b622d9acfbe ruby-docs-1.8.5-5.el5_1.1.i386.rpm fdafed93c351491808f3d787d2e1b967 ruby-irb-1.8.5-5.el5_1.1.i386.rpm 0d59f6f236006e26d2bdb13835adfbe5 ruby-libs-1.8.5-5.el5_1.1.i386.rpm 6a61484d511a539a6f5e51ab2f1b524d ruby-rdoc-1.8.5-5.el5_1.1.i386.rpm 8283e9c796c013c6fec91ebaf0686717 ruby-ri-1.8.5-5.el5_1.1.i386.rpm f57234b3f2b2e62c320cce79633517a2 ruby-tcltk-1.8.5-5.el5_1.1.i386.rpm x86_64: 1727a1e7a24dffd9bcbaf14dd5885e09 ruby-1.8.5-5.el5_1.1.x86_64.rpm affda32e3a7fbc2ff7b71820983fa10e ruby-debuginfo-1.8.5-5.el5_1.1.i386.rpm 5d03ae1d4a04606daa60c2f21452962d ruby-debuginfo-1.8.5-5.el5_1.1.x86_64.rpm b20add781113d1a6c62da9eb4ae5322e ruby-docs-1.8.5-5.el5_1.1.x86_64.rpm 9860b5dcaff839ceac92ad3473474138 ruby-irb-1.8.5-5.el5_1.1.x86_64.rpm 0d59f6f236006e26d2bdb13835adfbe5 ruby-libs-1.8.5-5.el5_1.1.i386.rpm 7cdaed976249c0f131f545adc6d34a19 ruby-libs-1.8.5-5.el5_1.1.x86_64.rpm b9daa1cda45b5c9eb7977162d32932f8 ruby-rdoc-1.8.5-5.el5_1.1.x86_64.rpm 7a97f1f171c16e36bd85abbbadab358b ruby-ri-1.8.5-5.el5_1.1.x86_64.rpm 9e1e70b9dd97366bd2d46a3bd87da52d ruby-tcltk-1.8.5-5.el5_1.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: bd2ba2ff48194091448b3c7c61fd218f ruby-1.8.5-5.el5_1.1.src.rpm i386: affda32e3a7fbc2ff7b71820983fa10e ruby-debuginfo-1.8.5-5.el5_1.1.i386.rpm fc9636a5d413c56797e35c13e19445c1 ruby-devel-1.8.5-5.el5_1.1.i386.rpm b71daf9336d1c3ddfd572dd6f42aac3a ruby-mode-1.8.5-5.el5_1.1.i386.rpm x86_64: affda32e3a7fbc2ff7b71820983fa10e ruby-debuginfo-1.8.5-5.el5_1.1.i386.rpm 5d03ae1d4a04606daa60c2f21452962d ruby-debuginfo-1.8.5-5.el5_1.1.x86_64.rpm fc9636a5d413c56797e35c13e19445c1 ruby-devel-1.8.5-5.el5_1.1.i386.rpm c9cfa969d4cff4ba305119184559d59f ruby-devel-1.8.5-5.el5_1.1.x86_64.rpm 42b2fdf9d6d85e4701938042d05da90e ruby-mode-1.8.5-5.el5_1.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: bd2ba2ff48194091448b3c7c61fd218f ruby-1.8.5-5.el5_1.1.src.rpm i386: 9a1214c0884a6e4cfa181a693dbf1905 ruby-1.8.5-5.el5_1.1.i386.rpm affda32e3a7fbc2ff7b71820983fa10e ruby-debuginfo-1.8.5-5.el5_1.1.i386.rpm fc9636a5d413c56797e35c13e19445c1 ruby-devel-1.8.5-5.el5_1.1.i386.rpm 3f99f3d8b23dbd04830d5b622d9acfbe ruby-docs-1.8.5-5.el5_1.1.i386.rpm fdafed93c351491808f3d787d2e1b967 ruby-irb-1.8.5-5.el5_1.1.i386.rpm 0d59f6f236006e26d2bdb13835adfbe5 ruby-libs-1.8.5-5.el5_1.1.i386.rpm b71daf9336d1c3ddfd572dd6f42aac3a ruby-mode-1.8.5-5.el5_1.1.i386.rpm 6a61484d511a539a6f5e51ab2f1b524d ruby-rdoc-1.8.5-5.el5_1.1.i386.rpm 8283e9c796c013c6fec91ebaf0686717 ruby-ri-1.8.5-5.el5_1.1.i386.rpm f57234b3f2b2e62c320cce79633517a2 ruby-tcltk-1.8.5-5.el5_1.1.i386.rpm ia64: 833cb4e41f3ce360bffebe58dca7ffed ruby-1.8.5-5.el5_1.1.ia64.rpm f9280d52b11296dede951e4dc546d0e0 ruby-debuginfo-1.8.5-5.el5_1.1.ia64.rpm aa9fc9d56a73ddf69284e15178fd5335 ruby-devel-1.8.5-5.el5_1.1.ia64.rpm 5796d0d2c9bd06e7f15311ff7eb76f95 ruby-docs-1.8.5-5.el5_1.1.ia64.rpm 1cb804cb60fe8cd550d171d522566740 ruby-irb-1.8.5-5.el5_1.1.ia64.rpm 012d3122c4de5507f39eb43b339e8db3 ruby-libs-1.8.5-5.el5_1.1.ia64.rpm b54dd1219ac04bc945265c65f4a2e8a9 ruby-mode-1.8.5-5.el5_1.1.ia64.rpm b3e415994eb42d61e8d9783e40f586dd ruby-rdoc-1.8.5-5.el5_1.1.ia64.rpm 0668bbb175d3fc815ee7c709f1d67e8e ruby-ri-1.8.5-5.el5_1.1.ia64.rpm 03b3bbd6a20b5a570de2571259beb103 ruby-tcltk-1.8.5-5.el5_1.1.ia64.rpm ppc: 8c799e6408b3c0af19cf7bebea3b0ec4 ruby-1.8.5-5.el5_1.1.ppc.rpm a8e8a533efaabacbd9806998beb7bed9 ruby-debuginfo-1.8.5-5.el5_1.1.ppc.rpm 4e5a03c88823942fb923e13ee5e9f652 ruby-debuginfo-1.8.5-5.el5_1.1.ppc64.rpm c65c8ac0c44f5574b2d9e0c946bb1cc0 ruby-devel-1.8.5-5.el5_1.1.ppc.rpm 216d5f434ca5b590361445655cf35546 ruby-devel-1.8.5-5.el5_1.1.ppc64.rpm e7cf922d26f18c948840f2250491b432 ruby-docs-1.8.5-5.el5_1.1.ppc.rpm 6b8ddefd1936ee7eb6f529ffd45f0f56 ruby-irb-1.8.5-5.el5_1.1.ppc.rpm 9bd06a79a8d2144ca0425f64ee5bc052 ruby-libs-1.8.5-5.el5_1.1.ppc.rpm f68509b3bec796e6e35890101422979c ruby-libs-1.8.5-5.el5_1.1.ppc64.rpm cc042ce28dbd9cfca6686b05488cccd2 ruby-mode-1.8.5-5.el5_1.1.ppc.rpm 9f52495edcf1c7241d971a772ec9864b ruby-rdoc-1.8.5-5.el5_1.1.ppc.rpm d4ef2eb938ad8e500c312f5a0112bc17 ruby-ri-1.8.5-5.el5_1.1.ppc.rpm 9b94203c995d9825ea9522d47d2c93b9 ruby-tcltk-1.8.5-5.el5_1.1.ppc.rpm s390x: 466dbec52fbb1b426a05562d4223f1b5 ruby-1.8.5-5.el5_1.1.s390x.rpm 9dab2dee3b0818ee8f512b2378792f8d ruby-debuginfo-1.8.5-5.el5_1.1.s390.rpm ebbc60ecc686cf0b2cf581e7b9bcbeb3 ruby-debuginfo-1.8.5-5.el5_1.1.s390x.rpm 112e2222450789fda4d4aa3ee866f1c0 ruby-devel-1.8.5-5.el5_1.1.s390.rpm 5cf92a394b87428a0fa8dd3b4e4cb1b1 ruby-devel-1.8.5-5.el5_1.1.s390x.rpm f8cb187ff5e57e17a7ad9a956b04dbf3 ruby-docs-1.8.5-5.el5_1.1.s390x.rpm aee78c767a2c33a31927258d90e07cf9 ruby-irb-1.8.5-5.el5_1.1.s390x.rpm 9f539c988f1672d7b7534faf15c889d6 ruby-libs-1.8.5-5.el5_1.1.s390.rpm cfa7ff37d59ffa463d96c1865b6cd7b0 ruby-libs-1.8.5-5.el5_1.1.s390x.rpm 80f07b5abe18be100c69925551695c75 ruby-mode-1.8.5-5.el5_1.1.s390x.rpm 2b1f9972403c4793cd97ef783ba052b7 ruby-rdoc-1.8.5-5.el5_1.1.s390x.rpm 2d551ece5c839f9b241118a140dbbe02 ruby-ri-1.8.5-5.el5_1.1.s390x.rpm 558d87b587fc059bb648a620e91d9506 ruby-tcltk-1.8.5-5.el5_1.1.s390x.rpm x86_64: 1727a1e7a24dffd9bcbaf14dd5885e09 ruby-1.8.5-5.el5_1.1.x86_64.rpm affda32e3a7fbc2ff7b71820983fa10e ruby-debuginfo-1.8.5-5.el5_1.1.i386.rpm 5d03ae1d4a04606daa60c2f21452962d ruby-debuginfo-1.8.5-5.el5_1.1.x86_64.rpm fc9636a5d413c56797e35c13e19445c1 ruby-devel-1.8.5-5.el5_1.1.i386.rpm c9cfa969d4cff4ba305119184559d59f ruby-devel-1.8.5-5.el5_1.1.x86_64.rpm b20add781113d1a6c62da9eb4ae5322e ruby-docs-1.8.5-5.el5_1.1.x86_64.rpm 9860b5dcaff839ceac92ad3473474138 ruby-irb-1.8.5-5.el5_1.1.x86_64.rpm 0d59f6f236006e26d2bdb13835adfbe5 ruby-libs-1.8.5-5.el5_1.1.i386.rpm 7cdaed976249c0f131f545adc6d34a19 ruby-libs-1.8.5-5.el5_1.1.x86_64.rpm 42b2fdf9d6d85e4701938042d05da90e ruby-mode-1.8.5-5.el5_1.1.x86_64.rpm b9daa1cda45b5c9eb7977162d32932f8 ruby-rdoc-1.8.5-5.el5_1.1.x86_64.rpm 7a97f1f171c16e36bd85abbbadab358b ruby-ri-1.8.5-5.el5_1.1.x86_64.rpm 9e1e70b9dd97366bd2d46a3bd87da52d ruby-tcltk-1.8.5-5.el5_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2007-5162 https://www.cve.org/CVERecord?id=CVE-2007-5770 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2007 Red Hat, Inc. . Enhanced ruby libraries for CentOS address significant SSL vulnerabilities impacting corporate settings.. Ruby Update, Red Hat Security, SSL Certificate Flaw. . LinuxSecurity.com Team

Nov 13, 2007 Red Hat

security advisoryred hathttpd

Red Hat: RHSA-2005:608-01 Important: Httpd SSL and Memory Issues

Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: httpd security update Advisory ID: RHSA-2005:608-01 Advisory URL: https://access.redhat.com/errata/RHSA-2005:608.html Issue date: 2005-09-06 Updated on: 2005-09-06 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-2700 CAN-2005-2728 - ---------------------------------------------------------------------1. Summary: Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The Apache HTTP Server is a popular and freely-available Web server. A flaw was discovered in mod_ssl's handling of the "SSLVerifyClient" directive. This flaw occurs if a virtual host is configured using "SSLVerifyClient optional" and a directive "SSLVerifyClient required" is set for a specific location. For servers configured in this fashion, an attacker may be able to access resources that should otherwise be protected, by not supplying a client certificate when connecting. The CommonVulnerabilities and Exposures project assigned the name CAN-2005-2700 to this issue. A flaw was discovered in Apache httpd where the byterange filter would buffer certain responses into memory. If a server has a dynamic resource such as a CGI script or PHP script that generates a large amount of data, an attacker could send carefully crafted requests in order to consume resources, potentially leading to a Denial of Service. (CAN-2005-2728) Users of Apache httpd should update to these errata packages that contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 167102 - CAN-2005-2728 byterange memory DoS 167194 - CAN-2005-2700 SSLVerifyClient flaw 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: 484b418c080a8fc60b3add4dfcf1900f httpd-2.0.46-46.3.ent.src.rpm i386: 319460633151ee1517c8148931ca72de httpd-2.0.46-46.3.ent.i386.rpm 6cc3044405158920afedbd288430544c httpd-devel-2.0.46-46.3.ent.i386.rpm ee51eb393a77fcbc28640ab9c7c0376c mod_ssl-2.0.46-46.3.ent.i386.rpm ia64: 5f9c92619f6a7e60409aeef7b92f5056 httpd-2.0.46-46.3.ent.ia64.rpm cba1acc27a9904ea4988159c81e96a97 httpd-devel-2.0.46-46.3.ent.ia64.rpm 15b4dba781df66f9cbcfc0230b96d261 mod_ssl-2.0.46-46.3.ent.ia64.rpm ppc: 2ae362a59d4c95ef58879a9f74ec6c30 httpd-2.0.46-46.3.ent.ppc.rpm 2b61fbe228b61e5d113abd012e9bf619 httpd-devel-2.0.46-46.3.ent.ppc.rpm 6f653931571bfaebb519aecdbb7150c8 mod_ssl-2.0.46-46.3.ent.ppc.rpm s390: c59a7c3908fa71b8b7ba36d07cd0d0d4 httpd-2.0.46-46.3.ent.s390.rpm 2d3f8bf4a5745ba5b87d188f18d04a75 httpd-devel-2.0.46-46.3.ent.s390.rpm e1bc611d1e4eaecffbc58ff669d16b39 mod_ssl-2.0.46-46.3.ent.s390.rpm s390x: ba883d990a3fc34d2c6d20b6329372c1 httpd-2.0.46-46.3.ent.s390x.rpm 57c48448f06e2444d285440a6e43631c httpd-devel-2.0.46-46.3.ent.s390x.rpm 2f44730013c2c1aef58d4c81e9ae613b mod_ssl-2.0.46-46.3.ent.s390x.rpm x86_64: d1bd5698951993680a3f4d78b332117e httpd-2.0.46-46.3.ent.x86_64.rpm 9d57852140e597b4719cda1d8aee4101 httpd-devel-2.0.46-46.3.ent.x86_64.rpm fc4beccd061aa1de3286a4548d820bcc mod_ssl-2.0.46-46.3.ent.x86_64.rpm Red Hat Desktop version 3: SRPMS: 484b418c080a8fc60b3add4dfcf1900f httpd-2.0.46-46.3.ent.src.rpm i386: 319460633151ee1517c8148931ca72de httpd-2.0.46-46.3.ent.i386.rpm 6cc3044405158920afedbd288430544c httpd-devel-2.0.46-46.3.ent.i386.rpm ee51eb393a77fcbc28640ab9c7c0376c mod_ssl-2.0.46-46.3.ent.i386.rpm x86_64: d1bd5698951993680a3f4d78b332117e httpd-2.0.46-46.3.ent.x86_64.rpm 9d57852140e597b4719cda1d8aee4101 httpd-devel-2.0.46-46.3.ent.x86_64.rpm fc4beccd061aa1de3286a4548d820bcc mod_ssl-2.0.46-46.3.ent.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: 484b418c080a8fc60b3add4dfcf1900f httpd-2.0.46-46.3.ent.src.rpm i386: 319460633151ee1517c8148931ca72de httpd-2.0.46-46.3.ent.i386.rpm 6cc3044405158920afedbd288430544c httpd-devel-2.0.46-46.3.ent.i386.rpm ee51eb393a77fcbc28640ab9c7c0376c mod_ssl-2.0.46-46.3.ent.i386.rpm ia64: 5f9c92619f6a7e60409aeef7b92f5056 httpd-2.0.46-46.3.ent.ia64.rpm cba1acc27a9904ea4988159c81e96a97 httpd-devel-2.0.46-46.3.ent.ia64.rpm 15b4dba781df66f9cbcfc0230b96d261 mod_ssl-2.0.46-46.3.ent.ia64.rpm x86_64: d1bd5698951993680a3f4d78b332117e httpd-2.0.46-46.3.ent.x86_64.rpm 9d57852140e597b4719cda1d8aee4101 httpd-devel-2.0.46-46.3.ent.x86_64.rpm fc4beccd061aa1de3286a4548d820bcc mod_ssl-2.0.46-46.3.ent.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: 484b418c080a8fc60b3add4dfcf1900f httpd-2.0.46-46.3.ent.src.rpm i386: 319460633151ee1517c8148931ca72de httpd-2.0.46-46.3.ent.i386.rpm 6cc3044405158920afedbd288430544c httpd-devel-2.0.46-46.3.ent.i386.rpm ee51eb393a77fcbc28640ab9c7c0376c mod_ssl-2.0.46-46.3.ent.i386.rpm ia64: 5f9c92619f6a7e60409aeef7b92f5056 httpd-2.0.46-46.3.ent.ia64.rpm cba1acc27a9904ea4988159c81e96a97 httpd-devel-2.0.46-46.3.ent.ia64.rpm 15b4dba781df66f9cbcfc0230b96d261 mod_ssl-2.0.46-46.3.ent.ia64.rpm x86_64: d1bd5698951993680a3f4d78b332117e httpd-2.0.46-46.3.ent.x86_64.rpm 9d57852140e597b4719cda1d8aee4101 httpd-devel-2.0.46-46.3.ent.x86_64.rpm fc4beccd061aa1de3286a4548d820bcc mod_ssl-2.0.46-46.3.ent.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: de6c9583b0be4f8a91d58f9d96082d3c httpd-2.0.52-12.2.ent.src.rpm i386: 2b535c428cc468bb8c94e88cb47b48a0 httpd-2.0.52-12.2.ent.i386.rpm 62933dc89da98cf4e2cdb885cb195d29 httpd-devel-2.0.52-12.2.ent.i386.rpm 573ee8e079b51dd2d6a474c7513ede63 httpd-manual-2.0.52-12.2.ent.i386.rpm ee7ce0885eb313d0f359c89b0d22b637 httpd-suexec-2.0.52-12.2.ent.i386.rpm df4a617088e7c3d22cdb88d149f81209 mod_ssl-2.0.52-12.2.ent.i386.rpm ia64: 2c03808a9cf8081f395259ae21730af0 httpd-2.0.52-12.2.ent.ia64.rpm 99fcf9f0c7ea2b8a4248cd3a0d25da89 httpd-devel-2.0.52-12.2.ent.ia64.rpm 856092d56cc712997901f534a76f568c httpd-manual-2.0.52-12.2.ent.ia64.rpm 92ac8b5beb4e12b1ead63f7027d07cfb httpd-suexec-2.0.52-12.2.ent.ia64.rpm a44cc800809c368c7455c1af306b8e7d mod_ssl-2.0.52-12.2.ent.ia64.rpm ppc: 7f49f8989dd2261c2d137af07e14ff54 httpd-2.0.52-12.2.ent.ppc.rpm a6e1f360410c36f2cc641e321395fd16 httpd-devel-2.0.52-12.2.ent.ppc.rpm 69ce88336483a278bcad15ea6eaca096 httpd-manual-2.0.52-12.2.ent.ppc.rpm f396126f7386857c22eeeef20d947652 httpd-suexec-2.0.52-12.2.ent.ppc.rpm 99b6d20eed066a3b565756ad83888d22 mod_ssl-2.0.52-12.2.ent.ppc.rpm s390: 0cbd52d64a91644717a1df0e15ccc39a httpd-2.0.52-12.2.ent.s390.rpm ca79cb435376a78d9f6b33c83473defe httpd-devel-2.0.52-12.2.ent.s390.rpm 3e8a5481d36c837350b17ee20c4fd429 httpd-manual-2.0.52-12.2.ent.s390.rpm 2899ee38bcd82766e731b57d3330ce9a httpd-suexec-2.0.52-12.2.ent.s390.rpm 7b5f79e871aefd2482c18cff9904c7c4 mod_ssl-2.0.52-12.2.ent.s390.rpm s390x: ca68a1ae7ab25f761c901f28cd522f74 httpd-2.0.52-12.2.ent.s390x.rpm 09c838209a62cba64e5b28688e313026 httpd-devel-2.0.52-12.2.ent.s390x.rpm caf032aaba9e03987ba1413743c47088 httpd-manual-2.0.52-12.2.ent.s390x.rpm 0eeea0d60e789902f10252c39b13140a httpd-suexec-2.0.52-12.2.ent.s390x.rpm cedd7dadf3408b281a9d4d7d45e31b16 mod_ssl-2.0.52-12.2.ent.s390x.rpm x86_64: 34ec39c05630e576fad8859e8f233ba7 httpd-2.0.52-12.2.ent.x86_64.rpm 614164cb0770a14d30eacc211fed4242 httpd-devel-2.0.52-12.2.ent.x86_64.rpm 2b59b10e2c8e41ed23041e3d433a67c7 httpd-manual-2.0.52-12.2.ent.x86_64.rpm 2ce9c581b49e48da9db9b95e61f18ea9 httpd-suexec-2.0.52-12.2.ent.x86_64.rpm 048f5c406bac99d9026eca82573c59f1 mod_ssl-2.0.52-12.2.ent.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: de6c9583b0be4f8a91d58f9d96082d3c httpd-2.0.52-12.2.ent.src.rpm i386: 2b535c428cc468bb8c94e88cb47b48a0 httpd-2.0.52-12.2.ent.i386.rpm 62933dc89da98cf4e2cdb885cb195d29 httpd-devel-2.0.52-12.2.ent.i386.rpm 573ee8e079b51dd2d6a474c7513ede63 httpd-manual-2.0.52-12.2.ent.i386.rpm ee7ce0885eb313d0f359c89b0d22b637 httpd-suexec-2.0.52-12.2.ent.i386.rpm df4a617088e7c3d22cdb88d149f81209 mod_ssl-2.0.52-12.2.ent.i386.rpm x86_64: 34ec39c05630e576fad8859e8f233ba7 httpd-2.0.52-12.2.ent.x86_64.rpm 614164cb0770a14d30eacc211fed4242 httpd-devel-2.0.52-12.2.ent.x86_64.rpm 2b59b10e2c8e41ed23041e3d433a67c7 httpd-manual-2.0.52-12.2.ent.x86_64.rpm 2ce9c581b49e48da9db9b95e61f18ea9 httpd-suexec-2.0.52-12.2.ent.x86_64.rpm 048f5c406bac99d9026eca82573c59f1 mod_ssl-2.0.52-12.2.ent.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: de6c9583b0be4f8a91d58f9d96082d3c httpd-2.0.52-12.2.ent.src.rpm i386: 2b535c428cc468bb8c94e88cb47b48a0 httpd-2.0.52-12.2.ent.i386.rpm 62933dc89da98cf4e2cdb885cb195d29 httpd-devel-2.0.52-12.2.ent.i386.rpm 573ee8e079b51dd2d6a474c7513ede63 httpd-manual-2.0.52-12.2.ent.i386.rpm ee7ce0885eb313d0f359c89b0d22b637 httpd-suexec-2.0.52-12.2.ent.i386.rpm df4a617088e7c3d22cdb88d149f81209 mod_ssl-2.0.52-12.2.ent.i386.rpm ia64: 2c03808a9cf8081f395259ae21730af0 httpd-2.0.52-12.2.ent.ia64.rpm 99fcf9f0c7ea2b8a4248cd3a0d25da89 httpd-devel-2.0.52-12.2.ent.ia64.rpm 856092d56cc712997901f534a76f568c httpd-manual-2.0.52-12.2.ent.ia64.rpm 92ac8b5beb4e12b1ead63f7027d07cfb httpd-suexec-2.0.52-12.2.ent.ia64.rpm a44cc800809c368c7455c1af306b8e7d mod_ssl-2.0.52-12.2.ent.ia64.rpm x86_64: 34ec39c05630e576fad8859e8f233ba7 httpd-2.0.52-12.2.ent.x86_64.rpm 614164cb0770a14d30eacc211fed4242 httpd-devel-2.0.52-12.2.ent.x86_64.rpm 2b59b10e2c8e41ed23041e3d433a67c7 httpd-manual-2.0.52-12.2.ent.x86_64.rpm 2ce9c581b49e48da9db9b95e61f18ea9 httpd-suexec-2.0.52-12.2.ent.x86_64.rpm 048f5c406bac99d9026eca82573c59f1 mod_ssl-2.0.52-12.2.ent.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: de6c9583b0be4f8a91d58f9d96082d3c httpd-2.0.52-12.2.ent.src.rpm i386: 2b535c428cc468bb8c94e88cb47b48a0 httpd-2.0.52-12.2.ent.i386.rpm 62933dc89da98cf4e2cdb885cb195d29 httpd-devel-2.0.52-12.2.ent.i386.rpm 573ee8e079b51dd2d6a474c7513ede63 httpd-manual-2.0.52-12.2.ent.i386.rpm ee7ce0885eb313d0f359c89b0d22b637 httpd-suexec-2.0.52-12.2.ent.i386.rpm df4a617088e7c3d22cdb88d149f81209 mod_ssl-2.0.52-12.2.ent.i386.rpm ia64: 2c03808a9cf8081f395259ae21730af0 httpd-2.0.52-12.2.ent.ia64.rpm 99fcf9f0c7ea2b8a4248cd3a0d25da89 httpd-devel-2.0.52-12.2.ent.ia64.rpm 856092d56cc712997901f534a76f568c httpd-manual-2.0.52-12.2.ent.ia64.rpm 92ac8b5beb4e12b1ead63f7027d07cfb httpd-suexec-2.0.52-12.2.ent.ia64.rpm a44cc800809c368c7455c1af306b8e7d mod_ssl-2.0.52-12.2.ent.ia64.rpm x86_64: 34ec39c05630e576fad8859e8f233ba7 httpd-2.0.52-12.2.ent.x86_64.rpm 614164cb0770a14d30eacc211fed4242 httpd-devel-2.0.52-12.2.ent.x86_64.rpm 2b59b10e2c8e41ed23041e3d433a67c7 httpd-manual-2.0.52-12.2.ent.x86_64.rpm 2ce9c581b49e48da9db9b95e61f18ea9 httpd-suexec-2.0.52-12.2.ent.x86_64.rpm 048f5c406bac99d9026eca82573c59f1 mod_ssl-2.0.52-12.2.ent.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CAN-2005-2700 https://www.cve.org/CVERecord?id=CAN-2005-2728 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. . Red Hat announces crucial HTTPD patch resolving SSL vulnerabilities and memory DoS concerns for RHEL 3 and 4 systems.. HTTPD Update, Red Hat Security, SSL Flaw, DoS Issue. . Severity: Important. LinuxSecurity.com Team

Sep 06, 2005 •Important Red Hat

Stay Secure with the Latest Linux Advisories

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Red Hat Enterprise Linux 6 and 7: RHSA-2015-0067-01 Critical Java Update

Moderate SSL Vulnerability Patch for Red Hat Enterprise Linux 5 & 6

Red Hat Enterprise Linux 6: RHSA-2010:0862-02 Low: NSS SSL Flaw

Red Hat 5: RHSA-2007:0965-01 Moderate: Ruby SSL Certificate Flaw

Red Hat: RHSA-2005:608-01 Important: Httpd SSL and Memory Issues

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Refine advisories

severity

Topics

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!