Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2002.125 -- RHSA-2002:027-22 and RHSA-2002:026-35 Vulnerability in zlib library 12 March 2002 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: zlib Vendor: Red Hat Operating System: Red Hat Powertools 6.0 Red Hat Powertools 6.1 Red Hat Linux and Powertools 6.2 Red Hat Linux and Powertools 7.0 Red Hat Linux and Powertools 7.1 Platform: Alpha i386 i586 i686 IA-64 SPARC Impact: Denial of Service Execute Arbitrary Code/Commands Access Required: Existing Account Remote Note: Both Red Hat Security Advisories are included in this ESB. - --------------------------BEGIN INCLUDED TEXT-------------------- - --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Vulnerability in zlib library (powertools) Advisory ID: RHSA-2002:027-22 Issue date: 2002-02-11 Updated on: 2002-03-11 Product: Red Hat Powertools Keywords: zlib double free Cross references: RHSA-2002:026 Obsoletes: - --------------------------------------------------------------------- 1. Topic: The zlib compression library provides in-memory compression and decompression functions. It is widely used throughout Linux and other operating systems. While performing tests on the gdk-pixbuf library, Matthias Clasen created an invalid PNG image that caused libpng to crash. Upon further investigation, this turned out to be a bug in zlib 1.1.3. Certain input will cause zlib to free an area of memory twice (also called a "double free"). This bug can be used to crash any program that takes untrusted compressed input. Web browsers or email programs that display image attachments or other programs that uncompress data are particularly affected. This vulnerability makes it easy to perform various denial-of-service attacks against such programs. However, since the result of a double free is the corruption of the malloc implementation's data structures, it is possible that an attacker could manage a more significant exploit, such as running arbitrary code on the affected system. 2. Relevant releases/architectures: Red Hat Powertools 6.0 - alpha, i386, sparc Red Hat Powertools 6.1 - alpha, i386, sparc Red Hat Powertools 6.2 - alpha, i386, sparc Red Hat Powertools 7.0 - alpha, i386 Red Hat Powertools 7.1 - alpha, i386 3. Problem description: Most of the packages in Red Hat Linux use the shared zlib library and can be protected against vulnerability by updating to the errata zlib package. However, there have been a number of packages identified in Red Hat Linux that either statically link to zlib or contain an internal version of zlib code. Although no exploits for this issue or the affected packages are currently known to exist, this is a serious vulnerability that could be locally or remotely exploited. All users should upgrade affected packages immediately. Additionally, if you have any programs that you have compiled yourself you should check to see if they use zlib. If they link to the shared zlib library then they will not be vulnerable once the shared zlib library is updated to the errata package. If any programs that decompress arbitrary data either statically link to zlib or use their own version of the zlib code internally, then they need to be patched or recompiled. The following details apply to the Powertools distribution only; for packages included with the main Red Hat Linux distribution please see advisory RHSA-2002:026 abiword: Powertools 6.2 shipped with both statically and dynamically linked versions of AbiWord. The statically linked version is linked against the vulnerable zlib. It is recommended that users only use the dynamic version. acroread: The acroread package in Powertools 7.0 contains Acrobat Reader, a PDF viewer. This package contains an internal version of zlib which may be vulnerable. An update is not yet available, so users are advised to view PDF documents using xpdf or ghostview. amaya: Amaya is a Web browser/authoring tool. Amaya in Powertools 7.1 has been patched to use the system zlib, libjpeg, and libpng libraries instead of the internal static versions. flash: The flash package in Powertools 6.2 and 7.0 contains an unofficial Shockwave(TM) Flash2/Flash3 plug-in for Netscape which uses an internal version of zlib. This plug-in conflicts with the official flash plug-in included in the netscape package and should not be used. freeamp: Freeamp is an MP3 audio player in Powertools 6.2 and 7.0 which uses zlib when decompressing themes. Freeamp has been patched to use the system zlib library instead of the internal version. qt-embedded: Qt is a GUI toolkit for embedded devices. qt-embedded has been updated to version 2.3.2 and recompiled against the errata zlib library. vnc: VNC is a remote display system in Powertools 6.2. VNC has been patched to use the system zlib library. In addition, there is a small HTTP server implementation in the VNC server which can be made to wait indefinitely for input, thereby freezing an active VNC session. The VNC packages recommended by this advisory have been patched to fix this issue, as well. Users of VNC should be aware the program is designed for use on a trusted network. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 6. RPMs required: Red Hat Powertools 6.2: SRPMS: ftp://updates.redhat.com/6.2/en/powertools/SRPMS/vnc-3.3.3-2.3.src.rpm ftp://updates.redhat.com/6.2/en/powertools/SRPMS/freeamp-2.0.8-3.62.src.rpm alpha: ftp://updates.redhat.com/6.2/en/powertools/alpha/vnc-3.3.3-2.3.alpha.rpm ftp://updates.redhat.com/6.2/en/powertools/alpha/freeamp-2.0.8-3.62.alpha.rpm i386: ftp://updates.redhat.com/6.2/en/powertools/i386/vnc-3.3.3-2.3.i386.rpm ftp://updates.redhat.com/6.2/en/powertools/i386/freeamp-2.0.8-3.62.i386.rpm sparc: ftp://updates.redhat.com/6.2/en/powertools/sparc/vnc-3.3.3-2.3.sparc.rpm Red Hat Powertools 7.0: SRPMS: ftp://updates.redhat.com/7.0/en/powertools/SRPMS/freeamp-2.0.8-4.src.rpm alpha: ftp://updates.redhat.com/7.0/en/powertools/alpha/freeamp-2.0.8-4.alpha.rpm i386: ftp://updates.redhat.com/7.0/en/powertools/i386/freeamp-2.0.8-4.i386.rpm Red Hat Powertools 7.1: SRPMS: ftp://updates.redhat.com/7.1/en/powertools/SRPMS/amaya-4.0-4.src.rpm ftp://updates.redhat.com/7.1/en/powertools/SRPMS/qt-embedded-2.3.2-1.src.rpm alpha: ftp://updates.redhat.com/7.1/en/powertools/alpha/qt-embedded-2.3.2-1.alpha.rpm ftp://updates.redhat.com/7.1/en/powertools/alpha/qt-embedded-devel-2.3.2-1.alpha.rpm ftp://updates.redhat.com/7.1/en/powertools/alpha/qt-embedded-designer-2.3.2-1.alpha.rpm ftp://updates.redhat.com/7.1/en/powertools/alpha/qt-embedded-static-2.3.2-1.alpha.rpm i386: ftp://updates.redhat.com/7.1/en/powertools/i386/amaya-4.0-4.i386.rpm ftp://updates.redhat.com/7.1/en/powertools/i386/qt-embedded-2.3.2-1.i386.rpm ftp://updates.redhat.com/7.1/en/powertools/i386/qt-embedded-devel-2.3.2-1.i386.rpm ftp://updates.redhat.com/7.1/en/powertools/i386/qt-embedded-designer-2.3.2-1.i386.rpm ftp://updates.redhat.com/7.1/en/powertools/i386/qt-embedded-static-2.3.2-1.i386.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 04a498e3a9122b133c7beb6bd61f7002 6.2/en/powertools/SRPMS/freeamp-2.0.8-3.62.src.rpm beb533f4769300842e9690573f8f5042 6.2/en/powertools/SRPMS/vnc-3.3.3-2.3.src.rpm 4ed9222dbb7efa7e91ec934007353123 6.2/en/powertools/alpha/freeamp-2.0.8-3.62.alpha.rpm d9b06f36f340b8cc1b1b0908f236aa92 6.2/en/powertools/alpha/vnc-3.3.3-2.3.alpha.rpm da6f8b0fdd725b70b3717642592ac57f 6.2/en/powertools/i386/freeamp-2.0.8-3.62.i386.rpm 45f7de3b77c693141214ea0858bdd758 6.2/en/powertools/i386/vnc-3.3.3-2.3.i386.rpm df7b617bd40a5bc7399def5a0b790d72 6.2/en/powertools/sparc/vnc-3.3.3-2.3.sparc.rpm 9728e294268313afb5d34635844bf325 7.0/en/powertools/SRPMS/freeamp-2.0.8-4.src.rpm 7980ec91d94bde4c38f26027d6a5c79e 7.0/en/powertools/alpha/freeamp-2.0.8-4.alpha.rpm 581445aca1ab654e9859631a2da1f25d 7.0/en/powertools/i386/freeamp-2.0.8-4.i386.rpm dcd4dac892444055519cbb5f4dbf3d25 7.1/en/powertools/SRPMS/amaya-4.0-4.src.rpm 452b8aad8b8782aee15e4bca9f32a47e 7.1/en/powertools/SRPMS/qt-embedded-2.3.2-1.src.rpm 3316b0c47c6d890271f7b88fe9d4b2ed 7.1/en/powertools/alpha/qt-embedded-2.3.2-1.alpha.rpm 481e6bab8b5882b0786170675521a2b3 7.1/en/powertools/alpha/qt-embedded-designer-2.3.2-1.alpha.rpm 10cf10058023b7908630910024a80020 7.1/en/powertools/alpha/qt-embedded-devel-2.3.2-1.alpha.rpm 7c41b1ed87341249f72054ad13b2b17a 7.1/en/powertools/alpha/qt-embedded-static-2.3.2-1.alpha.rpm 9d0d12d364e6e760db9465286ae9d0c8 7.1/en/powertools/i386/amaya-4.0-4.i386.rpm e6e968596f8df709c255fc26884aaeac 7.1/en/powertools/i386/qt-embedded-2.3.2-1.i386.rpm 732a30933fffb2fb807574e1614a8dfe 7.1/en/powertools/i386/qt-embedded-designer-2.3.2-1.i386.rpm d6debb26c81d7d3c84ad0257f8d7631b 7.1/en/powertools/i386/qt-embedded-devel-2.3.2-1.i386.rpm 14233bdde094d7ba2d2b4d63ea5f8e3f 7.1/en/powertools/i386/qt-embedded-static-2.3.2-1.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/about/contact/pgpkey.html You can verify each package with the following command: rpm --checksig <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> 8. References: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0059 to this issue. Red Hat would like to thank CERT/CC for their help in coordinating this issue with other vendors. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0059 http://bugzilla.gnome.org/show_bug.cgi?id=70594 Copyright(c) 2000, 2001, 2002 Red Hat, Inc. - --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Vulnerability in zlib library Advisory ID: RHSA-2002:026-35 Issue date: 2002-02-11 Updated on: 2002-03-11 Product: Red Hat Linux Keywords: zlib double free Cross references: RHSA-2002:028 RHSA-2002:027 Obsoletes: - --------------------------------------------------------------------- 1. Topic: The zlib library provides in-memory compression/decompression functions. The library is widely used throughout Linux and other operating systems. While performing tests on the gdk-pixbuf library, Matthias Clasen created an invalid PNG image that caused libpng to crash. Upon further investigation, this turned out to be a bug in zlib 1.1.3 where certain types of input will cause zlib to free the same area of memory twice (called a "double free"). This bug can be used to crash any program that takes untrusted compressed input. Web browsers or email programs that display image attachments or other programs that uncompress data are particularly affected. This vulnerability makes it easy to perform various denial-of-service attacks against such programs. It is also possible that an attacker could manage a more significant exploit, since the result of a double free is the corruption of the malloc() implementation's data structures. This could include running arbitrary code on local or remote systems. Most packages in Red Hat Linux use the shared zlib library and can be protected against vulnerability by updating to the errata zlib package. However, we have identified a number of packages in Red Hat Linux that either statically link to zlib or contain an internal version of zlib code. Although no exploits for this issue or these packages are currently known to exist, this is a serious vulnerability which could be locally or remotely exploited. All users should upgrade affected packages immediately. Additionally, if you have any programs that you have compiled yourself, you should check to see if they use zlib. If they link to the shared zlib library then they will not be vulnerable once the shared zlib library is updated to the errata package. However, if any programs that decompress arbitrary data statically link to zlib or use their own version of the zlib code internally, then they need to be patched or recompiled. 2. Relevant releases/architectures: Red Hat Linux 6.2 - alpha, i386, i586, i686, sparc Red Hat Linux 7.0 - alpha, i386, i586, i686 Red Hat Linux 7.1 - alpha, i386, i586, i686, ia64 Red Hat Linux 7.2 - i386, i586, i686, ia64 3. Problem description: The following details apply to the main Red Hat Linux distribution only. Please see advisory RHSA-2002:027 for Powertools packages. cvs: cvs is a version control system. The cvs package has been rebuilt to link against the shared system zlib instead of the internal version. Additionally, cvs has been updated to version 1.11.1p1 for Red Hat Linux 6.2, 7.0 and 7.1 which also corrects a possible security vulnerability due to an improperly initialized global variable. (CAN-2002-0092) dump: The dump package contains programs for backing up and restoring filesystems. It links statically to zlib and has been rebuilt against the errata zlib package. Red Hat Linux 7, 7.1, and 7.2 packages have also been upgraded to dump-0.4b25, which includes many non-security fixes. gcc3: The gcc3 package contains the GNU Compiler Collection version 3.0. It has been updated to version 3.0.4 and patched to link against the system zlib instead of the internal version. libgcj: The libgcj package includes the Java runtime library, which is needed to run Java programs compiled using the gcc Java compiler (gcj). libgcj has been patched to use the shared system zlib. kernel: The Linux kernel internally contains several variants of zlib code. However, ppp compression is the only implementation that is used with untrusted data streams. This issue has been patched. New kernel errata packages are included for Red Hat Linux 6.2 and 7. Users of Red Hat Linux 7.1, or 7.2 should update to the currently released kernel errata RHSA-2002-028 (2.4.9-31) which already contains this fix. Netscape Navigator: Users are advised to obtain an update from Netscape. rsync: rsync is a program for synchronizing files over a network. rsync uses a modified version of zlib internally. These errata packages patch this internal version of zlib. The rsync update package also fixes another security issue where rsync did not call setgroups() before dropping the privileges of the connecting user. Hence, it is possible for users to retain the group IDs of any supplemental groups that rsync was started in (for example, supplementary groups of the root user), allowing users to access files they may not otherwise be able to access. Thanks to Martin Pool and Andrew Tridgell for alerting us to this issue. CAN-2002-0080. VNC: VNC is a remote display system in Powertools 6.2. VNC has been patched to use the system zlib library. In addition, there is a small HTTP server implementation in the VNC server which can be made to wait indefinitely for input, thereby freezing an active VNC session. The VNC packages recommended by this advisory have been patched to fix this issue. Users of VNC should be aware that the program is designed for use on a trusted network. zlib: The zlib library has been updated with a patch to fix the aforementioned vulnerability. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 6. RPMs required: Red Hat Linux 6.2: SRPMS: ftp://updates.redhat.com/6.2/en/os/SRPMS/zlib-1.1.3-25.6.src.rpm ftp://updates.redhat.com/6.2/en/os/SRPMS/cvs-1.11.1p1-6.2.src.rpm ftp://updates.redhat.com/6.2/en/os/SRPMS/dump-0.4b19-5.6x.1.src.rpm ftp://updates.redhat.com/6.2/en/os/SRPMS/rsync-2.4.6-3.6.src.rpm ftp://updates.redhat.com/6.2/en/os/SRPMS/kernel-2.2.19-6.2.15.src.rpm alpha: ftp://updates.redhat.com/6.2/en/os/alpha/zlib-1.1.3-25.6.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/zlib-devel-1.1.3-25.6.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/cvs-1.11.1p1-6.2.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/dump-0.4b19-5.6x.1.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/dump-static-0.4b19-5.6x.1.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/rmt-0.4b19-5.6x.1.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/rsync-2.4.6-3.6.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/kernel-2.2.19-6.2.15.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/kernel-source-2.2.19-6.2.15.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/kernel-doc-2.2.19-6.2.15.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/kernel-utils-2.2.19-6.2.15.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/kernel-smp-2.2.19-6.2.15.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/kernel-BOOT-2.2.19-6.2.15.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/kernel-enterprise-2.2.19-6.2.15.alpha.rpm ftp://updates.redhat.com/6.2/en/os/alpha/kernel-jensen-2.2.19-6.2.15.alpha.rpm i386: ftp://updates.redhat.com/6.2/en/os/i386/zlib-1.1.3-25.6.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/zlib-devel-1.1.3-25.6.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/cvs-1.11.1p1-6.2.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/dump-0.4b19-5.6x.1.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/dump-static-0.4b19-5.6x.1.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/rmt-0.4b19-5.6x.1.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/rsync-2.4.6-3.6.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/kernel-2.2.19-6.2.15.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/kernel-source-2.2.19-6.2.15.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/kernel-doc-2.2.19-6.2.15.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/kernel-pcmcia-cs-2.2.19-6.2.15.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/kernel-utils-2.2.19-6.2.15.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/kernel-ibcs-2.2.19-6.2.15.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/kernel-smp-2.2.19-6.2.15.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/kernel-BOOT-2.2.19-6.2.15.i386.rpm i586: ftp://updates.redhat.com/6.2/en/os/i586/kernel-2.2.19-6.2.15.i586.rpm ftp://updates.redhat.com/6.2/en/os/i586/kernel-smp-2.2.19-6.2.15.i586.rpm i686: ftp://updates.redhat.com/6.2/en/os/i686/kernel-2.2.19-6.2.15.i686.rpm ftp://updates.redhat.com/6.2/en/os/i686/kernel-smp-2.2.19-6.2.15.i686.rpm ftp://updates.redhat.com/6.2/en/os/i686/kernel-enterprise-2.2.19-6.2.15.i686.rpm sparc: ftp://updates.redhat.com/6.2/en/os/sparc/zlib-1.1.3-25.6.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/zlib-devel-1.1.3-25.6.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/cvs-1.11.1p1-6.2.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/dump-0.4b19-5.6x.1.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/dump-static-0.4b19-5.6x.1.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/rmt-0.4b19-5.6x.1.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/rsync-2.4.6-3.6.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/kernel-2.2.19-6.2.15.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/kernel-source-2.2.19-6.2.15.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/kernel-doc-2.2.19-6.2.15.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/kernel-utils-2.2.19-6.2.15.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/kernel-smp-2.2.19-6.2.15.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/kernel-BOOT-2.2.19-6.2.15.sparc.rpm ftp://updates.redhat.com/6.2/en/os/sparc/kernel-enterprise-2.2.19-6.2.15.sparc.rpm Red Hat Linux 7.0: SRPMS: ftp://updates.redhat.com/7.0/en/os/SRPMS/zlib-1.1.3-25.7.src.rpm ftp://updates.redhat.com/7.0/en/os/SRPMS/cvs-1.11.1p1-7.src.rpm ftp://updates.redhat.com/7.0/en/os/SRPMS/dump-0.4b25-1.70.0.src.rpm ftp://updates.redhat.com/7.0/en/os/SRPMS/vnc-3.3.3r2-18.3.src.rpm ftp://updates.redhat.com/7.0/en/os/SRPMS/rsync-2.4.6-13.src.rpm ftp://updates.redhat.com/7.0/en/os/SRPMS/kernel-2.2.19-7.0.15.src.rpm ftp://updates.redhat.com/7.0/en/os/SRPMS/libgcj-2.96-24.1.src.rpm alpha: ftp://updates.redhat.com/7.0/en/os/alpha/zlib-1.1.3-25.7.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/zlib-devel-1.1.3-25.7.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/cvs-1.11.1p1-7.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/dump-0.4b25-1.70.0.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/rmt-0.4b25-1.70.0.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/vnc-3.3.3r2-18.3.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/vnc-doc-3.3.3r2-18.3.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/vnc-server-3.3.3r2-18.3.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/rsync-2.4.6-13.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/kernel-2.2.19-7.0.15.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/kernel-source-2.2.19-7.0.15.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/kernel-doc-2.2.19-7.0.15.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/kernel-utils-2.2.19-7.0.15.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/kernel-smp-2.2.19-7.0.15.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/kernel-BOOT-2.2.19-7.0.15.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/kernel-enterprise-2.2.19-7.0.15.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/kernel-jensen-2.2.19-7.0.15.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/libgcj-2.96-24.1.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/libgcj-devel-2.96-24.1.alpha.rpm i386: ftp://updates.redhat.com/7.0/en/os/i386/zlib-1.1.3-25.7.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/zlib-devel-1.1.3-25.7.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/cvs-1.11.1p1-7.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/dump-0.4b25-1.70.0.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/rmt-0.4b25-1.70.0.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/vnc-3.3.3r2-18.3.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/vnc-doc-3.3.3r2-18.3.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/vnc-server-3.3.3r2-18.3.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/rsync-2.4.6-13.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/kernel-2.2.19-7.0.15.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/kernel-source-2.2.19-7.0.15.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/kernel-doc-2.2.19-7.0.15.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/kernel-pcmcia-cs-2.2.19-7.0.15.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/kernel-utils-2.2.19-7.0.15.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/kernel-ibcs-2.2.19-7.0.15.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/kernel-smp-2.2.19-7.0.15.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/kernel-BOOT-2.2.19-7.0.15.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/libgcj-2.96-24.1.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/libgcj-devel-2.96-24.1.i386.rpm i586: ftp://updates.redhat.com/7.0/en/os/i586/kernel-2.2.19-7.0.15.i586.rpm ftp://updates.redhat.com/7.0/en/os/i586/kernel-smp-2.2.19-7.0.15.i586.rpm i686: ftp://updates.redhat.com/7.0/en/os/i686/kernel-2.2.19-7.0.15.i686.rpm ftp://updates.redhat.com/7.0/en/os/i686/kernel-smp-2.2.19-7.0.15.i686.rpm ftp://updates.redhat.com/7.0/en/os/i686/kernel-enterprise-2.2.19-7.0.15.i686.rpm Red Hat Linux 7.1: SRPMS: ftp://updates.redhat.com/7.1/en/os/SRPMS/zlib-1.1.3-25.7.src.rpm ftp://updates.redhat.com/7.1/en/os/SRPMS/cvs-1.11.1p1-7.src.rpm ftp://updates.redhat.com/7.1/en/os/SRPMS/dump-0.4b25-1.71.0.src.rpm ftp://updates.redhat.com/7.1/en/os/SRPMS/vnc-3.3.3r2-18.3.src.rpm ftp://updates.redhat.com/7.1/en/os/SRPMS/rsync-2.4.6-13.src.rpm ftp://updates.redhat.com/7.1/en/os/SRPMS/libgcj-2.96-24.1.src.rpm alpha: ftp://updates.redhat.com/7.1/en/os/alpha/zlib-1.1.3-25.7.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/zlib-devel-1.1.3-25.7.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/cvs-1.11.1p1-7.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/dump-0.4b25-1.71.0.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/rmt-0.4b25-1.71.0.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/vnc-3.3.3r2-18.3.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/vnc-doc-3.3.3r2-18.3.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/vnc-server-3.3.3r2-18.3.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/rsync-2.4.6-13.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/libgcj-2.96-24.1.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/libgcj-devel-2.96-24.1.alpha.rpm i386: ftp://updates.redhat.com/7.1/en/os/i386/zlib-1.1.3-25.7.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/zlib-devel-1.1.3-25.7.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/cvs-1.11.1p1-7.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/dump-0.4b25-1.71.0.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/rmt-0.4b25-1.71.0.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/vnc-3.3.3r2-18.3.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/vnc-doc-3.3.3r2-18.3.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/vnc-server-3.3.3r2-18.3.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/rsync-2.4.6-13.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/libgcj-2.96-24.1.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/libgcj-devel-2.96-24.1.i386.rpm ia64: ftp://updates.redhat.com/7.1/en/os/ia64/zlib-1.1.3-25.7.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/zlib-devel-1.1.3-25.7.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/cvs-1.11.1p1-7.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/dump-0.4b25-1.71.0.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/rmt-0.4b25-1.71.0.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/rsync-2.4.6-13.ia64.rpm Red Hat Linux 7.2: SRPMS: ftp://updates.redhat.com/7.2/en/os/SRPMS/zlib-1.1.3-25.7.src.rpm ftp://updates.redhat.com/7.2/en/os/SRPMS/cvs-1.11.1p1-7.src.rpm ftp://updates.redhat.com/7.2/en/os/SRPMS/dump-0.4b25-1.72.0.src.rpm ftp://updates.redhat.com/7.2/en/os/SRPMS/vnc-3.3.3r2-18.3.src.rpm ftp://updates.redhat.com/7.2/en/os/SRPMS/rsync-2.4.6-13.src.rpm ftp://updates.redhat.com/7.2/en/os/SRPMS/gcc3-3.0.4-1.src.rpm ftp://updates.redhat.com/7.2/en/os/SRPMS/libgcj-2.96-28.src.rpm ftp://updates.redhat.com/7.2/en/os/SRPMS/binutils-2.11.90.0.8-12.src.rpm i386: ftp://updates.redhat.com/7.2/en/os/i386/zlib-1.1.3-25.7.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/zlib-devel-1.1.3-25.7.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/cvs-1.11.1p1-7.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/dump-0.4b25-1.72.0.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/rmt-0.4b25-1.72.0.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/vnc-3.3.3r2-18.3.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/vnc-doc-3.3.3r2-18.3.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/vnc-server-3.3.3r2-18.3.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/rsync-2.4.6-13.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/gcc3-3.0.4-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/gcc3-c++-3.0.4-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/gcc3-g77-3.0.4-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/gcc3-java-3.0.4-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/gcc3-objc-3.0.4-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/libgcc-3.0.4-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/libgcj3-3.0.4-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/libgcj3-devel-3.0.4-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/libstdc++3-3.0.4-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/libstdc++3-devel-3.0.4-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/libgcj-2.96-28.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/libgcj-devel-2.96-28.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/binutils-2.11.90.0.8-12.i386.rpm ia64: ftp://updates.redhat.com/7.2/en/os/ia64/zlib-1.1.3-25.7.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/zlib-devel-1.1.3-25.7.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/cvs-1.11.1p1-7.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/dump-0.4b25-1.72.0.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/rmt-0.4b25-1.72.0.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/rsync-2.4.6-13.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/gcc3-3.0.4-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/gcc3-c++-3.0.4-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/gcc3-g77-3.0.4-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/gcc3-java-3.0.4-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/gcc3-objc-3.0.4-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/libgcc-3.0.4-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/libgcj3-3.0.4-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/libgcj3-devel-3.0.4-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/libstdc++3-3.0.4-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/libstdc++3-devel-3.0.4-1.ia64.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 8e02d134a33ac295dbd5106493fdda97 6.2/en/os/SRPMS/cvs-1.11.1p1-6.2.src.rpm 131b26079de78c6f0cac8b26a31113a7 6.2/en/os/SRPMS/dump-0.4b19-5.6x.1.src.rpm 6b96ad7065a00ec6151f23662130bc09 6.2/en/os/SRPMS/kernel-2.2.19-6.2.15.src.rpm 01bcbc0059c5b502005ce06a5ef19160 6.2/en/os/SRPMS/rsync-2.4.6-3.6.src.rpm b4e8df9d2506d9ae64c720f55a0bce59 6.2/en/os/SRPMS/zlib-1.1.3-25.6.src.rpm f727e1db9a1dd6dab65770f8debf1492 6.2/en/os/alpha/cvs-1.11.1p1-6.2.alpha.rpm 632bf922df6f841683fbe3e83c374f74 6.2/en/os/alpha/dump-0.4b19-5.6x.1.alpha.rpm 922165e41e0bc5f65e082cc7094a9077 6.2/en/os/alpha/dump-static-0.4b19-5.6x.1.alpha.rpm 6824944605493d99bfc77ff670f6973a 6.2/en/os/alpha/kernel-2.2.19-6.2.15.alpha.rpm c8f9fdc37ec11a512cda1b85dd9f63a9 6.2/en/os/alpha/kernel-BOOT-2.2.19-6.2.15.alpha.rpm c2c116a0cd393dfb2345c3e40f229e6a 6.2/en/os/alpha/kernel-doc-2.2.19-6.2.15.alpha.rpm 53066bedf4a0dbf8b4a7db00e2510e33 6.2/en/os/alpha/kernel-enterprise-2.2.19-6.2.15.alpha.rpm c78d34143bed2744af9d56b6ddee4e39 6.2/en/os/alpha/kernel-jensen-2.2.19-6.2.15.alpha.rpm cea576164ee05702dca3b0acdffd32bb 6.2/en/os/alpha/kernel-smp-2.2.19-6.2.15.alpha.rpm b010b830ace6c2e8715c64133c661d06 6.2/en/os/alpha/kernel-source-2.2.19-6.2.15.alpha.rpm 8469f12ad59c33d3865ad6984da5ad34 6.2/en/os/alpha/kernel-utils-2.2.19-6.2.15.alpha.rpm e0c7f2d151e3d15c18913c090ecc316a 6.2/en/os/alpha/rmt-0.4b19-5.6x.1.alpha.rpm 863716a131bf5d87a16e458e69609d0a 6.2/en/os/alpha/rsync-2.4.6-3.6.alpha.rpm 8e1e3754359de96f9b719a3d6329fb44 6.2/en/os/alpha/zlib-1.1.3-25.6.alpha.rpm 8c479f77bd3148966031355912bf2647 6.2/en/os/alpha/zlib-devel-1.1.3-25.6.alpha.rpm 50599253cc0ace39a04b7c4a95d5febb 6.2/en/os/i386/cvs-1.11.1p1-6.2.i386.rpm 8ac9e87a40bdbc02c958e0a5acdbee5c 6.2/en/os/i386/dump-0.4b19-5.6x.1.i386.rpm b2c4b6147e6fd29c6b4b7b00a21eebaa 6.2/en/os/i386/dump-static-0.4b19-5.6x.1.i386.rpm 4814bf80057c8801cc7a7f5ddae5d3d5 6.2/en/os/i386/kernel-2.2.19-6.2.15.i386.rpm 5bcbdd07bb53eb4ca138d69fccaddd05 6.2/en/os/i386/kernel-BOOT-2.2.19-6.2.15.i386.rpm 11a64570dff522924d02f388e6de4403 6.2/en/os/i386/kernel-doc-2.2.19-6.2.15.i386.rpm c937e653b3165d102b91202bd3862570 6.2/en/os/i386/kernel-ibcs-2.2.19-6.2.15.i386.rpm bbfad2946071356b62a2b5e0c40693d2 6.2/en/os/i386/kernel-pcmcia-cs-2.2.19-6.2.15.i386.rpm b0a1364c7182549d47038f68b7823292 6.2/en/os/i386/kernel-smp-2.2.19-6.2.15.i386.rpm d86ca0c8fb65089af11e181ee63287fb 6.2/en/os/i386/kernel-source-2.2.19-6.2.15.i386.rpm 387be7b7882a964eb22bfc8b61f21edf 6.2/en/os/i386/kernel-utils-2.2.19-6.2.15.i386.rpm d02d195b4adde793a74da493016a2f6a 6.2/en/os/i386/rmt-0.4b19-5.6x.1.i386.rpm e9762ff858e4dd4d48fc1b5418681e19 6.2/en/os/i386/rsync-2.4.6-3.6.i386.rpm d3e7293df89d9e74cea78e2556cb6ea4 6.2/en/os/i386/zlib-1.1.3-25.6.i386.rpm c53b34ee09b9f44a346a144f80b81bd7 6.2/en/os/i386/zlib-devel-1.1.3-25.6.i386.rpm 0b692c5e65788b56596f41a539c27ba0 6.2/en/os/i586/kernel-2.2.19-6.2.15.i586.rpm 39441131698d1e95ce03dd83503faf2c 6.2/en/os/i586/kernel-smp-2.2.19-6.2.15.i586.rpm 992c83f0c75cb0f8fbcb988c79d3e80e 6.2/en/os/i686/kernel-2.2.19-6.2.15.i686.rpm 58348c9914d3a3fac52573946af0959b 6.2/en/os/i686/kernel-enterprise-2.2.19-6.2.15.i686.rpm 642d71c9e7f30f73419ce8430c47d1d6 6.2/en/os/i686/kernel-smp-2.2.19-6.2.15.i686.rpm 0a73be9de7eef6df86f9a6231ce84250 6.2/en/os/sparc/cvs-1.11.1p1-6.2.sparc.rpm 4743fc86588f8d2550a94133b1b70526 6.2/en/os/sparc/dump-0.4b19-5.6x.1.sparc.rpm 9c0119c1a0e461ffe1437a4bd44aacd6 6.2/en/os/sparc/dump-static-0.4b19-5.6x.1.sparc.rpm 9ee058594c6bce7e326175288b09236d 6.2/en/os/sparc/kernel-2.2.19-6.2.15.sparc.rpm a4d93aded178179d75c84da85f2977b1 6.2/en/os/sparc/kernel-BOOT-2.2.19-6.2.15.sparc.rpm 43c23cdb7caa927b918cc06688510c06 6.2/en/os/sparc/kernel-doc-2.2.19-6.2.15.sparc.rpm 41ea0c7b728f8a5590afea932a8796f1 6.2/en/os/sparc/kernel-enterprise-2.2.19-6.2.15.sparc.rpm b08d965c394aa420b1ab8f727d7090c3 6.2/en/os/sparc/kernel-smp-2.2.19-6.2.15.sparc.rpm 209b0cda68e1cd2680b71163d681ab7f 6.2/en/os/sparc/kernel-source-2.2.19-6.2.15.sparc.rpm a75749166c315228e8e2d466520f1169 6.2/en/os/sparc/kernel-utils-2.2.19-6.2.15.sparc.rpm a0b0518694524b85e22c335cb5bbb59d 6.2/en/os/sparc/rmt-0.4b19-5.6x.1.sparc.rpm 71d5f307993bf1c5c666b343a56d371f 6.2/en/os/sparc/rsync-2.4.6-3.6.sparc.rpm 4019dfa3b0a196ba8ce3af1a3dc0e8a4 6.2/en/os/sparc/zlib-1.1.3-25.6.sparc.rpm 4c1161a93f9d40983db0ae55545830f5 6.2/en/os/sparc/zlib-devel-1.1.3-25.6.sparc.rpm 49cf09e03d1d51fb2571ac2287e1dcde 7.0/en/os/SRPMS/cvs-1.11.1p1-7.src.rpm bccc5133d4080eab76d4c080775c7fe2 7.0/en/os/SRPMS/dump-0.4b25-1.70.0.src.rpm e18266d69460dcde1cf97bc62cc749ad 7.0/en/os/SRPMS/kernel-2.2.19-7.0.15.src.rpm b58ce67092cc40ac228e1af362e1324a 7.0/en/os/SRPMS/libgcj-2.96-24.1.src.rpm b5d8794ea6fe06fdf6bf46829bae89d7 7.0/en/os/SRPMS/rsync-2.4.6-13.src.rpm 875db48b0b102ce4627a217a2596a903 7.0/en/os/SRPMS/vnc-3.3.3r2-18.3.src.rpm e4c9b7ea941c1b5f364aa4d57c06de68 7.0/en/os/SRPMS/zlib-1.1.3-25.7.src.rpm 658d899deda0305388579b5912b31b4a 7.0/en/os/alpha/cvs-1.11.1p1-7.alpha.rpm 68987e1d8f6c09bb927939da5c254688 7.0/en/os/alpha/dump-0.4b25-1.70.0.alpha.rpm 97cb6c46375530d7032d4a8826d6b585 7.0/en/os/alpha/kernel-2.2.19-7.0.15.alpha.rpm bfdf9bca146c8cec782b1c831fb64bc9 7.0/en/os/alpha/kernel-BOOT-2.2.19-7.0.15.alpha.rpm 0c97b9bd4a3b26f7c423d8e440f41e35 7.0/en/os/alpha/kernel-doc-2.2.19-7.0.15.alpha.rpm 9eef41c22a7aa6950ac5b53d4c0bd380 7.0/en/os/alpha/kernel-enterprise-2.2.19-7.0.15.alpha.rpm be4c4af7701713315ff421598ed5150b 7.0/en/os/alpha/kernel-jensen-2.2.19-7.0.15.alpha.rpm 464a95670556d1630797bf84e89bef23 7.0/en/os/alpha/kernel-smp-2.2.19-7.0.15.alpha.rpm 589f68b758fbe1b6045e8cd4c4f1b142 7.0/en/os/alpha/kernel-source-2.2.19-7.0.15.alpha.rpm c8311269d5888643d43b21ee8b5c7e0f 7.0/en/os/alpha/kernel-utils-2.2.19-7.0.15.alpha.rpm 0009a93f552453ff1d2c7116d20ef9fa 7.0/en/os/alpha/libgcj-2.96-24.1.alpha.rpm 7e5ac3667bc8af8f3afb24fe949bacb4 7.0/en/os/alpha/libgcj-devel-2.96-24.1.alpha.rpm 7c0d97c7ad92859c5cf4a6c86e55f52d 7.0/en/os/alpha/rmt-0.4b25-1.70.0.alpha.rpm 7f678187e558fa86744fba161756f0bd 7.0/en/os/alpha/rsync-2.4.6-13.alpha.rpm 2d8a1da805e2d6521963ff99110bb843 7.0/en/os/alpha/vnc-3.3.3r2-18.3.alpha.rpm 8f68b3f1ff1a0e897c1c221c9f9389ee 7.0/en/os/alpha/vnc-doc-3.3.3r2-18.3.alpha.rpm 6463c1226edebdeb0494f20701cbcf29 7.0/en/os/alpha/vnc-server-3.3.3r2-18.3.alpha.rpm 73352503d0864dbfa6db5369002fb0a1 7.0/en/os/alpha/zlib-1.1.3-25.7.alpha.rpm 542159b445cc9d1f0d8636e374711f86 7.0/en/os/alpha/zlib-devel-1.1.3-25.7.alpha.rpm ce2644ac389d9aa9993fe010cb7f30c8 7.0/en/os/i386/cvs-1.11.1p1-7.i386.rpm 07219be3485102a1b902d3968b3c4420 7.0/en/os/i386/dump-0.4b25-1.70.0.i386.rpm 0b208db4d3a052fb1d63f6aa45865ad2 7.0/en/os/i386/kernel-2.2.19-7.0.15.i386.rpm 703fcd01e22645901caeb2f9065e4194 7.0/en/os/i386/kernel-BOOT-2.2.19-7.0.15.i386.rpm df3a5e787ff699d900f37a8f0bd88a0a 7.0/en/os/i386/kernel-doc-2.2.19-7.0.15.i386.rpm cb577e6bb6cee4f5f98d9cfff6d6e746 7.0/en/os/i386/kernel-ibcs-2.2.19-7.0.15.i386.rpm 53c19bea9c3fc76d0a1bfdd72faed7df 7.0/en/os/i386/kernel-pcmcia-cs-2.2.19-7.0.15.i386.rpm 9615214b740d8b0426f2f28a3066cbb6 7.0/en/os/i386/kernel-smp-2.2.19-7.0.15.i386.rpm 852cea6cb40405d54fac68a53afb7c3a 7.0/en/os/i386/kernel-source-2.2.19-7.0.15.i386.rpm 61ec6d4b10078c4671da91302ebaccc5 7.0/en/os/i386/kernel-utils-2.2.19-7.0.15.i386.rpm fd1c65551e77fc09837130cee54f4283 7.0/en/os/i386/libgcj-2.96-24.1.i386.rpm fd2186bc67d1e98f3e83ced9f0a84215 7.0/en/os/i386/libgcj-devel-2.96-24.1.i386.rpm a7c94e2d2fd3057f9c51e394b9488f19 7.0/en/os/i386/rmt-0.4b25-1.70.0.i386.rpm dd9003947e4ae34aff75ea48e5289332 7.0/en/os/i386/rsync-2.4.6-13.i386.rpm ff07ff43709ea26fff9849fbeb27c38d 7.0/en/os/i386/vnc-3.3.3r2-18.3.i386.rpm 9ce73058c017df69bc12121db7999fa0 7.0/en/os/i386/vnc-doc-3.3.3r2-18.3.i386.rpm 6d29cc38d6735b7ff2fb9ee4237bfbcd 7.0/en/os/i386/vnc-server-3.3.3r2-18.3.i386.rpm 1c2a98b53ec5bd716b48d71643705055 7.0/en/os/i386/zlib-1.1.3-25.7.i386.rpm 7f6840ee653f0b6e88d3fb28fa56eaf7 7.0/en/os/i386/zlib-devel-1.1.3-25.7.i386.rpm 7f25476de897b5524dde27756c70d489 7.0/en/os/i586/kernel-2.2.19-7.0.15.i586.rpm 5d14f88b612218475f8d56a551b6a00f 7.0/en/os/i586/kernel-smp-2.2.19-7.0.15.i586.rpm fa15178dc1408fe7222052f6ee1e2e44 7.0/en/os/i686/kernel-2.2.19-7.0.15.i686.rpm 9cab456bc2c61af67fa236abc58a4510 7.0/en/os/i686/kernel-enterprise-2.2.19-7.0.15.i686.rpm 98437e8de26ba3efb2a35d21ce4ea5e4 7.0/en/os/i686/kernel-smp-2.2.19-7.0.15.i686.rpm 49cf09e03d1d51fb2571ac2287e1dcde 7.1/en/os/SRPMS/cvs-1.11.1p1-7.src.rpm df8014439d38a88d84bb6cac9cb13547 7.1/en/os/SRPMS/dump-0.4b25-1.71.0.src.rpm b58ce67092cc40ac228e1af362e1324a 7.1/en/os/SRPMS/libgcj-2.96-24.1.src.rpm b5d8794ea6fe06fdf6bf46829bae89d7 7.1/en/os/SRPMS/rsync-2.4.6-13.src.rpm 875db48b0b102ce4627a217a2596a903 7.1/en/os/SRPMS/vnc-3.3.3r2-18.3.src.rpm e4c9b7ea941c1b5f364aa4d57c06de68 7.1/en/os/SRPMS/zlib-1.1.3-25.7.src.rpm 658d899deda0305388579b5912b31b4a 7.1/en/os/alpha/cvs-1.11.1p1-7.alpha.rpm 15f1785a15fa6af59e5bacd4e8481ca7 7.1/en/os/alpha/dump-0.4b25-1.71.0.alpha.rpm 0009a93f552453ff1d2c7116d20ef9fa 7.1/en/os/alpha/libgcj-2.96-24.1.alpha.rpm 7e5ac3667bc8af8f3afb24fe949bacb4 7.1/en/os/alpha/libgcj-devel-2.96-24.1.alpha.rpm 1a76be972370920200add9696662b194 7.1/en/os/alpha/rmt-0.4b25-1.71.0.alpha.rpm 7f678187e558fa86744fba161756f0bd 7.1/en/os/alpha/rsync-2.4.6-13.alpha.rpm 2d8a1da805e2d6521963ff99110bb843 7.1/en/os/alpha/vnc-3.3.3r2-18.3.alpha.rpm 8f68b3f1ff1a0e897c1c221c9f9389ee 7.1/en/os/alpha/vnc-doc-3.3.3r2-18.3.alpha.rpm 6463c1226edebdeb0494f20701cbcf29 7.1/en/os/alpha/vnc-server-3.3.3r2-18.3.alpha.rpm 73352503d0864dbfa6db5369002fb0a1 7.1/en/os/alpha/zlib-1.1.3-25.7.alpha.rpm 542159b445cc9d1f0d8636e374711f86 7.1/en/os/alpha/zlib-devel-1.1.3-25.7.alpha.rpm ce2644ac389d9aa9993fe010cb7f30c8 7.1/en/os/i386/cvs-1.11.1p1-7.i386.rpm 725abeec86a049a239af670e005de99a 7.1/en/os/i386/dump-0.4b25-1.71.0.i386.rpm fd1c65551e77fc09837130cee54f4283 7.1/en/os/i386/libgcj-2.96-24.1.i386.rpm fd2186bc67d1e98f3e83ced9f0a84215 7.1/en/os/i386/libgcj-devel-2.96-24.1.i386.rpm 6ff9579c4db5d4b1741f62b65d898ec4 7.1/en/os/i386/rmt-0.4b25-1.71.0.i386.rpm dd9003947e4ae34aff75ea48e5289332 7.1/en/os/i386/rsync-2.4.6-13.i386.rpm ff07ff43709ea26fff9849fbeb27c38d 7.1/en/os/i386/vnc-3.3.3r2-18.3.i386.rpm 9ce73058c017df69bc12121db7999fa0 7.1/en/os/i386/vnc-doc-3.3.3r2-18.3.i386.rpm 6d29cc38d6735b7ff2fb9ee4237bfbcd 7.1/en/os/i386/vnc-server-3.3.3r2-18.3.i386.rpm 1c2a98b53ec5bd716b48d71643705055 7.1/en/os/i386/zlib-1.1.3-25.7.i386.rpm 7f6840ee653f0b6e88d3fb28fa56eaf7 7.1/en/os/i386/zlib-devel-1.1.3-25.7.i386.rpm fb6a4a68f00df73a844c9f97ff06e685 7.1/en/os/ia64/cvs-1.11.1p1-7.ia64.rpm 21cbc7f66c1d69e214fe4a4ffd87246d 7.1/en/os/ia64/dump-0.4b25-1.71.0.ia64.rpm 8fbce5705bdf4803606cbc2d010a0471 7.1/en/os/ia64/rmt-0.4b25-1.71.0.ia64.rpm ca2438188203ebb25111c9b68807b802 7.1/en/os/ia64/rsync-2.4.6-13.ia64.rpm c18df65e9d3f26940d5b87691000816d 7.1/en/os/ia64/zlib-1.1.3-25.7.ia64.rpm 45d6d5ba806017e3bd55bf31d9845e47 7.1/en/os/ia64/zlib-devel-1.1.3-25.7.ia64.rpm 99430cfd805162cf26a1579117968599 7.2/en/os/SRPMS/binutils-2.11.90.0.8-12.src.rpm 49cf09e03d1d51fb2571ac2287e1dcde 7.2/en/os/SRPMS/cvs-1.11.1p1-7.src.rpm 29fdca4db6119162d5570d1ec25751e3 7.2/en/os/SRPMS/dump-0.4b25-1.72.0.src.rpm e74ad2d3942b5b4d65fe1563a4a81e3a 7.2/en/os/SRPMS/gcc3-3.0.4-1.src.rpm 88d37abba63b0760bed46267547ccf63 7.2/en/os/SRPMS/libgcj-2.96-28.src.rpm b5d8794ea6fe06fdf6bf46829bae89d7 7.2/en/os/SRPMS/rsync-2.4.6-13.src.rpm 875db48b0b102ce4627a217a2596a903 7.2/en/os/SRPMS/vnc-3.3.3r2-18.3.src.rpm e4c9b7ea941c1b5f364aa4d57c06de68 7.2/en/os/SRPMS/zlib-1.1.3-25.7.src.rpm d6113e1fd56cb3fe7211ff99e82d8a59 7.2/en/os/i386/binutils-2.11.90.0.8-12.i386.rpm ce2644ac389d9aa9993fe010cb7f30c8 7.2/en/os/i386/cvs-1.11.1p1-7.i386.rpm 195e1eff9947649121bbc1c9be5dabf2 7.2/en/os/i386/dump-0.4b25-1.72.0.i386.rpm df1f93808417ce7edc44f6317483df5e 7.2/en/os/i386/gcc3-3.0.4-1.i386.rpm ca84b944123ddf8d8b99169f1e29064e 7.2/en/os/i386/gcc3-c++-3.0.4-1.i386.rpm aca54f53c5e43fb4b5bca9c7a398f995 7.2/en/os/i386/gcc3-g77-3.0.4-1.i386.rpm cb23be0b61cf368232232032295e03da 7.2/en/os/i386/gcc3-java-3.0.4-1.i386.rpm a33b5c220a98c25b5a922093e336471c 7.2/en/os/i386/gcc3-objc-3.0.4-1.i386.rpm e1e003d269a8c3b5784656b9baf01f61 7.2/en/os/i386/libgcc-3.0.4-1.i386.rpm d2536bb1878684ddeef62044f0818ff4 7.2/en/os/i386/libgcj-2.96-28.i386.rpm 850146af72439bfcf428be2d6d20c69d 7.2/en/os/i386/libgcj-devel-2.96-28.i386.rpm 9b387ac35bc0ed5b775d0e86aa08dd6d 7.2/en/os/i386/libgcj3-3.0.4-1.i386.rpm f71c536ee53f5f10d72167cf8bf60a66 7.2/en/os/i386/libgcj3-devel-3.0.4-1.i386.rpm 49341cccfee62055fc1859f388b3dd2b 7.2/en/os/i386/libstdc++3-3.0.4-1.i386.rpm 39775aac1be0eb7da93ed8d86387dabe 7.2/en/os/i386/libstdc++3-devel-3.0.4-1.i386.rpm d8a8dc76ff252ad07f41ee7ba65dbb54 7.2/en/os/i386/rmt-0.4b25-1.72.0.i386.rpm dd9003947e4ae34aff75ea48e5289332 7.2/en/os/i386/rsync-2.4.6-13.i386.rpm ff07ff43709ea26fff9849fbeb27c38d 7.2/en/os/i386/vnc-3.3.3r2-18.3.i386.rpm 9ce73058c017df69bc12121db7999fa0 7.2/en/os/i386/vnc-doc-3.3.3r2-18.3.i386.rpm 6d29cc38d6735b7ff2fb9ee4237bfbcd 7.2/en/os/i386/vnc-server-3.3.3r2-18.3.i386.rpm 1c2a98b53ec5bd716b48d71643705055 7.2/en/os/i386/zlib-1.1.3-25.7.i386.rpm 7f6840ee653f0b6e88d3fb28fa56eaf7 7.2/en/os/i386/zlib-devel-1.1.3-25.7.i386.rpm fb6a4a68f00df73a844c9f97ff06e685 7.2/en/os/ia64/cvs-1.11.1p1-7.ia64.rpm cb7d04f2d8b4e258bd091f457cb9724f 7.2/en/os/ia64/dump-0.4b25-1.72.0.ia64.rpm 3428bc20426d416960a55be0aa397dba 7.2/en/os/ia64/gcc3-3.0.4-1.ia64.rpm 673b0e9c4f1bacc50e8a7b7a2b42c147 7.2/en/os/ia64/gcc3-c++-3.0.4-1.ia64.rpm 74ea5cfad282a6305f0adb7d18779903 7.2/en/os/ia64/gcc3-g77-3.0.4-1.ia64.rpm 77b1c9ac7770ae85b85f5d2bccba9b04 7.2/en/os/ia64/gcc3-java-3.0.4-1.ia64.rpm 88f9a06077989f2204fa708535d011e1 7.2/en/os/ia64/gcc3-objc-3.0.4-1.ia64.rpm b5246f28abb6fece6514d3d0b84575cc 7.2/en/os/ia64/libgcc-3.0.4-1.ia64.rpm 9e30de4bca541895d14d0756eafc9666 7.2/en/os/ia64/libgcj3-3.0.4-1.ia64.rpm 5eca8425b277341f3fcba5b3942b6549 7.2/en/os/ia64/libgcj3-devel-3.0.4-1.ia64.rpm 080fc03db827f4b5007558c3c2dfadd4 7.2/en/os/ia64/libstdc++3-3.0.4-1.ia64.rpm 15055c2133605fab6ad1b0d53176fe87 7.2/en/os/ia64/libstdc++3-devel-3.0.4-1.ia64.rpm bd2b196cf5e9d94dc335e2967c9d6f0a 7.2/en/os/ia64/rmt-0.4b25-1.72.0.ia64.rpm ca2438188203ebb25111c9b68807b802 7.2/en/os/ia64/rsync-2.4.6-13.ia64.rpm c18df65e9d3f26940d5b87691000816d 7.2/en/os/ia64/zlib-1.1.3-25.7.ia64.rpm 45d6d5ba806017e3bd55bf31d9845e47 7.2/en/os/ia64/zlib-devel-1.1.3-25.7.ia64.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/about/contact/pgpkey.html You can verify each package with the following command: rpm --checksig <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> 8. References: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0059 to the zlib issue. Red Hat would like to thank CERT/CC for their help in coordinating this issue with other vendors http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0059 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0080 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0092 http://bugzilla.gnome.org/show_bug.cgi?id=70594 Copyright(c) 2000, 2001, 2002 Red Hat, Inc. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to use any or all of this information is the responsibility of each user or organisation, and should be done so in accordance with site policies and procedures. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the original authors to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/Information/advisories.html If you believe that your system has been compromised, contact AusCERT or your representative in FIRST (Forum of Incident Response and Security Teams). Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for emergencies. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key iQCVAwUBPI4Ltih9+71yA2DNAQE3YAP8DBtwJJQhb7zx6WBYFcQakq28M+HxNeM2 tRi8Ele7ypR7pKETDqruDTOepAAPYDgIXdkAryyECSG2vaw7+I9aQUCHiwsTM56k khzc1/z3VH65uYuALAWKCX9Be1ymZwueY/HYco9X9pfKTeZbKit7c2JiQv3RnVaJ eqBDb9wWl2Y= =9ycL -----END PGP SIGNATURE-----