Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2004.0480 -- RHSA-2004:413-01 and RHSA-2004:418-01 Updated kernel packages fix security 04 August 2004 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES/WS 3 Red Hat Enterprise Linux AS/ES/WS 2.1 Linux variants Impact: Access Confidential Data Denial of Service Access Required: Existing Account CVE Names: CAN-2004-0178 CAN-2004-0415 CAN-2004-0447 CAN-2004-0535 CAN-2004-0587 Ref: ESB-2004.0445 Comment: This External Security Bulletin (ESB) contains two Red Hat Security Advisories, detailing similar patches for Enterprise Linux versions 3 and 2.1 respectively. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated kernel packages fix security vulnerabilities Advisory ID: RHSA-2004:413-01 Issue date: 2004-08-03 Updated on: 2004-08-03 Product: Red Hat Enterprise Linux Keywords: taroon kernel security errata Obsoletes: RHSA-2004:360 CVE Names: CAN-2004-0178 CAN-2004-0415 CAN-2004-0447 CAN-2004-0535 CAN-2004-0587 - - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 3 are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - athlon, i386, i686, ia32e, ia64, ppc64, ppc64iseries, ppc64pseries, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - athlon, i386, i686, ia32e, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - athlon, i386, i686, ia32e, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. Paul Starzetz discovered flaws in the Linux kernel when handling file offset pointers. These consist of invalid conversions of 64 to 32-bit file offset pointers and possible race conditions. A local unprivileged user could make use of these flaws to access large portions of kernel memory. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0415 to this issue. These packages contain a patch written by Al Viro to correct these flaws. Red Hat would like to thank iSEC Security Research for disclosing this issue and a number of vendor-sec participants for reviewing and working on the patch to this issue. In addition, these packages correct a number of minor security issues: An bug in the e1000 network driver. This bug could be used by local users to leak small amounts of kernel memory (CAN-2004-0535). A bug in the SoundBlaster 16 code which does not properly handle certain sample sizes. This flaw could be used by local users to crash a system (CAN-2004-0178). A possible NULL-pointer dereference in the Linux kernel prior to 2.4.26 on the Itanium platform could allow a local user to crash a system (CAN-2004-0447). Inappropriate permissions on /proc/scsi/qla2300/HbaApiNode (CAN-2004-0587). All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info): 120527 - CAN-2004-0447 [PATCH] IPF kernel crashes under gdb 121045 - CAN-2004-0178 Soundblaster 16 local DoS 125168 - CAN-2004-0535 e1000 kernel memory information leak 126396 - CAN-2004-0587 Bad permissions on qla* drivers 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-15.0.4.EL.src.rpm 9f04fbd5d2b5182bfe7fa0242b4fd0a3 kernel-2.4.21-15.0.4.EL.src.rpm athlon: 25e7d097ccf85396dfdc53c6b03d83ea kernel-2.4.21-15.0.4.EL.athlon.rpm d619cffe546f2f41e9259ac437f07d44 kernel-smp-2.4.21-15.0.4.EL.athlon.rpm 06ef0da24796cc19d9c492e8ab638a29 kernel-smp-unsupported-2.4.21-15.0.4.EL.athlon.rpm 388a7af25fbefd195f9ab59922cca912 kernel-unsupported-2.4.21-15.0.4.EL.athlon.rpm i386: 6741173959e3e0686c080f2313ec7d5d kernel-BOOT-2.4.21-15.0.4.EL.i386.rpm 938fabc770ac041b44d4c99bfa90709a kernel-doc-2.4.21-15.0.4.EL.i386.rpm d106990663a3d5ad735a47a86830940c kernel-source-2.4.21-15.0.4.EL.i386.rpm i686: 2269c8e5bab350ac6e5f7252430dfd0f kernel-2.4.21-15.0.4.EL.i686.rpm fa6a5940751cbbb60236c88f58e8cc31 kernel-hugemem-2.4.21-15.0.4.EL.i686.rpm 40f3c5f256246fda87d9ddd3cb6791a5 kernel-hugemem-unsupported-2.4.21-15.0.4.EL.i686.rpm 3d106ae97cca1fcba8a3de8a5866b88b kernel-smp-2.4.21-15.0.4.EL.i686.rpm 8590ac5bbca153e1948f48f101bddcb6 kernel-smp-unsupported-2.4.21-15.0.4.EL.i686.rpm 04197afa144f4c7874b01c50fc027d5d kernel-unsupported-2.4.21-15.0.4.EL.i686.rpm ia32e: 80869adc4ed80a1c035ddaef69e2aa10 kernel-2.4.21-15.0.4.EL.ia32e.rpm 5dd0f98110e54e64ebfb934a2bb9629f kernel-unsupported-2.4.21-15.0.4.EL.ia32e.rpm ia64: d9d9873b1a03437ce9a660d5498e6acc kernel-2.4.21-15.0.4.EL.ia64.rpm 87c9d3baf789371a88c2078f1bf9cd2a kernel-doc-2.4.21-15.0.4.EL.ia64.rpm d1280df50b401a4ab1fe3630fef1a4b0 kernel-source-2.4.21-15.0.4.EL.ia64.rpm d07a66ca6e06045842c863be96729733 kernel-unsupported-2.4.21-15.0.4.EL.ia64.rpm ppc64: 21628655b2e3bd052b9393e8eac6ebd1 kernel-doc-2.4.21-15.0.4.EL.ppc64.rpm 86f1ad447a3023b3a6614c750271d155 kernel-source-2.4.21-15.0.4.EL.ppc64.rpm ppc64iseries: 1c929592946473d5fe73c71354846313 kernel-2.4.21-15.0.4.EL.ppc64iseries.rpm f8d2585dbf7adea54df19fdfd63a2eb7 kernel-unsupported-2.4.21-15.0.4.EL.ppc64iseries.rpm ppc64pseries: 01d9b20c6c4c45276195104bc6984224 kernel-2.4.21-15.0.4.EL.ppc64pseries.rpm 48bef493baacda16294ba973404d6587 kernel-unsupported-2.4.21-15.0.4.EL.ppc64pseries.rpm s390: 4ba1d35ff61699b9f3757941eef9623d kernel-2.4.21-15.0.4.EL.s390.rpm 9cb546f7b760a62baf3e198ed7591a1a kernel-doc-2.4.21-15.0.4.EL.s390.rpm d88eac17c9376f415351eb103a429ca0 kernel-source-2.4.21-15.0.4.EL.s390.rpm 757875de32469823e2578a088c655925 kernel-unsupported-2.4.21-15.0.4.EL.s390.rpm s390x: 125b33d2f4d7558bfda6397540e7976b kernel-2.4.21-15.0.4.EL.s390x.rpm e02ad38774bd83672d0f8bdeadb6f0f8 kernel-doc-2.4.21-15.0.4.EL.s390x.rpm 25bea5095bcac052ae3897c026f218bd kernel-source-2.4.21-15.0.4.EL.s390x.rpm f756be2685a447f6f19458c1aa75e2be kernel-unsupported-2.4.21-15.0.4.EL.s390x.rpm x86_64: 499203e60c5c0294fd2a41bbd9306b03 kernel-2.4.21-15.0.4.EL.x86_64.rpm 007a0353e8c76dd40424909844f6705e kernel-doc-2.4.21-15.0.4.EL.x86_64.rpm 33ade25b9b682f514f9523ec977a2c09 kernel-smp-2.4.21-15.0.4.EL.x86_64.rpm 3171661c4c24e3dcbf8970c8094e5851 kernel-smp-unsupported-2.4.21-15.0.4.EL.x86_64.rpm f33e51c95e59d8379d5dc4817ee13ce7 kernel-source-2.4.21-15.0.4.EL.x86_64.rpm eea5cbda95fb75f0f9c40e6cd3260efe kernel-unsupported-2.4.21-15.0.4.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-15.0.4.EL.src.rpm 9f04fbd5d2b5182bfe7fa0242b4fd0a3 kernel-2.4.21-15.0.4.EL.src.rpm athlon: 25e7d097ccf85396dfdc53c6b03d83ea kernel-2.4.21-15.0.4.EL.athlon.rpm d619cffe546f2f41e9259ac437f07d44 kernel-smp-2.4.21-15.0.4.EL.athlon.rpm 06ef0da24796cc19d9c492e8ab638a29 kernel-smp-unsupported-2.4.21-15.0.4.EL.athlon.rpm 388a7af25fbefd195f9ab59922cca912 kernel-unsupported-2.4.21-15.0.4.EL.athlon.rpm i386: 6741173959e3e0686c080f2313ec7d5d kernel-BOOT-2.4.21-15.0.4.EL.i386.rpm 938fabc770ac041b44d4c99bfa90709a kernel-doc-2.4.21-15.0.4.EL.i386.rpm d106990663a3d5ad735a47a86830940c kernel-source-2.4.21-15.0.4.EL.i386.rpm i686: 2269c8e5bab350ac6e5f7252430dfd0f kernel-2.4.21-15.0.4.EL.i686.rpm fa6a5940751cbbb60236c88f58e8cc31 kernel-hugemem-2.4.21-15.0.4.EL.i686.rpm 40f3c5f256246fda87d9ddd3cb6791a5 kernel-hugemem-unsupported-2.4.21-15.0.4.EL.i686.rpm 3d106ae97cca1fcba8a3de8a5866b88b kernel-smp-2.4.21-15.0.4.EL.i686.rpm 8590ac5bbca153e1948f48f101bddcb6 kernel-smp-unsupported-2.4.21-15.0.4.EL.i686.rpm 04197afa144f4c7874b01c50fc027d5d kernel-unsupported-2.4.21-15.0.4.EL.i686.rpm ia32e: 80869adc4ed80a1c035ddaef69e2aa10 kernel-2.4.21-15.0.4.EL.ia32e.rpm 5dd0f98110e54e64ebfb934a2bb9629f kernel-unsupported-2.4.21-15.0.4.EL.ia32e.rpm ia64: d9d9873b1a03437ce9a660d5498e6acc kernel-2.4.21-15.0.4.EL.ia64.rpm 87c9d3baf789371a88c2078f1bf9cd2a kernel-doc-2.4.21-15.0.4.EL.ia64.rpm d1280df50b401a4ab1fe3630fef1a4b0 kernel-source-2.4.21-15.0.4.EL.ia64.rpm d07a66ca6e06045842c863be96729733 kernel-unsupported-2.4.21-15.0.4.EL.ia64.rpm x86_64: 499203e60c5c0294fd2a41bbd9306b03 kernel-2.4.21-15.0.4.EL.x86_64.rpm 007a0353e8c76dd40424909844f6705e kernel-doc-2.4.21-15.0.4.EL.x86_64.rpm 33ade25b9b682f514f9523ec977a2c09 kernel-smp-2.4.21-15.0.4.EL.x86_64.rpm 3171661c4c24e3dcbf8970c8094e5851 kernel-smp-unsupported-2.4.21-15.0.4.EL.x86_64.rpm f33e51c95e59d8379d5dc4817ee13ce7 kernel-source-2.4.21-15.0.4.EL.x86_64.rpm eea5cbda95fb75f0f9c40e6cd3260efe kernel-unsupported-2.4.21-15.0.4.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-15.0.4.EL.src.rpm 9f04fbd5d2b5182bfe7fa0242b4fd0a3 kernel-2.4.21-15.0.4.EL.src.rpm athlon: 25e7d097ccf85396dfdc53c6b03d83ea kernel-2.4.21-15.0.4.EL.athlon.rpm d619cffe546f2f41e9259ac437f07d44 kernel-smp-2.4.21-15.0.4.EL.athlon.rpm 06ef0da24796cc19d9c492e8ab638a29 kernel-smp-unsupported-2.4.21-15.0.4.EL.athlon.rpm 388a7af25fbefd195f9ab59922cca912 kernel-unsupported-2.4.21-15.0.4.EL.athlon.rpm i386: 6741173959e3e0686c080f2313ec7d5d kernel-BOOT-2.4.21-15.0.4.EL.i386.rpm 938fabc770ac041b44d4c99bfa90709a kernel-doc-2.4.21-15.0.4.EL.i386.rpm d106990663a3d5ad735a47a86830940c kernel-source-2.4.21-15.0.4.EL.i386.rpm i686: 2269c8e5bab350ac6e5f7252430dfd0f kernel-2.4.21-15.0.4.EL.i686.rpm fa6a5940751cbbb60236c88f58e8cc31 kernel-hugemem-2.4.21-15.0.4.EL.i686.rpm 40f3c5f256246fda87d9ddd3cb6791a5 kernel-hugemem-unsupported-2.4.21-15.0.4.EL.i686.rpm 3d106ae97cca1fcba8a3de8a5866b88b kernel-smp-2.4.21-15.0.4.EL.i686.rpm 8590ac5bbca153e1948f48f101bddcb6 kernel-smp-unsupported-2.4.21-15.0.4.EL.i686.rpm 04197afa144f4c7874b01c50fc027d5d kernel-unsupported-2.4.21-15.0.4.EL.i686.rpm ia32e: 80869adc4ed80a1c035ddaef69e2aa10 kernel-2.4.21-15.0.4.EL.ia32e.rpm 5dd0f98110e54e64ebfb934a2bb9629f kernel-unsupported-2.4.21-15.0.4.EL.ia32e.rpm ia64: d9d9873b1a03437ce9a660d5498e6acc kernel-2.4.21-15.0.4.EL.ia64.rpm 87c9d3baf789371a88c2078f1bf9cd2a kernel-doc-2.4.21-15.0.4.EL.ia64.rpm d1280df50b401a4ab1fe3630fef1a4b0 kernel-source-2.4.21-15.0.4.EL.ia64.rpm d07a66ca6e06045842c863be96729733 kernel-unsupported-2.4.21-15.0.4.EL.ia64.rpm x86_64: 499203e60c5c0294fd2a41bbd9306b03 kernel-2.4.21-15.0.4.EL.x86_64.rpm 007a0353e8c76dd40424909844f6705e kernel-doc-2.4.21-15.0.4.EL.x86_64.rpm 33ade25b9b682f514f9523ec977a2c09 kernel-smp-2.4.21-15.0.4.EL.x86_64.rpm 3171661c4c24e3dcbf8970c8094e5851 kernel-smp-unsupported-2.4.21-15.0.4.EL.x86_64.rpm f33e51c95e59d8379d5dc4817ee13ce7 kernel-source-2.4.21-15.0.4.EL.x86_64.rpm eea5cbda95fb75f0f9c40e6cd3260efe kernel-unsupported-2.4.21-15.0.4.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key.html#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0178 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0535 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0587 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFBEBR0XlSAg2UNWIIRAi4TAKC92sg9D0p887sezLysDDPOwwzKFACgjMMu 7cdO/0ay3eojc35QMGHGMaM= =9p29 - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated kernel packages fix security issues Advisory ID: RHSA-2004:418-01 Issue date: 2004-08-03 Updated on: 2004-08-03 Product: Red Hat Enterprise Linux Obsoletes: RHSA-2004:354 CVE Names: CAN-2004-0415 CAN-2004-0535 CAN-2004-0587 - - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix potential information leaks and a incorrect driver permission for Red Hat Enterprise Linux 2.1 are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - athlon, i386, i686 Red Hat Enterprise Linux ES version 2.1 - athlon, i386, i686 Red Hat Enterprise Linux WS version 2.1 - athlon, i386, i686 3. Problem description: The Linux kernel handles the basic functions of the operating system. Paul Starzetz discovered flaws in the Linux kernel when handling file offset pointers. These consist of invalid conversions of 64 to 32-bit file offset pointers and possible race conditions. A local unprivileged user could make use of these flaws to access large portions of kernel memory. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0415 to this issue. These packages contain a patch written by Al Viro to correct these flaws. Red Hat would like to thank iSEC Security Research for disclosing this issue and a number of vendor-sec participants for reviewing and working on the patch to this issue. In addition, these packages correct two minor issues: An bug in the e1000 network driver. This bug could be used by local users to leak small amounts of kernel memory (CAN-2004-0535). Inappropriate permissions on /proc/scsi/qla2300/HbaApiNode (CAN-2004-0587). All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels to these erratum packages which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info): 125170 - CAN-2004-0535 e100e1000 kernel memory leak (x86) 126400 - CAN-2004-0587 Bad permissions on qla* drivers 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.9-e.48.src.rpm 4d90231c550b10a94c3e612fc86bfac4 kernel-2.4.9-e.48.src.rpm athlon: 32482bbacba7aed44aea420da0ef1418 kernel-2.4.9-e.48.athlon.rpm 675a499b8c0225f35660ef9f0a72ec3d kernel-smp-2.4.9-e.48.athlon.rpm i386: e1b4abb4e387ef87f2ba6428783973f5 kernel-BOOT-2.4.9-e.48.i386.rpm 8c7745b52ed0732e3347a1beb3365cce kernel-doc-2.4.9-e.48.i386.rpm 1b3c3dab9a7a935c731fd38401ec2a2f kernel-headers-2.4.9-e.48.i386.rpm 34961632e9384621acd93e6a66d3731a kernel-source-2.4.9-e.48.i386.rpm i686: a3e6271399611b981291df8bcd992717 kernel-2.4.9-e.48.i686.rpm 3383e7a871f2ca6bf291efc571c9f159 kernel-debug-2.4.9-e.48.i686.rpm 5d08fb530d37c1e4bec8222fc6e8430b kernel-enterprise-2.4.9-e.48.i686.rpm 71a58c709571f8ae8d313cf89d800c03 kernel-smp-2.4.9-e.48.i686.rpm aa870614772046934a1872fc89908a4b kernel-summit-2.4.9-e.48.i686.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/kernel-2.4.9-e.48.src.rpm 4d90231c550b10a94c3e612fc86bfac4 kernel-2.4.9-e.48.src.rpm athlon: 32482bbacba7aed44aea420da0ef1418 kernel-2.4.9-e.48.athlon.rpm 675a499b8c0225f35660ef9f0a72ec3d kernel-smp-2.4.9-e.48.athlon.rpm i386: e1b4abb4e387ef87f2ba6428783973f5 kernel-BOOT-2.4.9-e.48.i386.rpm 8c7745b52ed0732e3347a1beb3365cce kernel-doc-2.4.9-e.48.i386.rpm 1b3c3dab9a7a935c731fd38401ec2a2f kernel-headers-2.4.9-e.48.i386.rpm 34961632e9384621acd93e6a66d3731a kernel-source-2.4.9-e.48.i386.rpm i686: a3e6271399611b981291df8bcd992717 kernel-2.4.9-e.48.i686.rpm 3383e7a871f2ca6bf291efc571c9f159 kernel-debug-2.4.9-e.48.i686.rpm 71a58c709571f8ae8d313cf89d800c03 kernel-smp-2.4.9-e.48.i686.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/kernel-2.4.9-e.48.src.rpm 4d90231c550b10a94c3e612fc86bfac4 kernel-2.4.9-e.48.src.rpm athlon: 32482bbacba7aed44aea420da0ef1418 kernel-2.4.9-e.48.athlon.rpm 675a499b8c0225f35660ef9f0a72ec3d kernel-smp-2.4.9-e.48.athlon.rpm i386: e1b4abb4e387ef87f2ba6428783973f5 kernel-BOOT-2.4.9-e.48.i386.rpm 8c7745b52ed0732e3347a1beb3365cce kernel-doc-2.4.9-e.48.i386.rpm 1b3c3dab9a7a935c731fd38401ec2a2f kernel-headers-2.4.9-e.48.i386.rpm 34961632e9384621acd93e6a66d3731a kernel-source-2.4.9-e.48.i386.rpm i686: a3e6271399611b981291df8bcd992717 kernel-2.4.9-e.48.i686.rpm 3383e7a871f2ca6bf291efc571c9f159 kernel-debug-2.4.9-e.48.i686.rpm 5d08fb530d37c1e4bec8222fc6e8430b kernel-enterprise-2.4.9-e.48.i686.rpm 71a58c709571f8ae8d313cf89d800c03 kernel-smp-2.4.9-e.48.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key.html#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0535 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0587 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFBEAizXlSAg2UNWIIRAlyjAKCeXPS5K2ZegECyN21VgVDoqhz4bwCgsWL0 wOToQ66JFcgSHgUN25e/T70= =td70 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQRBdlyh9+71yA2DNAQI7QAP/RhxiS+X9mMkrABVQ4CUnuaLU6OQiLOcO 6pf/hotzPJnrCtZKiShHGyAOzR9uSPOfApTY0U2pnEUt3ZtTVTS4riBnL3iXNCTC d5IsUDn3M7PbC8phaRij9XvIRmQ/JrtpU80IltZbnLQN9Yn64Qw7NkoKpggSCQ5e C6tyOxkIUwk= =lTT4 -----END PGP SIGNATURE-----