Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2007.0332 -- [UNIX/Linux][RedHat] Moderate: evolution security update 31 May 2007 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: evolution Publisher: Red Hat Operating System: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 3 UNIX variants (UNIX, Linux, OSX) Impact: Access Privileged Data Access: Remote/Unauthenticated CVE Names: CVE-2007-1558 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2007-0344.html https://rhn.redhat.com/errata/RHSA-2007-0353.html Comment: This advisory references vulnerabilities in products which run on platforms other than Red Hat. It is recommended that administrators running evolution check for an updated version of the software for their operating system. Revision History: May 31 2007: Included a second advisory for RHE version 5. May 18 2007: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: evolution-data-server security update Advisory ID: RHSA-2007:0344-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0344.html Issue date: 2007-05-30 Updated on: 2007-05-30 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1558 - - --------------------------------------------------------------------- 1. Summary: Updated evolution-data-server package that fixes a security bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: The evolution-data-server package provides a unified backend for programs that work with contacts, tasks, and calendar information. A flaw was found in the way evolution-data-server processed certain APOP authentication requests. By sending certain responses when evolution-data-server attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558) All users of evolution-data-server should upgrade to these updated packages, which contain a backported patch which resolves this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 235289 - CVE-2007-1558 Evolution APOP information disclosure 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/evolution-data-server-1.8.0-15.0.3.el5.src.rpm 2dc38ea8fd12a3654ddf4bd36dd3f0c8 evolution-data-server-1.8.0-15.0.3.el5.src.rpm i386: 12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm x86_64: 12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm e9049a57a4a46768187c942d09ed18e1 evolution-data-server-1.8.0-15.0.3.el5.x86_64.rpm f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm 7f6536db1f877c1b4f7c741fa0d39205 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/evolution-data-server-1.8.0-15.0.3.el5.src.rpm 2dc38ea8fd12a3654ddf4bd36dd3f0c8 evolution-data-server-1.8.0-15.0.3.el5.src.rpm i386: f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm 85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm x86_64: f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm 7f6536db1f877c1b4f7c741fa0d39205 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.x86_64.rpm 85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm 89bff966c9bec550c442038a2028135c evolution-data-server-devel-1.8.0-15.0.3.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/evolution-data-server-1.8.0-15.0.3.el5.src.rpm 2dc38ea8fd12a3654ddf4bd36dd3f0c8 evolution-data-server-1.8.0-15.0.3.el5.src.rpm i386: 12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm 85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm ia64: 6ba76e70eb9826231d246797ab6b21c7 evolution-data-server-1.8.0-15.0.3.el5.ia64.rpm da4300ef017ecd2c01853894b47b2e6b evolution-data-server-debuginfo-1.8.0-15.0.3.el5.ia64.rpm 2662f80f6af03a05e2d064b2ace99c24 evolution-data-server-devel-1.8.0-15.0.3.el5.ia64.rpm ppc: 4539079a11bca9401812c12d59ceb6e1 evolution-data-server-1.8.0-15.0.3.el5.ppc.rpm 77b4f4f8897286bc0d10d51e32838572 evolution-data-server-1.8.0-15.0.3.el5.ppc64.rpm 4b37d2c9d8512fda671864484d550833 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.ppc.rpm 28cb1a7aad5d3be6adfe3e09009ddbb5 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.ppc64.rpm 179b33eab82f94e18069641ae5c252aa evolution-data-server-devel-1.8.0-15.0.3.el5.ppc.rpm 54367c5a72247c9acc6663e164fe8839 evolution-data-server-devel-1.8.0-15.0.3.el5.ppc64.rpm s390x: e845ec48cdc8df471d5d114a93e21344 evolution-data-server-1.8.0-15.0.3.el5.s390.rpm c0c440eb4ed5dd2d930434a3a92a8461 evolution-data-server-1.8.0-15.0.3.el5.s390x.rpm 1c4626a99ac75f4b68598e1c2c324b6a evolution-data-server-debuginfo-1.8.0-15.0.3.el5.s390.rpm e47ff2ee3fc82654354792db8cd458b1 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.s390x.rpm 8d834b7fe2e3c55da02516402f5b5970 evolution-data-server-devel-1.8.0-15.0.3.el5.s390.rpm 88b102e274ed7c5eac65147b3922b567 evolution-data-server-devel-1.8.0-15.0.3.el5.s390x.rpm x86_64: 12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm e9049a57a4a46768187c942d09ed18e1 evolution-data-server-1.8.0-15.0.3.el5.x86_64.rpm f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm 7f6536db1f877c1b4f7c741fa0d39205 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.x86_64.rpm 85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm 89bff966c9bec550c442038a2028135c evolution-data-server-devel-1.8.0-15.0.3.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGXUdIXlSAg2UNWIIRAnrDAJ9mWzvojb4apawWjXjflZqJmBn8mgCguT4t VnsUfW5asZrgUagXxmgkENc= =ZOfG - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: evolution security update Advisory ID: RHSA-2007:0353-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0353.html Issue date: 2007-05-17 Updated on: 2007-05-17 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1558 - - --------------------------------------------------------------------- 1. Summary: Updated evolution packages that fix a security bug are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Evolution is the GNOME collection of personal information management (PIM) tools. A flaw was found in the way Evolution processed certain APOP authentication requests. A remote attacker could potentially acquire certain portions of a user's authentication credentials by sending certain responses when evolution-data-server attempted to authenticate against an APOP server. (CVE-2007-1558) All users of Evolution should upgrade to these updated packages, which contain a backported patch which resolves this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 238565 - CVE-2007-1558 Evolution APOP information disclosure 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm i386: 65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm 934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm ia64: ed2bc1dfbec3cdce3c9776df9e5facdd evolution-1.4.5-20.el3.ia64.rpm e37fca949fbbbdf3d518c050cb36ce15 evolution-debuginfo-1.4.5-20.el3.ia64.rpm 781a27c5afa057b27e8d0d241559750d evolution-devel-1.4.5-20.el3.ia64.rpm ppc: 3ee9a25add5a42bf89e93a63ac3d91ef evolution-1.4.5-20.el3.ppc.rpm 7587d60586a60cb60afe27a07c436ad9 evolution-debuginfo-1.4.5-20.el3.ppc.rpm a17552a71ca70e285a129fc6c9e42d91 evolution-devel-1.4.5-20.el3.ppc.rpm s390: a95aab39409afe560a9d01d867d2a658 evolution-1.4.5-20.el3.s390.rpm bf061e59d63b1a725dafd0e3626a006a evolution-debuginfo-1.4.5-20.el3.s390.rpm 8cc741d3a5dfd223c085cd95dc16c8b6 evolution-devel-1.4.5-20.el3.s390.rpm s390x: 85cc84a449a757874ce6f2c8a4b638cb evolution-1.4.5-20.el3.s390x.rpm 91a0deb5ca3fbbd7c8738a9f4d1fc3cf evolution-debuginfo-1.4.5-20.el3.s390x.rpm a5d24149a144f570540506ed060f3d02 evolution-devel-1.4.5-20.el3.s390x.rpm x86_64: da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm 58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm i386: 65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm 934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm x86_64: da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm 58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm i386: 65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm 934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm ia64: ed2bc1dfbec3cdce3c9776df9e5facdd evolution-1.4.5-20.el3.ia64.rpm e37fca949fbbbdf3d518c050cb36ce15 evolution-debuginfo-1.4.5-20.el3.ia64.rpm 781a27c5afa057b27e8d0d241559750d evolution-devel-1.4.5-20.el3.ia64.rpm x86_64: da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm 58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm i386: 65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm 934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm ia64: ed2bc1dfbec3cdce3c9776df9e5facdd evolution-1.4.5-20.el3.ia64.rpm e37fca949fbbbdf3d518c050cb36ce15 evolution-debuginfo-1.4.5-20.el3.ia64.rpm 781a27c5afa057b27e8d0d241559750d evolution-devel-1.4.5-20.el3.ia64.rpm x86_64: da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm 58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm 886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm i386: 21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm 8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm 839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm ia64: 7c312e82153ef608c32a644ad65b3e70 evolution-2.0.2-35.0.2.el4.ia64.rpm 5c3cdd4d3f40e5e65b28bd3f403b356f evolution-debuginfo-2.0.2-35.0.2.el4.ia64.rpm f949e742c14f93535810aa8bb6b695c0 evolution-devel-2.0.2-35.0.2.el4.ia64.rpm ppc: 41279cc52d1f8bf006137019bdeec115 evolution-2.0.2-35.0.2.el4.ppc.rpm bf3972bed4b6ebb695012d1e80942df3 evolution-debuginfo-2.0.2-35.0.2.el4.ppc.rpm 0fa38e81f331db0f6d22f62167714413 evolution-devel-2.0.2-35.0.2.el4.ppc.rpm s390: 93fad9c3c62573cf366bcda9805b9c8d evolution-2.0.2-35.0.2.el4.s390.rpm 1533b1f9e19170581d4aa41646c02178 evolution-debuginfo-2.0.2-35.0.2.el4.s390.rpm 7905d268cfbbca40893cb1480c130b81 evolution-devel-2.0.2-35.0.2.el4.s390.rpm s390x: 4df2d5c1eeeadbd21a2ffdd69f66f91c evolution-2.0.2-35.0.2.el4.s390x.rpm 90e17288a99cb57b52261f5b3c80f950 evolution-debuginfo-2.0.2-35.0.2.el4.s390x.rpm abb56c486d2112fce800d612263586e0 evolution-devel-2.0.2-35.0.2.el4.s390x.rpm x86_64: 7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm 489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm 4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm 886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm i386: 21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm 8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm 839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm x86_64: 7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm 489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm 4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm 886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm i386: 21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm 8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm 839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm ia64: 7c312e82153ef608c32a644ad65b3e70 evolution-2.0.2-35.0.2.el4.ia64.rpm 5c3cdd4d3f40e5e65b28bd3f403b356f evolution-debuginfo-2.0.2-35.0.2.el4.ia64.rpm f949e742c14f93535810aa8bb6b695c0 evolution-devel-2.0.2-35.0.2.el4.ia64.rpm x86_64: 7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm 489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm 4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm 886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm i386: 21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm 8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm 839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm ia64: 7c312e82153ef608c32a644ad65b3e70 evolution-2.0.2-35.0.2.el4.ia64.rpm 5c3cdd4d3f40e5e65b28bd3f403b356f evolution-debuginfo-2.0.2-35.0.2.el4.ia64.rpm f949e742c14f93535810aa8bb6b695c0 evolution-devel-2.0.2-35.0.2.el4.ia64.rpm x86_64: 7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm 489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm 4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGTGrKXlSAg2UNWIIRAqUxAKCOs8EDnpP84DSmjcoBuCHRLStx4QCggP04 ac+P0AERa1bBLmmr54glUvs= =bqxI - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRl4G9Sh9+71yA2DNAQL6CAQAjmxZUt+1DeQr8LaZrjJJwUTaO+uAScZ5 UX02dRkaz6Bm+Rnn09+Iv4OBrUyd+iS12YuYpIwkxPUt5vszESsgn8AobsuBKQ2w 6y1+e47ZjLjyFy4kkPVE8PQMn94Sj734zVloKnLHb9oFo+SJQ9p6IcPxC6m0N4zp 6zaHabB5Q3c= =jwMP -----END PGP SIGNATURE-----