Operating System:

[RedHat]

Published:

07 August 2007

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                         ESB-2007.0593 -- [RedHat]
       Critical: java-1.5.0-sun and java-1.4.2-ibm security updates
                               7 August 2007

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              java-1.5.0-sun
                      java-1.4.2-ibm
Publisher:            Red Hat
Operating System:     Red Hat Enterprise Linux 3, 4 and 5
Impact:               Execute Arbitrary Code/Commands
                      Inappropriate Access
                      Cross-site Scripting
                      Denial of Service
Access:               Remote/Unauthenticated
CVE Names:            CVE-2007-3922 CVE-2007-3698 CVE-2007-3655
                      CVE-2007-3503 CVE-2007-3005 CVE-2007-3004
                      CVE-2007-2435

Ref:                  AL-2007.0071
                      ESB-2007.0286
                      ESB-2007.0491
                      ESB-2007.0515
                      ESB-2007.0544

Original Bulletin:    https://rhn.redhat.com/errata/RHSA-2007-0817.html
                      https://rhn.redhat.com/errata/RHSA-2007-0818.html

Comment: This bulletin contains two separate Red Hat advisories, for
         vulnerabilities in both Sun and IBM Java packages.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Critical: java-1.5.0-sun security update
Advisory ID:       RHSA-2007:0818-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0818.html
Issue date:        2007-08-06
Updated on:        2007-08-06
Product:           Red Hat Enterprise Linux Extras
CVE Names:         CVE-2007-3503 CVE-2007-3655 CVE-2007-3698 
                   CVE-2007-3922 
- - ---------------------------------------------------------------------

1. Summary:

Updated java-1.5.0-sun packages that correct several security issues are
available for Red Hat Enterprise Linux 4 Extras.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64

3. Problem description:

The Java Runtime Environment (JRE) contains the software and tools
that users need to run applets and applications written using the Java
programming language.

The Javadoc tool was able to generate HTML documentation pages that
contained cross-site scripting (XSS) vulnerabilities.  A remote attacker
could use this to inject arbitrary web script or HTML. (CVE-2007-3503)

The Java Web Start URL parsing component contained a buffer overflow
vulnerability within the parsing code for JNLP files. A remote attacker
could create a malicious JNLP file that could trigger this flaw and execute
arbitrary code when opened. (CVE-2007-3655)

The JSSE component did not correctly process SSL/TLS handshake requests. A
remote attacker who is able to connect to a JSSE-based service could
trigger this flaw leading to a denial-of-service. (CVE-2007-3698)

A flaw was found in the applet class loader. An untrusted applet could use
this flaw to circumvent network access restrictions, possibly connecting to
services hosted on the machine that executed the applet. (CVE-2007-3922)

All users of java-sun-1.5.0 should upgrade to these packages, which contain
Sun Java 1.5.0 Update 12 that corrects these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

246765 - CVE-2007-3503 HTML files generated with Javadoc are vulnerable to a XSS
248864 - CVE-2007-3655 A buffer overflow vulnerability in Java Web Start URL parsing code
249533 - CVE-2007-3922 Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions
249539 - CVE-2007-3698 Java Secure Socket Extension Does Not Correctly Process SSL/TLS Handshake Requests Resulting in a Denial of Service (DoS) Condition

6. RPMs required:

Red Hat Enterprise Linux AS version 4 Extras:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS-LACD/en/os/SRPMS/java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm
b7f11fc62108de501691fe189ff28d4d  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm

i386:
5288f89064913e18146ab506c59b9f21  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.i586.rpm
f5348203e78aa64ad19435b0648feaac  java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.i586.rpm
83ce83af56148830f7f180c3a130b2ff  java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.i586.rpm
5e35a59d97f96e946e6041029dc2c18e  java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.i586.rpm
e8523c770f5d5e132f805a412de1e4d4  java-1.5.0-sun-plugin-1.5.0.12-1jpp.2.el4.i586.rpm
47475bcd46e37bad046fa7eb26e75c83  java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.i586.rpm

x86_64:
c75ff10faf480c14455e17d19429e762  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.x86_64.rpm
ee527a32217fb56fce9c52080959cd2a  java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.x86_64.rpm
294fbe07c37991b3757e30926b1b9c46  java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.x86_64.rpm
8280e5a0c39c55fd8c4cedf1ad0f8b23  java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.x86_64.rpm
60247d67a91aac8d1bc998c4a076bfab  java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.x86_64.rpm

Red Hat Desktop version 4 Extras:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop-LACD/en/os/SRPMS/java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm
b7f11fc62108de501691fe189ff28d4d  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm

i386:
5288f89064913e18146ab506c59b9f21  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.i586.rpm
f5348203e78aa64ad19435b0648feaac  java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.i586.rpm
83ce83af56148830f7f180c3a130b2ff  java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.i586.rpm
5e35a59d97f96e946e6041029dc2c18e  java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.i586.rpm
e8523c770f5d5e132f805a412de1e4d4  java-1.5.0-sun-plugin-1.5.0.12-1jpp.2.el4.i586.rpm
47475bcd46e37bad046fa7eb26e75c83  java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.i586.rpm

x86_64:
c75ff10faf480c14455e17d19429e762  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.x86_64.rpm
ee527a32217fb56fce9c52080959cd2a  java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.x86_64.rpm
294fbe07c37991b3757e30926b1b9c46  java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.x86_64.rpm
8280e5a0c39c55fd8c4cedf1ad0f8b23  java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.x86_64.rpm
60247d67a91aac8d1bc998c4a076bfab  java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4 Extras:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES-LACD/en/os/SRPMS/java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm
b7f11fc62108de501691fe189ff28d4d  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm

i386:
5288f89064913e18146ab506c59b9f21  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.i586.rpm
f5348203e78aa64ad19435b0648feaac  java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.i586.rpm
83ce83af56148830f7f180c3a130b2ff  java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.i586.rpm
5e35a59d97f96e946e6041029dc2c18e  java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.i586.rpm
e8523c770f5d5e132f805a412de1e4d4  java-1.5.0-sun-plugin-1.5.0.12-1jpp.2.el4.i586.rpm
47475bcd46e37bad046fa7eb26e75c83  java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.i586.rpm

x86_64:
c75ff10faf480c14455e17d19429e762  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.x86_64.rpm
ee527a32217fb56fce9c52080959cd2a  java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.x86_64.rpm
294fbe07c37991b3757e30926b1b9c46  java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.x86_64.rpm
8280e5a0c39c55fd8c4cedf1ad0f8b23  java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.x86_64.rpm
60247d67a91aac8d1bc998c4a076bfab  java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4 Extras:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS-LACD/en/os/SRPMS/java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm
b7f11fc62108de501691fe189ff28d4d  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm

i386:
5288f89064913e18146ab506c59b9f21  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.i586.rpm
f5348203e78aa64ad19435b0648feaac  java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.i586.rpm
83ce83af56148830f7f180c3a130b2ff  java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.i586.rpm
5e35a59d97f96e946e6041029dc2c18e  java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.i586.rpm
e8523c770f5d5e132f805a412de1e4d4  java-1.5.0-sun-plugin-1.5.0.12-1jpp.2.el4.i586.rpm
47475bcd46e37bad046fa7eb26e75c83  java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.i586.rpm

x86_64:
c75ff10faf480c14455e17d19429e762  java-1.5.0-sun-1.5.0.12-1jpp.2.el4.x86_64.rpm
ee527a32217fb56fce9c52080959cd2a  java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.x86_64.rpm
294fbe07c37991b3757e30926b1b9c46  java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.x86_64.rpm
8280e5a0c39c55fd8c4cedf1ad0f8b23  java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.x86_64.rpm
60247d67a91aac8d1bc998c4a076bfab  java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3922
http://www.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFGt0YXXlSAg2UNWIIRAk7tAJ4wLagbEKeTr3fPQCHCK+5w8zsChwCfYVxP
H5TPuAgc84HW7J2MnUkWBwA=
=hN/8
- -----END PGP SIGNATURE-----



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Critical: java-1.4.2-ibm security update
Advisory ID:       RHSA-2007:0817-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0817.html
Issue date:        2007-08-06
Updated on:        2007-08-06
Product:           Red Hat Enterprise Linux Extras
CVE Names:         CVE-2007-2435 CVE-2007-3004 CVE-2007-3005 
- - ---------------------------------------------------------------------

1. Summary:

Updated java-1.4.2-ibm packages to correct a set of security issues 
are now available for Red Hat Enterprise Linux 3 and 4 Extras and Red Hat
Enterprise Linux 5 Supplementary.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 Extras - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 Extras - i386, x86_64
Red Hat Enterprise Linux ES version 3 Extras - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 Extras - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, ia64, x86_64
RHEL Desktop Supplementary (v. 5 client) - i386, x86_64
RHEL Supplementary (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

IBM's 1.4.2 SR9 Java release includes the IBM Java 2 Runtime Environment
and the IBM Java 2 Software Development Kit.

A security vulnerability in the Java Web Start component was discovered. 
An untrusted application could elevate it's privileges and read and write
local files that are accessible to the user running the Java Web Start
application. (CVE-2007-2435)

A buffer overflow in the image code JRE was found. An untrusted
applet or application could use this flaw to elevate its privileges and
potentially execute arbitrary code as the user running the java virtual
machine. (CVE-2007-3004)

An unspecified vulnerability was discovered in the Java Runtime
Environment. An untrusted applet or application could cause the java
virtual machine to become unresponsive. (CVE-2007-3005)

All users of java-1.4.2-ibm should upgrade to these updated packages, 
which contain IBM's 1.4.2 SR9 Java release that resolves these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

239660 - CVE-2007-2435 javaws vulnerabilities
242595 - CVE-2007-3004 Integer overflow in IBM JDK's ICC profile parser
250733 - CVE-2007-3005 Unspecified vulnerability in Sun JRE

6. RPMs required:

Red Hat Enterprise Linux AS version 3 Extras:

i386:
04d6aaa0e35b72a9fcbb26556e71d275  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.i386.rpm
af77d5f5efc2045d1de2081d1f7d2877  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.i386.rpm
97c5722ffe804320d3b2b95d4bbabe14  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.i386.rpm
3b8d8baba5c1f8683e7e7169316e3f7b  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.i386.rpm
98be4d2efd4207eb5c14af2a1ed01273  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el3.i386.rpm
7abcc004e56e3ef9b5d25f1d44a27ac4  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.i386.rpm

ia64:
28fd99945922f62819cdde53dc8c26f2  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.ia64.rpm
9f3422da8ff2ee61cde668980a969f6b  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.ia64.rpm
9cc9e19e8ee61b664509b79205b00c67  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.ia64.rpm
bbc24a0238d1049c76aa77b9170f48a7  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.ia64.rpm

ppc:
eea69ed310a82c164df1b4b57110df9b  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.ppc.rpm
ee44bc2fdc05ba8ad0d9b2af4c8cad56  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.ppc.rpm
13b485208b33de64bb321f4529737a38  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.ppc.rpm
e6b9678c457b74b1402849110c1dd7b6  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.ppc.rpm
f909cd07c1e2fbb4df8c43b2ca454bef  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.ppc.rpm

s390:
698b798d3149ad6868dc16e5ead5f412  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.s390.rpm
1a33df8f327b8f5de85a1fda08b12bac  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.s390.rpm
0832912c6cfdcd49c86ee807c9dfa683  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.s390.rpm
104da246f95aad972d70e691ac3a29de  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.s390.rpm
28309a6e082b8bc8f789681a8af6f19b  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.s390.rpm

s390x:
3557540555757add01b2ae6fda4ff0f9  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.s390x.rpm
b7c0d9ed6dd2bc96e81a6eb0362d9748  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.s390x.rpm
76dd258107957a7f89d7e08d49fd6314  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.s390x.rpm
7dc3ebff448fad2d338e206271b58304  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.s390x.rpm

x86_64:
6830bcddf09b1f5b3ea96108fc948dbf  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.x86_64.rpm
d37b3a02f640c144db3e5109ff378bb2  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.x86_64.rpm
c21b94384213124b94888334e3813ead  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.x86_64.rpm
c15efbe3f0688159bd2569ec66271c75  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.x86_64.rpm

Red Hat Desktop version 3 Extras:

i386:
04d6aaa0e35b72a9fcbb26556e71d275  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.i386.rpm
af77d5f5efc2045d1de2081d1f7d2877  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.i386.rpm
97c5722ffe804320d3b2b95d4bbabe14  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.i386.rpm
3b8d8baba5c1f8683e7e7169316e3f7b  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.i386.rpm
98be4d2efd4207eb5c14af2a1ed01273  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el3.i386.rpm
7abcc004e56e3ef9b5d25f1d44a27ac4  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.i386.rpm

x86_64:
6830bcddf09b1f5b3ea96108fc948dbf  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.x86_64.rpm
d37b3a02f640c144db3e5109ff378bb2  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.x86_64.rpm
c21b94384213124b94888334e3813ead  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.x86_64.rpm
c15efbe3f0688159bd2569ec66271c75  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.x86_64.rpm

Red Hat Enterprise Linux ES version 3 Extras:

i386:
04d6aaa0e35b72a9fcbb26556e71d275  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.i386.rpm
af77d5f5efc2045d1de2081d1f7d2877  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.i386.rpm
97c5722ffe804320d3b2b95d4bbabe14  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.i386.rpm
3b8d8baba5c1f8683e7e7169316e3f7b  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.i386.rpm
98be4d2efd4207eb5c14af2a1ed01273  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el3.i386.rpm
7abcc004e56e3ef9b5d25f1d44a27ac4  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.i386.rpm

ia64:
28fd99945922f62819cdde53dc8c26f2  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.ia64.rpm
9f3422da8ff2ee61cde668980a969f6b  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.ia64.rpm
9cc9e19e8ee61b664509b79205b00c67  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.ia64.rpm
bbc24a0238d1049c76aa77b9170f48a7  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.ia64.rpm

x86_64:
6830bcddf09b1f5b3ea96108fc948dbf  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.x86_64.rpm
d37b3a02f640c144db3e5109ff378bb2  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.x86_64.rpm
c21b94384213124b94888334e3813ead  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.x86_64.rpm
c15efbe3f0688159bd2569ec66271c75  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.x86_64.rpm

Red Hat Enterprise Linux WS version 3 Extras:

i386:
04d6aaa0e35b72a9fcbb26556e71d275  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.i386.rpm
af77d5f5efc2045d1de2081d1f7d2877  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.i386.rpm
97c5722ffe804320d3b2b95d4bbabe14  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.i386.rpm
3b8d8baba5c1f8683e7e7169316e3f7b  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.i386.rpm
98be4d2efd4207eb5c14af2a1ed01273  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el3.i386.rpm
7abcc004e56e3ef9b5d25f1d44a27ac4  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.i386.rpm

ia64:
28fd99945922f62819cdde53dc8c26f2  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.ia64.rpm
9f3422da8ff2ee61cde668980a969f6b  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.ia64.rpm
9cc9e19e8ee61b664509b79205b00c67  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.ia64.rpm
bbc24a0238d1049c76aa77b9170f48a7  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.ia64.rpm

x86_64:
6830bcddf09b1f5b3ea96108fc948dbf  java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.x86_64.rpm
d37b3a02f640c144db3e5109ff378bb2  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.x86_64.rpm
c21b94384213124b94888334e3813ead  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.x86_64.rpm
c15efbe3f0688159bd2569ec66271c75  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.x86_64.rpm

Red Hat Enterprise Linux AS version 4 Extras:

i386:
dc5c639d0ffc69a9dc6054986d0f7475  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.i386.rpm
30077208696e807cc3fd50c1af192de8  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.i386.rpm
fef1778b81adb71eb73437cfb4375892  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.i386.rpm
c03b768872cd8eccb3cddc98c2654408  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.i386.rpm
550ff485591ba3c3d79eec5cdf305592  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.i386.rpm
7c14ae33ef713e6fdddd8093595712c6  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el4.i386.rpm
a882f82ec8215d688376b61186c73c7d  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.i386.rpm

ia64:
200cef2c0b764383cc9b00c0131eced0  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.ia64.rpm
92ad04fc150ff942b5fbd02de914476a  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.ia64.rpm
b39d988fb71a3ad7f3b94cee4a73337a  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.ia64.rpm
fbd5ac19e981070bed2eecd9c4dfccc7  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.ia64.rpm

ppc:
f8b356b07b6edd2af7dd7b5ca19b36e5  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.ppc.rpm
4c482370c1a6fc4f71d8885a8598002b  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.ppc.rpm
6a5b40eac28f8899e3ad9378aff01fcc  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.ppc.rpm
9e812a14d0adbda73ee7893be0a1afe9  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.ppc.rpm
e9d869110b70abe0a18c27113f239ef8  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.ppc.rpm
c6a5ad813da228bcbbb6445ff8861817  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.ppc.rpm

s390:
8f039da92cf7abe6975859305066c6e7  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.s390.rpm
5587c21573c5de701892f00afdd52eaa  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.s390.rpm
0cc40a77b459ba9df3c4afcff24b9288  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.s390.rpm
fb72a845f271dab0536f7ec6948b0547  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.s390.rpm
92aaa906ec0ba878f8cf13af190dbfed  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.s390.rpm

s390x:
1e475ebdb1de79748e624a8b2e9874b4  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.s390x.rpm
5d0db452691514a9f71308bd586793b1  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.s390x.rpm
19a8570abda75c4e9695d57c7cf726f0  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.s390x.rpm
133e3831107a210bb5025a655f86bd83  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.s390x.rpm

x86_64:
4c6ea77f4aa9dee1d179eed9ba430505  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.x86_64.rpm
2ee0348630bfcbebca49f76786061eb8  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.x86_64.rpm
30c9b862fed96cf27f71090b86c72064  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.x86_64.rpm
60f014e4fa9795fcca9437b337fbe6ed  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.x86_64.rpm
837efa21fabbea9845bde8aa6a6a1fda  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.x86_64.rpm

Red Hat Desktop version 4 Extras:

i386:
dc5c639d0ffc69a9dc6054986d0f7475  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.i386.rpm
30077208696e807cc3fd50c1af192de8  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.i386.rpm
fef1778b81adb71eb73437cfb4375892  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.i386.rpm
c03b768872cd8eccb3cddc98c2654408  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.i386.rpm
550ff485591ba3c3d79eec5cdf305592  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.i386.rpm
7c14ae33ef713e6fdddd8093595712c6  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el4.i386.rpm
a882f82ec8215d688376b61186c73c7d  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.i386.rpm

x86_64:
4c6ea77f4aa9dee1d179eed9ba430505  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.x86_64.rpm
2ee0348630bfcbebca49f76786061eb8  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.x86_64.rpm
30c9b862fed96cf27f71090b86c72064  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.x86_64.rpm
60f014e4fa9795fcca9437b337fbe6ed  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.x86_64.rpm
837efa21fabbea9845bde8aa6a6a1fda  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4 Extras:

i386:
dc5c639d0ffc69a9dc6054986d0f7475  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.i386.rpm
30077208696e807cc3fd50c1af192de8  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.i386.rpm
fef1778b81adb71eb73437cfb4375892  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.i386.rpm
c03b768872cd8eccb3cddc98c2654408  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.i386.rpm
550ff485591ba3c3d79eec5cdf305592  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.i386.rpm
7c14ae33ef713e6fdddd8093595712c6  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el4.i386.rpm
a882f82ec8215d688376b61186c73c7d  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.i386.rpm

ia64:
200cef2c0b764383cc9b00c0131eced0  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.ia64.rpm
92ad04fc150ff942b5fbd02de914476a  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.ia64.rpm
b39d988fb71a3ad7f3b94cee4a73337a  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.ia64.rpm
fbd5ac19e981070bed2eecd9c4dfccc7  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.ia64.rpm

x86_64:
4c6ea77f4aa9dee1d179eed9ba430505  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.x86_64.rpm
2ee0348630bfcbebca49f76786061eb8  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.x86_64.rpm
30c9b862fed96cf27f71090b86c72064  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.x86_64.rpm
60f014e4fa9795fcca9437b337fbe6ed  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.x86_64.rpm
837efa21fabbea9845bde8aa6a6a1fda  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4 Extras:

i386:
dc5c639d0ffc69a9dc6054986d0f7475  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.i386.rpm
30077208696e807cc3fd50c1af192de8  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.i386.rpm
fef1778b81adb71eb73437cfb4375892  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.i386.rpm
c03b768872cd8eccb3cddc98c2654408  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.i386.rpm
550ff485591ba3c3d79eec5cdf305592  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.i386.rpm
7c14ae33ef713e6fdddd8093595712c6  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el4.i386.rpm
a882f82ec8215d688376b61186c73c7d  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.i386.rpm

ia64:
200cef2c0b764383cc9b00c0131eced0  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.ia64.rpm
92ad04fc150ff942b5fbd02de914476a  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.ia64.rpm
b39d988fb71a3ad7f3b94cee4a73337a  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.ia64.rpm
fbd5ac19e981070bed2eecd9c4dfccc7  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.ia64.rpm

x86_64:
4c6ea77f4aa9dee1d179eed9ba430505  java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.x86_64.rpm
2ee0348630bfcbebca49f76786061eb8  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.x86_64.rpm
30c9b862fed96cf27f71090b86c72064  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.x86_64.rpm
60f014e4fa9795fcca9437b337fbe6ed  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.x86_64.rpm
837efa21fabbea9845bde8aa6a6a1fda  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.x86_64.rpm

RHEL Desktop Supplementary (v. 5 client):

i386:
09116a45671e40aa02acb83b8d0a274c  java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.i386.rpm
e4e6fa8acec2491b79b7134e93fcab90  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.i386.rpm
f9eeab316a0b44cc847964ae1d65a753  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.i386.rpm
d212edbfd0055954b5b5694a279be44b  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.i386.rpm
c3f8887f3e6446838b3d53422b3a3801  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.i386.rpm
0b164d3ebdb9a1d4ee716ac48815b20f  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el5.i386.rpm
dc72bb7d22d3404f9b0d201ecf648840  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.i386.rpm

x86_64:
09116a45671e40aa02acb83b8d0a274c  java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.i386.rpm
32e854ab75529c0b12ffa6eb24b56c96  java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.x86_64.rpm
e4e6fa8acec2491b79b7134e93fcab90  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.i386.rpm
dfe142d85599cc1c9284a36585510002  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.x86_64.rpm
f9eeab316a0b44cc847964ae1d65a753  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.i386.rpm
18abda7de9e8e1c76289968b8ce70c41  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.x86_64.rpm
d212edbfd0055954b5b5694a279be44b  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.i386.rpm
afaa3ad14061190b608695a156814ff4  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.x86_64.rpm
c3f8887f3e6446838b3d53422b3a3801  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.i386.rpm
0b164d3ebdb9a1d4ee716ac48815b20f  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el5.i386.rpm
dc72bb7d22d3404f9b0d201ecf648840  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.i386.rpm
02a72071be89fc4cfaf2ecdc1ec0eb57  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.x86_64.rpm

RHEL Supplementary (v. 5 server):

i386:
09116a45671e40aa02acb83b8d0a274c  java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.i386.rpm
e4e6fa8acec2491b79b7134e93fcab90  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.i386.rpm
f9eeab316a0b44cc847964ae1d65a753  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.i386.rpm
d212edbfd0055954b5b5694a279be44b  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.i386.rpm
c3f8887f3e6446838b3d53422b3a3801  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.i386.rpm
0b164d3ebdb9a1d4ee716ac48815b20f  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el5.i386.rpm
dc72bb7d22d3404f9b0d201ecf648840  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.i386.rpm

ia64:
57dba8bc18e836f7179b11115a213f49  java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.ia64.rpm
3173f4e9b97ef2f7df3540c4170c973b  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.ia64.rpm
c1800547b9f47ca93b7686b57316d41d  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.ia64.rpm
253f413e52a0fdf89cd07fac94ec5e9d  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.ia64.rpm

ppc:
1965d15b0c908cc9d07a48696fdbb9a3  java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.ppc.rpm
a6d6153b3d25af95933454b31197fb0d  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.ppc.rpm
0b43e5c4c4fa3c5c76cf6d34808b3e1b  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.ppc.rpm
4d5417ee08f04e3c12f681915fd5dbca  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.ppc.rpm
b0792fc9e2ca0a01be794b2a4b296fea  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.ppc.rpm
2d2af04c794a99cf75f377c62fe9de13  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.ppc.rpm

s390x:
bf0da84249812dec7a4dbd35a1abda89  java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.s390.rpm
ae355d6314ab28f7095019cddeec4c2c  java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.s390x.rpm
3b5664fea9196ae82ce73cc91bb2e35e  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.s390.rpm
fc727367c7a3b824399d01a0af29b5bb  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.s390x.rpm
1d40bcc2eb48e69f6e099dff5251be6a  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.s390.rpm
1efe6724c6fb070f654ca5755aeae5fe  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.s390x.rpm
42a212086a95424bd78c3301fc2195ed  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.s390.rpm
8c669c0fc5d078e549a78a394b1904bf  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.s390.rpm
45f128e1c8763bbb27566367fed6adcb  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.s390x.rpm

x86_64:
09116a45671e40aa02acb83b8d0a274c  java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.i386.rpm
32e854ab75529c0b12ffa6eb24b56c96  java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.x86_64.rpm
e4e6fa8acec2491b79b7134e93fcab90  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.i386.rpm
dfe142d85599cc1c9284a36585510002  java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.x86_64.rpm
f9eeab316a0b44cc847964ae1d65a753  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.i386.rpm
18abda7de9e8e1c76289968b8ce70c41  java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.x86_64.rpm
d212edbfd0055954b5b5694a279be44b  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.i386.rpm
afaa3ad14061190b608695a156814ff4  java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.x86_64.rpm
c3f8887f3e6446838b3d53422b3a3801  java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.i386.rpm
0b164d3ebdb9a1d4ee716ac48815b20f  java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el5.i386.rpm
dc72bb7d22d3404f9b0d201ecf648840  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.i386.rpm
02a72071be89fc4cfaf2ecdc1ec0eb57  java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3005
http://www.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFGt0YKXlSAg2UNWIIRAjFaAJ9xQ+XxjrkKzadAQOQBHMZDUFHTbACgu9CI
T6Bze0TcMY1aeR+D9CG5oXY=
=D7qk
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRrfHPyh9+71yA2DNAQKtowP+OGTz2sFp1ZeJLnWHlS/bHk4o1R10clVS
z9+nAXrhh0IjmCv/oZQwc2S5F1xUC8/8A9svt6zbaImi7+IX8HKeS186WlCBCuwJ
9U4g+r4jlk3DEoIXVKQcVuWhA/Wpju39lTrwDElEdulK2LDiaCK5II8Ih7y4rEQA
r/9JJ8gx4w0=
=jNbv
-----END PGP SIGNATURE-----