-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2012.0581
         Moderate: Red Hat Enterprise Linux 6 kernel security, bug
                        fix and enhancement update
                               21 June 2012

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 6
                   Red Hat Enterprise Linux WS/Desktop 6
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2011-4131 CVE-2011-1083 

Reference:         ESB-2012.0221
                   ESB-2012.0202

Original Bulletin: 
   https://rhn.redhat.com/errata/RHSA-2012-0862.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: Red Hat Enterprise Linux 6 kernel security, bug fix and enhancement update
Advisory ID:       RHSA-2012:0862-04
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2012-0862.html
Issue date:        2012-06-20
CVE Names:         CVE-2011-1083 CVE-2011-4131 
=====================================================================

1. Summary:

Updated kernel packages that fix two security issues, address several
hundred bugs and add numerous enhancements are now available as part of the
ongoing support and maintenance of Red Hat Enterprise Linux version 6. This
is the third regular update.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* A flaw was found in the way the Linux kernel's Event Poll (epoll)
subsystem handled large, nested epoll structures. A local, unprivileged
user could use this flaw to cause a denial of service. (CVE-2011-1083,
Moderate)

* A malicious Network File System version 4 (NFSv4) server could return a
crafted reply to a GETACL request, causing a denial of service on the
client. (CVE-2011-4131, Moderate)

Red Hat would like to thank Nelson Elhage for reporting CVE-2011-1083, and
Andy Adamson for reporting CVE-2011-4131.

This update also fixes several hundred bugs and adds enhancements. Refer to
the Red Hat Enterprise Linux 6.3 Release Notes for information on the most
significant of these changes, and the Technical Notes for further
information, both linked to in the References.

All Red Hat Enterprise Linux 6 users are advised to install these updated
packages, which correct these issues, and fix the bugs and add the
enhancements noted in the Red Hat Enterprise Linux 6.3 Release Notes and
Technical Notes. The system must be rebooted for this update to take
effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

542378 - fix suspend to disk of virtio block
596419 - capability check in pci_read_config() bypasses lsm/selinux
623913 - [virtio] virtio-serial doesn't work after s3/s4 in kvm guest.
624189 - [virtio] virtio-balloon doesn't work after s3/s4 in kvm guest.
624756 - idle time accounted for twice in /proc/stat for Xen guest
645365 - KVM: Implement emulation of emulated virtual PMU
681578 - CVE-2011-1083 kernel: excessive in kernel CPU consumption when creating large nested epoll structures
694801 - Guest fail to resume from S4 if guest using kvmclock
726369 - host reboot auto when run guest with cgroup charge_migrate enabled
727700 - Anomaly in mbind memory map causing Java Hotspot JVM Seg fault with NUMA aware ParallelScavange GC
729586 - xen: fix drive naming
735105 - ext4 corruption via Ceph userspace program
738151 - xHCI driver died after times of attach/detach usb3 hub(with usb3 device) from usb3 root hub
745713 - command-line clocksource override fails
745775 - Unable to unmount autofs filesystems inside a container
745952 - cxgb4: remove forgotten real_num_tx_queues inicialization
746929 - nVidia NVS 300 -- won't boot
747034 - nVidia NVS 450 -- won't boot
747106 - CVE-2011-4131 kernel: nfs4_getfacl decoding kernel oops
749117 - extN: new file created even if open(2) returned -EPERM
752137 - memcg: catch memcg page accounting leaks in debug kernel
755046 - max_segments in dm is always 128
756307 - Failed to boot RHEL6.2 hvm guest with three NICs when using xvdx disk
757040 - Network RPS miscellaneous bugs, RPS unusable
758707 - hpsa: Add IRQF_SHARED back in for the non-MSI(X) interrupt handler
766554 - ecryptfs keeps directory busy even after umount
767992 - nfnetlink_log.h - missing definitions in userspace
769652 - scsi_alloc_sdev can leak memory
770250 - readdir64_r calls fail with ELOOP
772317 - Disable LRO for all NICs that have LRO enabled
772874 - cifs: multiple process stuck waiting for page lock
773219 - Detach a busy block device for 64 bit pv guest sometimes crash
773705 - cifs: i/o error on copying file > 102336 bytes
781524 - AMD IOMMU driver hands out dma handles that are in the MSI address range
784351 - IMA audit events don't show success correctly
784856 - KVM: expose FMA4 & TBM to guest
786149 - CIFS DFS doesn't work in kernel versions 2.6.32-220.x.x.el6.x86_64
786610 - PCI device reset can cause a kernel bug
786693 - Fix recently identified races within the autofs kernel wait code
788562 - kvm guest hangs when hot-plugged vcpu is onlined due to uninitialized hv_clock
790418 - Request for kernal ABI additions
790961 - pNFS: Auto-load the pNFS kernel module
796099 - add myri10ge firmware
799075 - Fix setting of bio flags
800041 - iSER (iscsi rdma) connection can get broken as of missing receive buffers
801111 - [Mellanox 6.3 Feature]: update mlx4_en driver to support SRIOV
803132 - [Kernel-251] Guest got reboot instead of wakeup after resume from S3 with kvmclock
803187 - Guest mouse and keyboard got unresponsive after resume from S3 with virtio devices
803239 - Call Trace when use netfront NIC on RHEL6.3 HVM guest with xen_emul_unplug=never
803620 - backport vpmu fixes from upstream
807215 - after host S4  the guest can not work normally
807354 - xenpv guests fail to find root device
808571 - rhel 6.3 -- add relevant wireless fixes from upstream 3.2.y tree
809231 - merged back raid image (with change tracking) doesn't appear to get synced properly
810222 - Revert "[virt] xen: mask MTRR feature from guest BZ#750758"
811669 - Suspend/resume of an out-of-sync RAID LV will cause the sync process to stall
812259 - add option to disable 5GHz band to iwlwifi
813550 - [REGRESSION] be2iscsi: fix softirq errors when logging in and doing IO
813678 - [FCoE Target] Please disable debug logging of "tcm_fc" "ft_dump_cmd 2700002a 00009aba 000000bc 00000000"
813948 - DM RAID: Reintegrating RAID1 devices causes fullsync even when partial would do
814302 - large writes to ext4 may return incorrect value
815751 - cifs: Show backupuid/gid in /proc/mounts
815785 - kdump fails with lapic error in xen hvm guest
816099 - Guest doesn't let host know of open virtio console ports after resume
816569 - Cannot un/mute audio via alsamixer for HDA codec CX20561 (Hermosa)
817236 - Regression since 2.6.32-266.el6  AMD host writes 150+ GB dmesg logs
818371 - kernel crashes when snapshots of mounted raid volumes are taken
820507 - idle field does not increase monotonically in /proc/stat
822189 - [RHEL6.3][kernel debug] Connectathon 'Special' test failures NFSv2,3
824287 - [REGRESSION] be2iscsi: fix dma free size mismatch

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-279.el6.src.rpm

i386:
kernel-2.6.32-279.el6.i686.rpm
kernel-debug-2.6.32-279.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debug-devel-2.6.32-279.el6.i686.rpm
kernel-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-279.el6.i686.rpm
kernel-devel-2.6.32-279.el6.i686.rpm
kernel-headers-2.6.32-279.el6.i686.rpm
perf-2.6.32-279.el6.i686.rpm
perf-debuginfo-2.6.32-279.el6.i686.rpm
python-perf-debuginfo-2.6.32-279.el6.i686.rpm

noarch:
kernel-doc-2.6.32-279.el6.noarch.rpm
kernel-firmware-2.6.32-279.el6.noarch.rpm

x86_64:
kernel-2.6.32-279.el6.x86_64.rpm
kernel-debug-2.6.32-279.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debug-devel-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-279.el6.x86_64.rpm
kernel-devel-2.6.32-279.el6.x86_64.rpm
kernel-headers-2.6.32-279.el6.x86_64.rpm
perf-2.6.32-279.el6.x86_64.rpm
perf-debuginfo-2.6.32-279.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-279.el6.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-279.el6.src.rpm

i386:
kernel-debug-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-279.el6.i686.rpm
perf-debuginfo-2.6.32-279.el6.i686.rpm
python-perf-2.6.32-279.el6.i686.rpm
python-perf-debuginfo-2.6.32-279.el6.i686.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-279.el6.x86_64.rpm
perf-debuginfo-2.6.32-279.el6.x86_64.rpm
python-perf-2.6.32-279.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-279.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-279.el6.src.rpm

noarch:
kernel-doc-2.6.32-279.el6.noarch.rpm
kernel-firmware-2.6.32-279.el6.noarch.rpm

x86_64:
kernel-2.6.32-279.el6.x86_64.rpm
kernel-debug-2.6.32-279.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debug-devel-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-279.el6.x86_64.rpm
kernel-devel-2.6.32-279.el6.x86_64.rpm
kernel-headers-2.6.32-279.el6.x86_64.rpm
perf-2.6.32-279.el6.x86_64.rpm
perf-debuginfo-2.6.32-279.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-279.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-279.el6.src.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-279.el6.x86_64.rpm
perf-debuginfo-2.6.32-279.el6.x86_64.rpm
python-perf-2.6.32-279.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-279.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-279.el6.src.rpm

i386:
kernel-2.6.32-279.el6.i686.rpm
kernel-debug-2.6.32-279.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debug-devel-2.6.32-279.el6.i686.rpm
kernel-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-279.el6.i686.rpm
kernel-devel-2.6.32-279.el6.i686.rpm
kernel-headers-2.6.32-279.el6.i686.rpm
perf-2.6.32-279.el6.i686.rpm
perf-debuginfo-2.6.32-279.el6.i686.rpm
python-perf-debuginfo-2.6.32-279.el6.i686.rpm

noarch:
kernel-doc-2.6.32-279.el6.noarch.rpm
kernel-firmware-2.6.32-279.el6.noarch.rpm

ppc64:
kernel-2.6.32-279.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-279.el6.ppc64.rpm
kernel-debug-2.6.32-279.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-279.el6.ppc64.rpm
kernel-debug-devel-2.6.32-279.el6.ppc64.rpm
kernel-debuginfo-2.6.32-279.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-279.el6.ppc64.rpm
kernel-devel-2.6.32-279.el6.ppc64.rpm
kernel-headers-2.6.32-279.el6.ppc64.rpm
perf-2.6.32-279.el6.ppc64.rpm
perf-debuginfo-2.6.32-279.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-279.el6.ppc64.rpm

s390x:
kernel-2.6.32-279.el6.s390x.rpm
kernel-debug-2.6.32-279.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-279.el6.s390x.rpm
kernel-debug-devel-2.6.32-279.el6.s390x.rpm
kernel-debuginfo-2.6.32-279.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-279.el6.s390x.rpm
kernel-devel-2.6.32-279.el6.s390x.rpm
kernel-headers-2.6.32-279.el6.s390x.rpm
kernel-kdump-2.6.32-279.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-279.el6.s390x.rpm
kernel-kdump-devel-2.6.32-279.el6.s390x.rpm
perf-2.6.32-279.el6.s390x.rpm
perf-debuginfo-2.6.32-279.el6.s390x.rpm
python-perf-debuginfo-2.6.32-279.el6.s390x.rpm

x86_64:
kernel-2.6.32-279.el6.x86_64.rpm
kernel-debug-2.6.32-279.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debug-devel-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-279.el6.x86_64.rpm
kernel-devel-2.6.32-279.el6.x86_64.rpm
kernel-headers-2.6.32-279.el6.x86_64.rpm
perf-2.6.32-279.el6.x86_64.rpm
perf-debuginfo-2.6.32-279.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-279.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-279.el6.src.rpm

i386:
kernel-debug-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-279.el6.i686.rpm
perf-debuginfo-2.6.32-279.el6.i686.rpm
python-perf-2.6.32-279.el6.i686.rpm
python-perf-debuginfo-2.6.32-279.el6.i686.rpm

ppc64:
kernel-debug-debuginfo-2.6.32-279.el6.ppc64.rpm
kernel-debuginfo-2.6.32-279.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-279.el6.ppc64.rpm
perf-debuginfo-2.6.32-279.el6.ppc64.rpm
python-perf-2.6.32-279.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-279.el6.ppc64.rpm

s390x:
kernel-debug-debuginfo-2.6.32-279.el6.s390x.rpm
kernel-debuginfo-2.6.32-279.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-279.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-279.el6.s390x.rpm
perf-debuginfo-2.6.32-279.el6.s390x.rpm
python-perf-2.6.32-279.el6.s390x.rpm
python-perf-debuginfo-2.6.32-279.el6.s390x.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-279.el6.x86_64.rpm
perf-debuginfo-2.6.32-279.el6.x86_64.rpm
python-perf-2.6.32-279.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-279.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-279.el6.src.rpm

i386:
kernel-2.6.32-279.el6.i686.rpm
kernel-debug-2.6.32-279.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debug-devel-2.6.32-279.el6.i686.rpm
kernel-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-279.el6.i686.rpm
kernel-devel-2.6.32-279.el6.i686.rpm
kernel-headers-2.6.32-279.el6.i686.rpm
perf-2.6.32-279.el6.i686.rpm
perf-debuginfo-2.6.32-279.el6.i686.rpm
python-perf-debuginfo-2.6.32-279.el6.i686.rpm

noarch:
kernel-doc-2.6.32-279.el6.noarch.rpm
kernel-firmware-2.6.32-279.el6.noarch.rpm

x86_64:
kernel-2.6.32-279.el6.x86_64.rpm
kernel-debug-2.6.32-279.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debug-devel-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-279.el6.x86_64.rpm
kernel-devel-2.6.32-279.el6.x86_64.rpm
kernel-headers-2.6.32-279.el6.x86_64.rpm
perf-2.6.32-279.el6.x86_64.rpm
perf-debuginfo-2.6.32-279.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-279.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-279.el6.src.rpm

i386:
kernel-debug-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debuginfo-2.6.32-279.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-279.el6.i686.rpm
perf-debuginfo-2.6.32-279.el6.i686.rpm
python-perf-2.6.32-279.el6.i686.rpm
python-perf-debuginfo-2.6.32-279.el6.i686.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-2.6.32-279.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-279.el6.x86_64.rpm
perf-debuginfo-2.6.32-279.el6.x86_64.rpm
python-perf-2.6.32-279.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-279.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-1083.html
https://www.redhat.com/security/data/cve/CVE-2011-4131.html
https://access.redhat.com/security/updates/classification/#moderate
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.3_Technical_Notes/kernel.html#RHSA-2012-0862
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html-single/6.3_Release_Notes/index.html

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFP4ZeqXlSAg2UNWIIRAmjVAKCqM4LQnNQaTHKp2bA1U1R9mqshJACcCCq4
ID8pBpylp9S8NPlHAYH/tRw=
=Bx7n
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBT+JtV+4yVqjM2NGpAQIF1Q/8DpqAZvoOVyoz1AEOHsgur+RWyQkLwFOU
9C6Nqaj6YYG9vDwmJ8TbJdnXT3okCw4+VAYTt1PFz4XK4h6iutg4El/srKeK4HKc
j0EFH4knn6vvZGnQDv3jNRlCA/PvOcICLN3hNCvsv/eg/pmLivI6iFXjKS083SP/
VAzqoOiYuVuWEJTF1ullVxAlubQRwDQj4ow+9/AbJbyHaqixwKovea0Ks7cYuIxy
7d3YWiCTPeK7Crmy/WTJE3FaLX1V4ZrZtCpuzG6l7U/l+L5O4h4ZaWiETnMkJXd4
R20UbskYxisA2GMejWsSmOcQBxtFec98QrnINX0YpjtrUqrDqF9IM3za2fdKWfKx
AFoydoQDTPej6Sb0Bu/p5q/UcGvt1N0b/bbkyUGyh2lmPz32PDOq1qnEC4IThY9x
VPQw4ST1HyTsuFXdXJgnldTvOjOSs1f82WLKeuXDtUo81S+M01K6g+CvF/SuHupb
SrpdS8cDc6j0cJySjneaVn/5EjHujl3MCFJh2J6RKoyK+lx7DL/BYhDR+ivxgh3d
DAMXOgnl4y6+wyMjHO1M4FWLpJSxvEuLlTs7EdXushRAhbYpBhvCnvtyJ9YGD4Bj
Cf5jwIhRV3t9dl4LtRO/R0HQ9+ieYugvrm4/7cTZGhyWlTiPyqG7smCrzXfqG/uc
ZO7Md7kTqjo=
=z6Ww
-----END PGP SIGNATURE-----