ESB-2018.0045 - [SUSE] java-1_7_0-openjdk: Multiple vulnerabilities 2018-01-04

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.0045
       SUSE Security Update: Security update for java-1_7_0-openjdk
                              4 January 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          java-1_7_0-openjdk
Publisher:        SUSE
Operating System: SUSE
Impact/Access:    Execute Arbitrary Code/Commands -- Remote with User Interaction
                  Modify Arbitrary Files          -- Remote/Unauthenticated      
                  Denial of Service               -- Remote/Unauthenticated      
                  Access Confidential Data        -- Remote/Unauthenticated      
                  Provide Misleading Information  -- Remote with User Interaction
Resolution:       Patch/Upgrade
CVE Names:        CVE-2017-10388 CVE-2017-10357 CVE-2017-10356
                  CVE-2017-10355 CVE-2017-10350 CVE-2017-10349
                  CVE-2017-10348 CVE-2017-10347 CVE-2017-10346
                  CVE-2017-10345 CVE-2017-10295 CVE-2017-10285
                  CVE-2017-10281 CVE-2017-10274 CVE-2017-10243
                  CVE-2017-10198 CVE-2017-10193 CVE-2017-10176
                  CVE-2017-10135 CVE-2017-10125 CVE-2017-10118
                  CVE-2017-10116 CVE-2017-10115 CVE-2017-10114
                  CVE-2017-10111 CVE-2017-10110 CVE-2017-10109
                  CVE-2017-10108 CVE-2017-10107 CVE-2017-10105
                  CVE-2017-10102 CVE-2017-10101 CVE-2017-10096
                  CVE-2017-10090 CVE-2017-10089 CVE-2017-10087
                  CVE-2017-10086 CVE-2017-10081 CVE-2017-10074
                  CVE-2017-10067 CVE-2017-10053 CVE-2016-10165
                  CVE-2016-9843 CVE-2016-9842 CVE-2016-9841
                  CVE-2016-9840  

Reference:        ASB-2017.0219
                  ASB-2017.0173
                  ESB-2018.0029
                  ESB-2017.0985
                  ESB-2017.0805
                  ESB-2017.0492

- --------------------------BEGIN INCLUDED TEXT--------------------

   SUSE Security Update: Security update for java-1_7_0-openjdk
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:0005-1
Rating:             important
References:         #1049305 #1049306 #1049307 #1049309 #1049310 
                    #1049311 #1049312 #1049313 #1049314 #1049315 
                    #1049316 #1049317 #1049318 #1049319 #1049320 
                    #1049321 #1049322 #1049323 #1049324 #1049325 
                    #1049326 #1049327 #1049328 #1049329 #1049330 
                    #1049331 #1049332 #1052318 #1064071 #1064072 
                    #1064073 #1064075 #1064077 #1064078 #1064079 
                    #1064080 #1064081 #1064082 #1064083 #1064084 
                    #1064085 #1064086 
Cross-References:   CVE-2016-10165 CVE-2016-9840 CVE-2016-9841
                    CVE-2016-9842 CVE-2016-9843 CVE-2017-10053
                    CVE-2017-10067 CVE-2017-10074 CVE-2017-10081
                    CVE-2017-10086 CVE-2017-10087 CVE-2017-10089
                    CVE-2017-10090 CVE-2017-10096 CVE-2017-10101
                    CVE-2017-10102 CVE-2017-10105 CVE-2017-10107
                    CVE-2017-10108 CVE-2017-10109 CVE-2017-10110
                    CVE-2017-10111 CVE-2017-10114 CVE-2017-10115
                    CVE-2017-10116 CVE-2017-10118 CVE-2017-10125
                    CVE-2017-10135 CVE-2017-10176 CVE-2017-10193
                    CVE-2017-10198 CVE-2017-10243 CVE-2017-10274
                    CVE-2017-10281 CVE-2017-10285 CVE-2017-10295
                    CVE-2017-10345 CVE-2017-10346 CVE-2017-10347
                    CVE-2017-10348 CVE-2017-10349 CVE-2017-10350
                    CVE-2017-10355 CVE-2017-10356 CVE-2017-10357
                    CVE-2017-10388
Affected Products:
                    SUSE OpenStack Cloud 6
                    SUSE Linux Enterprise Server for SAP 12-SP1
                    SUSE Linux Enterprise Server for SAP 12
                    SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
                    SUSE Linux Enterprise Server 12-SP3
                    SUSE Linux Enterprise Server 12-SP2
                    SUSE Linux Enterprise Server 12-SP1-LTSS
                    SUSE Linux Enterprise Server 12-LTSS
                    SUSE Linux Enterprise Desktop 12-SP3
                    SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________

   An update that fixes 46 vulnerabilities is now available.

Description:

   This update for java-1_7_0-openjdk fixes the following issues:

   Security issues fixed:

   - CVE-2017-10356: Fix issue inside subcomponent Security (bsc#1064084).
   - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO
     (bsc#1064071).
   - CVE-2017-10281: Fix issue inside subcomponent Serialization
     (bsc#1064072).
   - CVE-2017-10285: Fix issue inside subcomponent RMI (bsc#1064073).
   - CVE-2017-10295: Fix issue inside subcomponent Networking (bsc#1064075).
   - CVE-2017-10388: Fix issue inside subcomponent Libraries (bsc#1064086).
   - CVE-2017-10346: Fix issue inside subcomponent Hotspot (bsc#1064078).
   - CVE-2017-10350: Fix issue inside subcomponent JAX-WS (bsc#1064082).
   - CVE-2017-10347: Fix issue inside subcomponent Serialization
     (bsc#1064079).
   - CVE-2017-10349: Fix issue inside subcomponent JAXP (bsc#1064081).
   - CVE-2017-10345: Fix issue inside subcomponent Serialization
     (bsc#1064077).
   - CVE-2017-10348: Fix issue inside subcomponent Libraries (bsc#1064080).
   - CVE-2017-10357: Fix issue inside subcomponent Serialization
     (bsc#1064085).
   - CVE-2017-10355: Fix issue inside subcomponent Networking (bsc#1064083).
   - CVE-2017-10102: Fix incorrect handling of references in DGC
     (bsc#1049316).
   - CVE-2017-10053: Fix reading of unprocessed image data in JPEGImageReader
     (bsc#1049305).
   - CVE-2017-10067: Fix JAR verifier incorrect handling of missing digest
     (bsc#1049306).
   - CVE-2017-10081: Fix incorrect bracket processing in function signature
     handling (bsc#1049309).
   - CVE-2017-10087: Fix insufficient access control checks in
     ThreadPoolExecutor (bsc#1049311).
   - CVE-2017-10089: Fix insufficient access control checks in
     ServiceRegistry (bsc#1049312).
   - CVE-2017-10090: Fix insufficient access control checks in
     AsynchronousChannelGroupImpl (bsc#1049313).
   - CVE-2017-10096: Fix insufficient access control checks in XML
     transformations (bsc#1049314).
   - CVE-2017-10101: Fix unrestricted access to
     com.sun.org.apache.xml.internal.resolver (bsc#1049315).
   - CVE-2017-10107: Fix insufficient access control checks in ActivationID
     (bsc#1049318).
   - CVE-2017-10074: Fix integer overflows in range check loop predicates
     (bsc#1049307).
   - CVE-2017-10110: Fix insufficient access control checks in ImageWatched
     (bsc#1049321).
   - CVE-2017-10108: Fix unbounded memory allocation in BasicAttribute
     deserialization (bsc#1049319).
   - CVE-2017-10109: Fix unbounded memory allocation in CodeSource
     deserialization (bsc#1049320).
   - CVE-2017-10115: Fix unspecified vulnerability in subcomponent JCE
     (bsc#1049324).
   - CVE-2017-10118: Fix ECDSA implementation timing attack (bsc#1049326).
   - CVE-2017-10116: Fix LDAPCertStore following referrals to non-LDAP URL
     (bsc#1049325).
   - CVE-2017-10135: Fix PKCS#8 implementation timing attack (bsc#1049328).
   - CVE-2017-10176: Fix incorrect handling of certain EC points
     (bsc#1049329).
   - CVE-2017-10074: Fix integer overflows in range check loop predicates
     (bsc#1049307).
   - CVE-2017-10074: Fix integer overflows in range check loop predicates
     (bsc#1049307).
   - CVE-2017-10111: Fix checks in LambdaFormEditor (bsc#1049322).
   - CVE-2017-10243: Fix unspecified vulnerability in subcomponent JAX-WS
     (bsc#1049332).
   - CVE-2017-10125: Fix unspecified vulnerability in subcomponent deployment
     (bsc#1049327).
   - CVE-2017-10114: Fix unspecified vulnerability in subcomponent JavaFX
     (bsc#1049323).
   - CVE-2017-10105: Fix unspecified vulnerability in subcomponent deployment
     (bsc#1049317).
   - CVE-2017-10086: Fix unspecified in subcomponent JavaFX (bsc#1049310).
   - CVE-2017-10198: Fix incorrect enforcement of certificate path
     restrictions (bsc#1049331).
   - CVE-2017-10193: Fix incorrect key size constraint check (bsc#1049330).

   Bug fixes:

   - Drop Exec Shield workaround to fix crashes on recent kernels, where Exec
     Shield is gone (bsc#1052318).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud 6:

      zypper in -t patch SUSE-OpenStack-Cloud-6-2018-6=1

   - SUSE Linux Enterprise Server for SAP 12-SP1:

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-6=1

   - SUSE Linux Enterprise Server for SAP 12:

      zypper in -t patch SUSE-SLE-SAP-12-2018-6=1

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

      zypper in -t patch SUSE-SLE-RPI-12-SP2-2018-6=1

   - SUSE Linux Enterprise Server 12-SP3:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-6=1

   - SUSE Linux Enterprise Server 12-SP2:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-6=1

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-6=1

   - SUSE Linux Enterprise Server 12-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-2018-6=1

   - SUSE Linux Enterprise Desktop 12-SP3:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-6=1

   - SUSE Linux Enterprise Desktop 12-SP2:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2018-6=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE OpenStack Cloud 6 (x86_64):

      java-1_7_0-openjdk-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debugsource-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.161-43.7.6

   - SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64):

      java-1_7_0-openjdk-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debugsource-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.161-43.7.6

   - SUSE Linux Enterprise Server for SAP 12 (x86_64):

      java-1_7_0-openjdk-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debugsource-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.161-43.7.6

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):

      java-1_7_0-openjdk-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debugsource-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.161-43.7.6

   - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):

      java-1_7_0-openjdk-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debugsource-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.161-43.7.6

   - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64):

      java-1_7_0-openjdk-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debugsource-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.161-43.7.6

   - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64):

      java-1_7_0-openjdk-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debugsource-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.161-43.7.6

   - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64):

      java-1_7_0-openjdk-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debugsource-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-demo-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-1.7.0.161-43.7.6
      java-1_7_0-openjdk-devel-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.161-43.7.6

   - SUSE Linux Enterprise Desktop 12-SP3 (x86_64):

      java-1_7_0-openjdk-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debugsource-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.161-43.7.6

   - SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

      java-1_7_0-openjdk-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debuginfo-1.7.0.161-43.7.6
      java-1_7_0-openjdk-debugsource-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-1.7.0.161-43.7.6
      java-1_7_0-openjdk-headless-debuginfo-1.7.0.161-43.7.6


References:

   https://www.suse.com/security/cve/CVE-2016-10165.html
   https://www.suse.com/security/cve/CVE-2016-9840.html
   https://www.suse.com/security/cve/CVE-2016-9841.html
   https://www.suse.com/security/cve/CVE-2016-9842.html
   https://www.suse.com/security/cve/CVE-2016-9843.html
   https://www.suse.com/security/cve/CVE-2017-10053.html
   https://www.suse.com/security/cve/CVE-2017-10067.html
   https://www.suse.com/security/cve/CVE-2017-10074.html
   https://www.suse.com/security/cve/CVE-2017-10081.html
   https://www.suse.com/security/cve/CVE-2017-10086.html
   https://www.suse.com/security/cve/CVE-2017-10087.html
   https://www.suse.com/security/cve/CVE-2017-10089.html
   https://www.suse.com/security/cve/CVE-2017-10090.html
   https://www.suse.com/security/cve/CVE-2017-10096.html
   https://www.suse.com/security/cve/CVE-2017-10101.html
   https://www.suse.com/security/cve/CVE-2017-10102.html
   https://www.suse.com/security/cve/CVE-2017-10105.html
   https://www.suse.com/security/cve/CVE-2017-10107.html
   https://www.suse.com/security/cve/CVE-2017-10108.html
   https://www.suse.com/security/cve/CVE-2017-10109.html
   https://www.suse.com/security/cve/CVE-2017-10110.html
   https://www.suse.com/security/cve/CVE-2017-10111.html
   https://www.suse.com/security/cve/CVE-2017-10114.html
   https://www.suse.com/security/cve/CVE-2017-10115.html
   https://www.suse.com/security/cve/CVE-2017-10116.html
   https://www.suse.com/security/cve/CVE-2017-10118.html
   https://www.suse.com/security/cve/CVE-2017-10125.html
   https://www.suse.com/security/cve/CVE-2017-10135.html
   https://www.suse.com/security/cve/CVE-2017-10176.html
   https://www.suse.com/security/cve/CVE-2017-10193.html
   https://www.suse.com/security/cve/CVE-2017-10198.html
   https://www.suse.com/security/cve/CVE-2017-10243.html
   https://www.suse.com/security/cve/CVE-2017-10274.html
   https://www.suse.com/security/cve/CVE-2017-10281.html
   https://www.suse.com/security/cve/CVE-2017-10285.html
   https://www.suse.com/security/cve/CVE-2017-10295.html
   https://www.suse.com/security/cve/CVE-2017-10345.html
   https://www.suse.com/security/cve/CVE-2017-10346.html
   https://www.suse.com/security/cve/CVE-2017-10347.html
   https://www.suse.com/security/cve/CVE-2017-10348.html
   https://www.suse.com/security/cve/CVE-2017-10349.html
   https://www.suse.com/security/cve/CVE-2017-10350.html
   https://www.suse.com/security/cve/CVE-2017-10355.html
   https://www.suse.com/security/cve/CVE-2017-10356.html
   https://www.suse.com/security/cve/CVE-2017-10357.html
   https://www.suse.com/security/cve/CVE-2017-10388.html
   https://bugzilla.suse.com/1049305
   https://bugzilla.suse.com/1049306
   https://bugzilla.suse.com/1049307
   https://bugzilla.suse.com/1049309
   https://bugzilla.suse.com/1049310
   https://bugzilla.suse.com/1049311
   https://bugzilla.suse.com/1049312
   https://bugzilla.suse.com/1049313
   https://bugzilla.suse.com/1049314
   https://bugzilla.suse.com/1049315
   https://bugzilla.suse.com/1049316
   https://bugzilla.suse.com/1049317
   https://bugzilla.suse.com/1049318
   https://bugzilla.suse.com/1049319
   https://bugzilla.suse.com/1049320
   https://bugzilla.suse.com/1049321
   https://bugzilla.suse.com/1049322
   https://bugzilla.suse.com/1049323
   https://bugzilla.suse.com/1049324
   https://bugzilla.suse.com/1049325
   https://bugzilla.suse.com/1049326
   https://bugzilla.suse.com/1049327
   https://bugzilla.suse.com/1049328
   https://bugzilla.suse.com/1049329
   https://bugzilla.suse.com/1049330
   https://bugzilla.suse.com/1049331
   https://bugzilla.suse.com/1049332
   https://bugzilla.suse.com/1052318
   https://bugzilla.suse.com/1064071
   https://bugzilla.suse.com/1064072
   https://bugzilla.suse.com/1064073
   https://bugzilla.suse.com/1064075
   https://bugzilla.suse.com/1064077
   https://bugzilla.suse.com/1064078
   https://bugzilla.suse.com/1064079
   https://bugzilla.suse.com/1064080
   https://bugzilla.suse.com/1064081
   https://bugzilla.suse.com/1064082
   https://bugzilla.suse.com/1064083
   https://bugzilla.suse.com/1064084
   https://bugzilla.suse.com/1064085
   https://bugzilla.suse.com/1064086

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWk2o5ox+lLeg9Ub1AQgdVA//Sx+6UUc5b/LujLJMxkEBsgRYJ6+arrJz
M/nLTrweAvir0+TKNm5sGmYtwyJB8dnmTMwP9z4a6CJkNHk8/KrXuO4iQ5LmmXKB
eisb78heNVUQFR5MnfH84MpUv502/APhmwkYYQ17zDvmvXhyCLRmEU0OdMCAI6lE
+rX2Yc/Rte6N/7TwZ6QTu6u7O+gvi/afHbn5YQ+ypsELwqt9OiwiSoEIob8aP4zW
mvSU2ANWGmhBJMJQZUTsPuL0r95t2QN1tDOhKdi4MTFmbCfUIihP6xQ7bVYWd2lU
wUYVsvgcKDhCddN5redPYKVFaeJPk7vkvz1mSPLXXTVtPbdCkBGeSd/NluJbvcwZ
goTE9ZKyS3GhkXjZBT7nYyiEdv9QUmzM/r01shODIkadN+PYWW+uAhX5JKV2ZZQ5
YNGYhlZk7z+NG5r3vC82VX9POx1lr/lN4WBi48kALzkuWqebbDpMzOT/u7WbQwPi
+B/QyviapQrIoD1lBZjqmP9R9nIBlaewL2KOoe0z6IniPDbkeGHGBYP7y4xWO/ob
NV5dExK/pgsicMZDNAiyuyNWx+YBncMAHxaFWAXkj6yfB0rtgNXK8VrQ0ciuOXzy
bfMbEjp/w+EjPMKef9Rpku/fGaJl6FLXdqh+WDo1UD9/BAKbb2A38yEgBnz7HPpw
N39BmBv5Cag=
=OSwg
-----END PGP SIGNATURE-----

« Back to bulletins