Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2005.0038 -- RHSA-2005:038-01 Updated mozilla packages fix a buffer overflow 14 January 2005 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Mozilla Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES/WS 3 Red Hat Desktop version 3 Red Hat Enterprise Linux AS/ES/WS 2.1 Red Hat Linux Advanced Workstation 2.1 Linux variants UNIX variants Windows Impact: Execute Arbitrary Code/Commands Access: Remote/Unauthenticated CVE Names: CAN-2004-1316 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2005-038.html Comment: Please note that the Windows and Mac OS X versions of Mozilla may also be affected by these vulnerabilities. Packages for all platforms are available at http://www.mozilla.org/products/mozilla1.x/. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated mozilla packages fix a buffer overflow Advisory ID: RHSA-2005:038-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-038.html Issue date: 2005-01-13 Updated on: 2005-01-13 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-1316 - - --------------------------------------------------------------------- 1. Summary: Updated mozilla packages that fix a buffer overflow issue are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. iSEC Security Research has discovered a buffer overflow bug in the way Mozilla handles NNTP URLs. If a user visits a malicious web page or is convinced to click on a malicious link, it may be possible for an attacker to execute arbitrary code on the victim's machine. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1316 to this issue. Users of Mozilla should upgrade to these updated packages, which contain backported patches and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 143994 - CAN-2004-1316 buffer overflow in mozilla 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mozilla-1.4.3-2.1.5.src.rpm fefa59012cd31f131236a9375a0503f0 mozilla-1.4.3-2.1.5.src.rpm i386: 46eb27212aa9c60a94c28cc4a5d25e42 mozilla-1.4.3-2.1.5.i386.rpm e8977f1973bff2de581837f21e03dd49 mozilla-chat-1.4.3-2.1.5.i386.rpm 028ec7c7d3a8602dd170d121ef1247d9 mozilla-devel-1.4.3-2.1.5.i386.rpm ebb437146df9f11df6374d9a8aac93de mozilla-dom-inspector-1.4.3-2.1.5.i386.rpm aa57587e31eb6010ed2ebefdf9db31db mozilla-js-debugger-1.4.3-2.1.5.i386.rpm 81569282cb766a9b7feb069ec6e6c2a9 mozilla-mail-1.4.3-2.1.5.i386.rpm 8da39274901c76ef6ea2abfbb762a14b mozilla-nspr-1.4.3-2.1.5.i386.rpm 258ba701c07cfcef587ad6ea76555279 mozilla-nspr-devel-1.4.3-2.1.5.i386.rpm efaf0a6599ac580b26966feaf26d9dd2 mozilla-nss-1.4.3-2.1.5.i386.rpm 3383a0fc903e906f39d5fa122d78053b mozilla-nss-devel-1.4.3-2.1.5.i386.rpm ia64: 7bd9778e4ca85b48da0d11847e41d33b mozilla-1.4.3-2.1.5.ia64.rpm 23f2abb5e47d69fa2a7e306c481304f1 mozilla-chat-1.4.3-2.1.5.ia64.rpm 567a749da35f376b7293537d12f1a6a4 mozilla-devel-1.4.3-2.1.5.ia64.rpm f9b899f673c60915d395a592740fb471 mozilla-dom-inspector-1.4.3-2.1.5.ia64.rpm f7fb841eaab55ea5cf252f91fcb44593 mozilla-js-debugger-1.4.3-2.1.5.ia64.rpm 382b1225cdb048a812cea97c63deba1b mozilla-mail-1.4.3-2.1.5.ia64.rpm c5122858d5d9fc328f0e624ea7c18de4 mozilla-nspr-1.4.3-2.1.5.ia64.rpm 73cc6599ee5e855b2420cb4616a13420 mozilla-nspr-devel-1.4.3-2.1.5.ia64.rpm 08588296179874ab3e2d64554b4e9898 mozilla-nss-1.4.3-2.1.5.ia64.rpm 8a216307ccd5a1170c0f2aff6677257c mozilla-nss-devel-1.4.3-2.1.5.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mozilla-1.4.3-2.1.5.src.rpm fefa59012cd31f131236a9375a0503f0 mozilla-1.4.3-2.1.5.src.rpm ia64: 7bd9778e4ca85b48da0d11847e41d33b mozilla-1.4.3-2.1.5.ia64.rpm 23f2abb5e47d69fa2a7e306c481304f1 mozilla-chat-1.4.3-2.1.5.ia64.rpm 567a749da35f376b7293537d12f1a6a4 mozilla-devel-1.4.3-2.1.5.ia64.rpm f9b899f673c60915d395a592740fb471 mozilla-dom-inspector-1.4.3-2.1.5.ia64.rpm f7fb841eaab55ea5cf252f91fcb44593 mozilla-js-debugger-1.4.3-2.1.5.ia64.rpm 382b1225cdb048a812cea97c63deba1b mozilla-mail-1.4.3-2.1.5.ia64.rpm c5122858d5d9fc328f0e624ea7c18de4 mozilla-nspr-1.4.3-2.1.5.ia64.rpm 73cc6599ee5e855b2420cb4616a13420 mozilla-nspr-devel-1.4.3-2.1.5.ia64.rpm 08588296179874ab3e2d64554b4e9898 mozilla-nss-1.4.3-2.1.5.ia64.rpm 8a216307ccd5a1170c0f2aff6677257c mozilla-nss-devel-1.4.3-2.1.5.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mozilla-1.4.3-2.1.5.src.rpm fefa59012cd31f131236a9375a0503f0 mozilla-1.4.3-2.1.5.src.rpm i386: 46eb27212aa9c60a94c28cc4a5d25e42 mozilla-1.4.3-2.1.5.i386.rpm e8977f1973bff2de581837f21e03dd49 mozilla-chat-1.4.3-2.1.5.i386.rpm 028ec7c7d3a8602dd170d121ef1247d9 mozilla-devel-1.4.3-2.1.5.i386.rpm ebb437146df9f11df6374d9a8aac93de mozilla-dom-inspector-1.4.3-2.1.5.i386.rpm aa57587e31eb6010ed2ebefdf9db31db mozilla-js-debugger-1.4.3-2.1.5.i386.rpm 81569282cb766a9b7feb069ec6e6c2a9 mozilla-mail-1.4.3-2.1.5.i386.rpm 8da39274901c76ef6ea2abfbb762a14b mozilla-nspr-1.4.3-2.1.5.i386.rpm 258ba701c07cfcef587ad6ea76555279 mozilla-nspr-devel-1.4.3-2.1.5.i386.rpm efaf0a6599ac580b26966feaf26d9dd2 mozilla-nss-1.4.3-2.1.5.i386.rpm 3383a0fc903e906f39d5fa122d78053b mozilla-nss-devel-1.4.3-2.1.5.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mozilla-1.4.3-2.1.5.src.rpm fefa59012cd31f131236a9375a0503f0 mozilla-1.4.3-2.1.5.src.rpm i386: 46eb27212aa9c60a94c28cc4a5d25e42 mozilla-1.4.3-2.1.5.i386.rpm e8977f1973bff2de581837f21e03dd49 mozilla-chat-1.4.3-2.1.5.i386.rpm 028ec7c7d3a8602dd170d121ef1247d9 mozilla-devel-1.4.3-2.1.5.i386.rpm ebb437146df9f11df6374d9a8aac93de mozilla-dom-inspector-1.4.3-2.1.5.i386.rpm aa57587e31eb6010ed2ebefdf9db31db mozilla-js-debugger-1.4.3-2.1.5.i386.rpm 81569282cb766a9b7feb069ec6e6c2a9 mozilla-mail-1.4.3-2.1.5.i386.rpm 8da39274901c76ef6ea2abfbb762a14b mozilla-nspr-1.4.3-2.1.5.i386.rpm 258ba701c07cfcef587ad6ea76555279 mozilla-nspr-devel-1.4.3-2.1.5.i386.rpm efaf0a6599ac580b26966feaf26d9dd2 mozilla-nss-1.4.3-2.1.5.i386.rpm 3383a0fc903e906f39d5fa122d78053b mozilla-nss-devel-1.4.3-2.1.5.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mozilla-1.4.3-3.0.7.src.rpm ad9534b7525fb57427d5cdc11de82cf2 mozilla-1.4.3-3.0.7.src.rpm i386: a11b0fd761dc02738c3c67e25f320da1 mozilla-1.4.3-3.0.7.i386.rpm cf0a8398a63f7bd40a5049edebd7db87 mozilla-chat-1.4.3-3.0.7.i386.rpm 929f572c9364314d535c9a38f4d8a498 mozilla-devel-1.4.3-3.0.7.i386.rpm eb72c9e1394030d4bb90a9991f52e81e mozilla-dom-inspector-1.4.3-3.0.7.i386.rpm 1fb99678c2d06bbe4895d8c62b6d1abb mozilla-js-debugger-1.4.3-3.0.7.i386.rpm 076ff55c5dbaf753cec88c0109888d96 mozilla-mail-1.4.3-3.0.7.i386.rpm e4f4c80c3bff4618d42b54d50e89c1d6 mozilla-nspr-1.4.3-3.0.7.i386.rpm 90ddf2ef4341cb3bbee95fa669b9dc5d mozilla-nspr-devel-1.4.3-3.0.7.i386.rpm 8559fa287563eee48563137eb00e5b2b mozilla-nss-1.4.3-3.0.7.i386.rpm 01c7216160e7f373fd73b1c331a12148 mozilla-nss-devel-1.4.3-3.0.7.i386.rpm ia64: bc7bae6c79eea865e59a6217fd101a50 mozilla-1.4.3-3.0.7.ia64.rpm 5c66051e4d10a3e8879c5429b73a36af mozilla-chat-1.4.3-3.0.7.ia64.rpm 5d9f22a3498edec84c1e2e534ba0620a mozilla-devel-1.4.3-3.0.7.ia64.rpm b495c264cb52d0f15c2e51ce29f743f5 mozilla-dom-inspector-1.4.3-3.0.7.ia64.rpm 9ca814199cadd2cd5797555b898a3006 mozilla-js-debugger-1.4.3-3.0.7.ia64.rpm 7014f4ab5dd4f53e8cd29e8c4e3fa4e2 mozilla-mail-1.4.3-3.0.7.ia64.rpm 22b1619f1c799aaca7661493924969f6 mozilla-nspr-1.4.3-3.0.7.ia64.rpm e4f4c80c3bff4618d42b54d50e89c1d6 mozilla-nspr-1.4.3-3.0.7.i386.rpm f0a1eea9aeb6606e6e5d7eec65f612ed mozilla-nspr-devel-1.4.3-3.0.7.ia64.rpm ee951417a6b9f33d19e0be4ca4e4429e mozilla-nss-1.4.3-3.0.7.ia64.rpm 8559fa287563eee48563137eb00e5b2b mozilla-nss-1.4.3-3.0.7.i386.rpm 82874daf499f0183a7f26ca73e005578 mozilla-nss-devel-1.4.3-3.0.7.ia64.rpm ppc: 71dbd8350ebf7ad2a059b297172efbe7 mozilla-1.4.3-3.0.7.ppc.rpm db858090a8707492f94fbe5dcd7413d6 mozilla-chat-1.4.3-3.0.7.ppc.rpm 313dbd71e7845b6c7b0175d95341c831 mozilla-devel-1.4.3-3.0.7.ppc.rpm af177959280c44a84021583be2bcfd59 mozilla-dom-inspector-1.4.3-3.0.7.ppc.rpm e649ccede061fbc6b2a3b67e8de0697e mozilla-js-debugger-1.4.3-3.0.7.ppc.rpm 0b819832f88d940f2c30330cfce471b9 mozilla-mail-1.4.3-3.0.7.ppc.rpm 8b45f1ea66ad2fcebf0d3823050ec7cc mozilla-nspr-1.4.3-3.0.7.ppc.rpm 6b9a5a195d4e80cf1308404e9c738990 mozilla-nspr-devel-1.4.3-3.0.7.ppc.rpm 61c1ea43cd206b34ba82d388f54e8747 mozilla-nss-1.4.3-3.0.7.ppc.rpm 356d0935643ca7057c90334e5ec950b9 mozilla-nss-devel-1.4.3-3.0.7.ppc.rpm s390: 3dd8ec69ea05d3a829be28e7eefc617a mozilla-1.4.3-3.0.7.s390.rpm 757495d25d0109881396658d085790c7 mozilla-chat-1.4.3-3.0.7.s390.rpm 6863e768ecb6fbc9d5a19a98f0ec737d mozilla-devel-1.4.3-3.0.7.s390.rpm 45ecbc18e361e431360058e64e47e05e mozilla-dom-inspector-1.4.3-3.0.7.s390.rpm a518a5ade274534c8144e3b5afbb8679 mozilla-js-debugger-1.4.3-3.0.7.s390.rpm 09da55cb5b3aa4b3a58f4025d2a8c10a mozilla-mail-1.4.3-3.0.7.s390.rpm 4677210674aea7f27c275b2917cc156a mozilla-nspr-1.4.3-3.0.7.s390.rpm 7bea294de9a88fc48919c8b0ba52e0be mozilla-nspr-devel-1.4.3-3.0.7.s390.rpm 7679f89fce879782df025fbebb729938 mozilla-nss-1.4.3-3.0.7.s390.rpm 43544f6fe51fe36a48ae70c92feb8404 mozilla-nss-devel-1.4.3-3.0.7.s390.rpm s390x: e65aa04ad572b7e55598f6018d25476f mozilla-1.4.3-3.0.7.s390x.rpm 657f03114553d097c34a33e51d7e9e00 mozilla-chat-1.4.3-3.0.7.s390x.rpm 8405cd59e689ffd6d762900c6edb736e mozilla-devel-1.4.3-3.0.7.s390x.rpm 95fa5e7b5615afa7d3e79c76a1c81a1f mozilla-dom-inspector-1.4.3-3.0.7.s390x.rpm 93551a339139bd0f49b128d014831b6e mozilla-js-debugger-1.4.3-3.0.7.s390x.rpm b0c008c26ea226d72aef9c1c93cbc3e3 mozilla-mail-1.4.3-3.0.7.s390x.rpm f62d53eeab524454606e2f19be58c2ca mozilla-nspr-1.4.3-3.0.7.s390x.rpm 4677210674aea7f27c275b2917cc156a mozilla-nspr-1.4.3-3.0.7.s390.rpm 034ca24c1cd18ddfa46304a5e67a84e9 mozilla-nspr-devel-1.4.3-3.0.7.s390x.rpm fcf5756feebe0f19e29d13b6a439e6dc mozilla-nss-1.4.3-3.0.7.s390x.rpm 7679f89fce879782df025fbebb729938 mozilla-nss-1.4.3-3.0.7.s390.rpm 77218e542a45e24ded278db463d0438f mozilla-nss-devel-1.4.3-3.0.7.s390x.rpm x86_64: a27d4c67306f290a5d0c910223ccc4d8 mozilla-1.4.3-3.0.7.x86_64.rpm a11b0fd761dc02738c3c67e25f320da1 mozilla-1.4.3-3.0.7.i386.rpm adfd293311e18c4f612b130dfefa2dfd mozilla-chat-1.4.3-3.0.7.x86_64.rpm 94d458713bd6c5b6be2e3b579a2e58d7 mozilla-devel-1.4.3-3.0.7.x86_64.rpm b78d4c71019afdcf52b41026196e9426 mozilla-dom-inspector-1.4.3-3.0.7.x86_64.rpm af6e60db5bbc5dcd995122327eb832c3 mozilla-js-debugger-1.4.3-3.0.7.x86_64.rpm c76ed9e84fd7e6c5d1828690811383d5 mozilla-mail-1.4.3-3.0.7.x86_64.rpm 59ca22eca688a39a9a5c9741ae428e54 mozilla-nspr-1.4.3-3.0.7.x86_64.rpm e4f4c80c3bff4618d42b54d50e89c1d6 mozilla-nspr-1.4.3-3.0.7.i386.rpm 5c90029ee49332f263839402e42b236b mozilla-nspr-devel-1.4.3-3.0.7.x86_64.rpm 8a47f807d74cf4681b899563e49dc439 mozilla-nss-1.4.3-3.0.7.x86_64.rpm 8559fa287563eee48563137eb00e5b2b mozilla-nss-1.4.3-3.0.7.i386.rpm ebf29e52da952d9fc8f49fbb89138d41 mozilla-nss-devel-1.4.3-3.0.7.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mozilla-1.4.3-3.0.7.src.rpm ad9534b7525fb57427d5cdc11de82cf2 mozilla-1.4.3-3.0.7.src.rpm i386: a11b0fd761dc02738c3c67e25f320da1 mozilla-1.4.3-3.0.7.i386.rpm cf0a8398a63f7bd40a5049edebd7db87 mozilla-chat-1.4.3-3.0.7.i386.rpm 929f572c9364314d535c9a38f4d8a498 mozilla-devel-1.4.3-3.0.7.i386.rpm eb72c9e1394030d4bb90a9991f52e81e mozilla-dom-inspector-1.4.3-3.0.7.i386.rpm 1fb99678c2d06bbe4895d8c62b6d1abb mozilla-js-debugger-1.4.3-3.0.7.i386.rpm 076ff55c5dbaf753cec88c0109888d96 mozilla-mail-1.4.3-3.0.7.i386.rpm e4f4c80c3bff4618d42b54d50e89c1d6 mozilla-nspr-1.4.3-3.0.7.i386.rpm 90ddf2ef4341cb3bbee95fa669b9dc5d mozilla-nspr-devel-1.4.3-3.0.7.i386.rpm 8559fa287563eee48563137eb00e5b2b mozilla-nss-1.4.3-3.0.7.i386.rpm 01c7216160e7f373fd73b1c331a12148 mozilla-nss-devel-1.4.3-3.0.7.i386.rpm x86_64: a27d4c67306f290a5d0c910223ccc4d8 mozilla-1.4.3-3.0.7.x86_64.rpm a11b0fd761dc02738c3c67e25f320da1 mozilla-1.4.3-3.0.7.i386.rpm adfd293311e18c4f612b130dfefa2dfd mozilla-chat-1.4.3-3.0.7.x86_64.rpm 94d458713bd6c5b6be2e3b579a2e58d7 mozilla-devel-1.4.3-3.0.7.x86_64.rpm b78d4c71019afdcf52b41026196e9426 mozilla-dom-inspector-1.4.3-3.0.7.x86_64.rpm af6e60db5bbc5dcd995122327eb832c3 mozilla-js-debugger-1.4.3-3.0.7.x86_64.rpm c76ed9e84fd7e6c5d1828690811383d5 mozilla-mail-1.4.3-3.0.7.x86_64.rpm 59ca22eca688a39a9a5c9741ae428e54 mozilla-nspr-1.4.3-3.0.7.x86_64.rpm e4f4c80c3bff4618d42b54d50e89c1d6 mozilla-nspr-1.4.3-3.0.7.i386.rpm 5c90029ee49332f263839402e42b236b mozilla-nspr-devel-1.4.3-3.0.7.x86_64.rpm 8a47f807d74cf4681b899563e49dc439 mozilla-nss-1.4.3-3.0.7.x86_64.rpm 8559fa287563eee48563137eb00e5b2b mozilla-nss-1.4.3-3.0.7.i386.rpm ebf29e52da952d9fc8f49fbb89138d41 mozilla-nss-devel-1.4.3-3.0.7.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mozilla-1.4.3-3.0.7.src.rpm ad9534b7525fb57427d5cdc11de82cf2 mozilla-1.4.3-3.0.7.src.rpm i386: a11b0fd761dc02738c3c67e25f320da1 mozilla-1.4.3-3.0.7.i386.rpm cf0a8398a63f7bd40a5049edebd7db87 mozilla-chat-1.4.3-3.0.7.i386.rpm 929f572c9364314d535c9a38f4d8a498 mozilla-devel-1.4.3-3.0.7.i386.rpm eb72c9e1394030d4bb90a9991f52e81e mozilla-dom-inspector-1.4.3-3.0.7.i386.rpm 1fb99678c2d06bbe4895d8c62b6d1abb mozilla-js-debugger-1.4.3-3.0.7.i386.rpm 076ff55c5dbaf753cec88c0109888d96 mozilla-mail-1.4.3-3.0.7.i386.rpm e4f4c80c3bff4618d42b54d50e89c1d6 mozilla-nspr-1.4.3-3.0.7.i386.rpm 90ddf2ef4341cb3bbee95fa669b9dc5d mozilla-nspr-devel-1.4.3-3.0.7.i386.rpm 8559fa287563eee48563137eb00e5b2b mozilla-nss-1.4.3-3.0.7.i386.rpm 01c7216160e7f373fd73b1c331a12148 mozilla-nss-devel-1.4.3-3.0.7.i386.rpm ia64: bc7bae6c79eea865e59a6217fd101a50 mozilla-1.4.3-3.0.7.ia64.rpm 5c66051e4d10a3e8879c5429b73a36af mozilla-chat-1.4.3-3.0.7.ia64.rpm 5d9f22a3498edec84c1e2e534ba0620a mozilla-devel-1.4.3-3.0.7.ia64.rpm b495c264cb52d0f15c2e51ce29f743f5 mozilla-dom-inspector-1.4.3-3.0.7.ia64.rpm 9ca814199cadd2cd5797555b898a3006 mozilla-js-debugger-1.4.3-3.0.7.ia64.rpm 7014f4ab5dd4f53e8cd29e8c4e3fa4e2 mozilla-mail-1.4.3-3.0.7.ia64.rpm 22b1619f1c799aaca7661493924969f6 mozilla-nspr-1.4.3-3.0.7.ia64.rpm e4f4c80c3bff4618d42b54d50e89c1d6 mozilla-nspr-1.4.3-3.0.7.i386.rpm f0a1eea9aeb6606e6e5d7eec65f612ed mozilla-nspr-devel-1.4.3-3.0.7.ia64.rpm ee951417a6b9f33d19e0be4ca4e4429e mozilla-nss-1.4.3-3.0.7.ia64.rpm 8559fa287563eee48563137eb00e5b2b mozilla-nss-1.4.3-3.0.7.i386.rpm 82874daf499f0183a7f26ca73e005578 mozilla-nss-devel-1.4.3-3.0.7.ia64.rpm x86_64: a27d4c67306f290a5d0c910223ccc4d8 mozilla-1.4.3-3.0.7.x86_64.rpm a11b0fd761dc02738c3c67e25f320da1 mozilla-1.4.3-3.0.7.i386.rpm adfd293311e18c4f612b130dfefa2dfd mozilla-chat-1.4.3-3.0.7.x86_64.rpm 94d458713bd6c5b6be2e3b579a2e58d7 mozilla-devel-1.4.3-3.0.7.x86_64.rpm b78d4c71019afdcf52b41026196e9426 mozilla-dom-inspector-1.4.3-3.0.7.x86_64.rpm af6e60db5bbc5dcd995122327eb832c3 mozilla-js-debugger-1.4.3-3.0.7.x86_64.rpm c76ed9e84fd7e6c5d1828690811383d5 mozilla-mail-1.4.3-3.0.7.x86_64.rpm 59ca22eca688a39a9a5c9741ae428e54 mozilla-nspr-1.4.3-3.0.7.x86_64.rpm e4f4c80c3bff4618d42b54d50e89c1d6 mozilla-nspr-1.4.3-3.0.7.i386.rpm 5c90029ee49332f263839402e42b236b mozilla-nspr-devel-1.4.3-3.0.7.x86_64.rpm 8a47f807d74cf4681b899563e49dc439 mozilla-nss-1.4.3-3.0.7.x86_64.rpm 8559fa287563eee48563137eb00e5b2b mozilla-nss-1.4.3-3.0.7.i386.rpm ebf29e52da952d9fc8f49fbb89138d41 mozilla-nss-devel-1.4.3-3.0.7.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mozilla-1.4.3-3.0.7.src.rpm ad9534b7525fb57427d5cdc11de82cf2 mozilla-1.4.3-3.0.7.src.rpm i386: a11b0fd761dc02738c3c67e25f320da1 mozilla-1.4.3-3.0.7.i386.rpm cf0a8398a63f7bd40a5049edebd7db87 mozilla-chat-1.4.3-3.0.7.i386.rpm 929f572c9364314d535c9a38f4d8a498 mozilla-devel-1.4.3-3.0.7.i386.rpm eb72c9e1394030d4bb90a9991f52e81e mozilla-dom-inspector-1.4.3-3.0.7.i386.rpm 1fb99678c2d06bbe4895d8c62b6d1abb mozilla-js-debugger-1.4.3-3.0.7.i386.rpm 076ff55c5dbaf753cec88c0109888d96 mozilla-mail-1.4.3-3.0.7.i386.rpm e4f4c80c3bff4618d42b54d50e89c1d6 mozilla-nspr-1.4.3-3.0.7.i386.rpm 90ddf2ef4341cb3bbee95fa669b9dc5d mozilla-nspr-devel-1.4.3-3.0.7.i386.rpm 8559fa287563eee48563137eb00e5b2b mozilla-nss-1.4.3-3.0.7.i386.rpm 01c7216160e7f373fd73b1c331a12148 mozilla-nss-devel-1.4.3-3.0.7.i386.rpm ia64: bc7bae6c79eea865e59a6217fd101a50 mozilla-1.4.3-3.0.7.ia64.rpm 5c66051e4d10a3e8879c5429b73a36af mozilla-chat-1.4.3-3.0.7.ia64.rpm 5d9f22a3498edec84c1e2e534ba0620a mozilla-devel-1.4.3-3.0.7.ia64.rpm b495c264cb52d0f15c2e51ce29f743f5 mozilla-dom-inspector-1.4.3-3.0.7.ia64.rpm 9ca814199cadd2cd5797555b898a3006 mozilla-js-debugger-1.4.3-3.0.7.ia64.rpm 7014f4ab5dd4f53e8cd29e8c4e3fa4e2 mozilla-mail-1.4.3-3.0.7.ia64.rpm 22b1619f1c799aaca7661493924969f6 mozilla-nspr-1.4.3-3.0.7.ia64.rpm e4f4c80c3bff4618d42b54d50e89c1d6 mozilla-nspr-1.4.3-3.0.7.i386.rpm f0a1eea9aeb6606e6e5d7eec65f612ed mozilla-nspr-devel-1.4.3-3.0.7.ia64.rpm ee951417a6b9f33d19e0be4ca4e4429e mozilla-nss-1.4.3-3.0.7.ia64.rpm 8559fa287563eee48563137eb00e5b2b mozilla-nss-1.4.3-3.0.7.i386.rpm 82874daf499f0183a7f26ca73e005578 mozilla-nss-devel-1.4.3-3.0.7.ia64.rpm x86_64: a27d4c67306f290a5d0c910223ccc4d8 mozilla-1.4.3-3.0.7.x86_64.rpm a11b0fd761dc02738c3c67e25f320da1 mozilla-1.4.3-3.0.7.i386.rpm adfd293311e18c4f612b130dfefa2dfd mozilla-chat-1.4.3-3.0.7.x86_64.rpm 94d458713bd6c5b6be2e3b579a2e58d7 mozilla-devel-1.4.3-3.0.7.x86_64.rpm b78d4c71019afdcf52b41026196e9426 mozilla-dom-inspector-1.4.3-3.0.7.x86_64.rpm af6e60db5bbc5dcd995122327eb832c3 mozilla-js-debugger-1.4.3-3.0.7.x86_64.rpm c76ed9e84fd7e6c5d1828690811383d5 mozilla-mail-1.4.3-3.0.7.x86_64.rpm 59ca22eca688a39a9a5c9741ae428e54 mozilla-nspr-1.4.3-3.0.7.x86_64.rpm e4f4c80c3bff4618d42b54d50e89c1d6 mozilla-nspr-1.4.3-3.0.7.i386.rpm 5c90029ee49332f263839402e42b236b mozilla-nspr-devel-1.4.3-3.0.7.x86_64.rpm 8a47f807d74cf4681b899563e49dc439 mozilla-nss-1.4.3-3.0.7.x86_64.rpm 8559fa287563eee48563137eb00e5b2b mozilla-nss-1.4.3-3.0.7.i386.rpm ebf29e52da952d9fc8f49fbb89138d41 mozilla-nss-devel-1.4.3-3.0.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.isec.pl/vulnerabilities/isec-0020-mozilla.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1316 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFB5nsKXlSAg2UNWIIRAv66AKCG3vnayJrvQ9bquCzG8ryugmpiXwCeKs7B jTsGuQR6dxaVdxZoIWluti8= =7Lm/ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQecoYyh9+71yA2DNAQLa1AP/eZZ2PXvGqmzn/2XByEolO1i+raxjX7I6 qaJp5kU+lEs5LpnN/GfKlMFvcx6H6QiT5i+P5RuMRU2pT9LMuxZQxMYC3FI8lB7v yiuBAeG/6Ve9H7bvxGfblGeU4Z30rJHNBVkb40Uk9t1dedWvzuMft9zepaN1Bs9J nCu1KRJm170= =e2ut -----END PGP SIGNATURE-----