-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.3995
                          python security update
                             11 November 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           python
                   python3
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-14422 CVE-2019-20907 

Reference:         ESB-2020.3887
                   ESB-2020.3870
                   ESB-2020.3828
                   ESB-2020.3614

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2020:5009
   https://access.redhat.com/errata/RHSA-2020:5010

Comment: This bulletin contains two (2) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: python security update
Advisory ID:       RHSA-2020:5009-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:5009
Issue date:        2020-11-10
CVE Names:         CVE-2019-20907 
=====================================================================

1. Summary:

An update for python is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

Python is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability. It
includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

Security Fix(es):

* python: infinite loop in the tarfile module via crafted TAR archive
(CVE-2019-20907)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1856481 - CVE-2019-20907 python: infinite loop in the tarfile module via crafted TAR archive

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
python-2.7.5-90.el7.src.rpm

x86_64:
python-2.7.5-90.el7.x86_64.rpm
python-debuginfo-2.7.5-90.el7.i686.rpm
python-debuginfo-2.7.5-90.el7.x86_64.rpm
python-libs-2.7.5-90.el7.i686.rpm
python-libs-2.7.5-90.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
python-debug-2.7.5-90.el7.x86_64.rpm
python-debuginfo-2.7.5-90.el7.x86_64.rpm
python-devel-2.7.5-90.el7.x86_64.rpm
python-test-2.7.5-90.el7.x86_64.rpm
python-tools-2.7.5-90.el7.x86_64.rpm
tkinter-2.7.5-90.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
python-2.7.5-90.el7.src.rpm

x86_64:
python-2.7.5-90.el7.x86_64.rpm
python-debuginfo-2.7.5-90.el7.i686.rpm
python-debuginfo-2.7.5-90.el7.x86_64.rpm
python-devel-2.7.5-90.el7.x86_64.rpm
python-libs-2.7.5-90.el7.i686.rpm
python-libs-2.7.5-90.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
python-debug-2.7.5-90.el7.x86_64.rpm
python-debuginfo-2.7.5-90.el7.x86_64.rpm
python-test-2.7.5-90.el7.x86_64.rpm
python-tools-2.7.5-90.el7.x86_64.rpm
tkinter-2.7.5-90.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
python-2.7.5-90.el7.src.rpm

ppc64:
python-2.7.5-90.el7.ppc64.rpm
python-debuginfo-2.7.5-90.el7.ppc.rpm
python-debuginfo-2.7.5-90.el7.ppc64.rpm
python-devel-2.7.5-90.el7.ppc64.rpm
python-libs-2.7.5-90.el7.ppc.rpm
python-libs-2.7.5-90.el7.ppc64.rpm

ppc64le:
python-2.7.5-90.el7.ppc64le.rpm
python-debuginfo-2.7.5-90.el7.ppc64le.rpm
python-devel-2.7.5-90.el7.ppc64le.rpm
python-libs-2.7.5-90.el7.ppc64le.rpm

s390x:
python-2.7.5-90.el7.s390x.rpm
python-debuginfo-2.7.5-90.el7.s390.rpm
python-debuginfo-2.7.5-90.el7.s390x.rpm
python-devel-2.7.5-90.el7.s390x.rpm
python-libs-2.7.5-90.el7.s390.rpm
python-libs-2.7.5-90.el7.s390x.rpm

x86_64:
python-2.7.5-90.el7.x86_64.rpm
python-debuginfo-2.7.5-90.el7.i686.rpm
python-debuginfo-2.7.5-90.el7.x86_64.rpm
python-devel-2.7.5-90.el7.x86_64.rpm
python-libs-2.7.5-90.el7.i686.rpm
python-libs-2.7.5-90.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
python-debug-2.7.5-90.el7.ppc64.rpm
python-debuginfo-2.7.5-90.el7.ppc64.rpm
python-test-2.7.5-90.el7.ppc64.rpm
python-tools-2.7.5-90.el7.ppc64.rpm
tkinter-2.7.5-90.el7.ppc64.rpm

ppc64le:
python-debug-2.7.5-90.el7.ppc64le.rpm
python-debuginfo-2.7.5-90.el7.ppc64le.rpm
python-test-2.7.5-90.el7.ppc64le.rpm
python-tools-2.7.5-90.el7.ppc64le.rpm
tkinter-2.7.5-90.el7.ppc64le.rpm

s390x:
python-debug-2.7.5-90.el7.s390x.rpm
python-debuginfo-2.7.5-90.el7.s390x.rpm
python-test-2.7.5-90.el7.s390x.rpm
python-tools-2.7.5-90.el7.s390x.rpm
tkinter-2.7.5-90.el7.s390x.rpm

x86_64:
python-debug-2.7.5-90.el7.x86_64.rpm
python-debuginfo-2.7.5-90.el7.x86_64.rpm
python-test-2.7.5-90.el7.x86_64.rpm
python-tools-2.7.5-90.el7.x86_64.rpm
tkinter-2.7.5-90.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
python-2.7.5-90.el7.src.rpm

x86_64:
python-2.7.5-90.el7.x86_64.rpm
python-debuginfo-2.7.5-90.el7.i686.rpm
python-debuginfo-2.7.5-90.el7.x86_64.rpm
python-devel-2.7.5-90.el7.x86_64.rpm
python-libs-2.7.5-90.el7.i686.rpm
python-libs-2.7.5-90.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
python-debug-2.7.5-90.el7.x86_64.rpm
python-debuginfo-2.7.5-90.el7.x86_64.rpm
python-test-2.7.5-90.el7.x86_64.rpm
python-tools-2.7.5-90.el7.x86_64.rpm
tkinter-2.7.5-90.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-20907
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX6qTk9zjgjWX9erEAQgLvg//RhHWplFxVFGmO2F21lMyDaz+m7OtcxoY
Mb0hxFJOvu82tR8885TODwejw+R0djQA1ZQRpsZA3IrK6STBDDFBnv8ocSNU2wa7
CYRuxLBJQhzzPMcz5b41a3V/Bn+JLEOsryPn0/KjQCtp5a96p9Eiz1upcIqBcuSd
B11r33+XCJrzqW6LQ1ZuzqK9u5hFuLctbkP9fFHPVnBhiZGtXzye3GDK1Pri68nR
QomvLdYrxBnpBP9MkFgcY4h/D9kupPdf+L3BXX2M9S+2E/M0EldaJ/mWuLEiBhB7
s9oeN+xhuRjGtKR/oOX5V1IyxPThoVeV7avmUxTKi1d8CTV/IkDCQi/DD0mqinHv
hbNZmV76W/qvWYpOk6wKJ7izuOu7CP+wfWnN4pHZ8hJCQF4hUaucl178WQTMU+4v
QSJeCF12NVPQKd79sD1MZfsr1+3TqTv1eB2JkpmxGrCwUGYP0aNNrC+pJ+tH8mZw
SQ82aX9P3+T5jDpunVA/KztgqQvJ1fx8eZYCFOeq2fNCqo/21RNSjg6vJR4pK4g9
sEzxyKjT/tK8si7gAdkhGO6gwLsYoSh6u1Qo9AB9IU0N5vGWd82QRMePFosr4qxr
IubR3CY4vXmRL/NSAuMYzd1uElHx+mKhprCIzC5HPGnNMPQw+/ydtqkjEhEpCEc9
7FT5Ea8d7j4=
=NT3u
- -----END PGP SIGNATURE-----

- --------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: python3 security update
Advisory ID:       RHSA-2020:5010-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:5010
Issue date:        2020-11-10
CVE Names:         CVE-2019-20907 CVE-2020-14422 
=====================================================================

1. Summary:

An update for python3 is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

Python is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability. It
includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

Security Fix(es):

* python: infinite loop in the tarfile module via crafted TAR archive
(CVE-2019-20907)

* python: DoS via inefficiency in IPv{4,6}Interface classes
(CVE-2020-14422)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1854926 - CVE-2020-14422 python: DoS via inefficiency in IPv{4,6}Interface classes
1856481 - CVE-2019-20907 python: infinite loop in the tarfile module via crafted TAR archive

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
python3-3.6.8-18.el7.src.rpm

x86_64:
python3-3.6.8-18.el7.x86_64.rpm
python3-debuginfo-3.6.8-18.el7.i686.rpm
python3-debuginfo-3.6.8-18.el7.x86_64.rpm
python3-libs-3.6.8-18.el7.i686.rpm
python3-libs-3.6.8-18.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
python3-3.6.8-18.el7.i686.rpm
python3-debug-3.6.8-18.el7.i686.rpm
python3-debug-3.6.8-18.el7.x86_64.rpm
python3-debuginfo-3.6.8-18.el7.i686.rpm
python3-debuginfo-3.6.8-18.el7.x86_64.rpm
python3-devel-3.6.8-18.el7.i686.rpm
python3-devel-3.6.8-18.el7.x86_64.rpm
python3-idle-3.6.8-18.el7.i686.rpm
python3-idle-3.6.8-18.el7.x86_64.rpm
python3-test-3.6.8-18.el7.i686.rpm
python3-test-3.6.8-18.el7.x86_64.rpm
python3-tkinter-3.6.8-18.el7.i686.rpm
python3-tkinter-3.6.8-18.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
python3-3.6.8-18.el7.src.rpm

x86_64:
python3-3.6.8-18.el7.x86_64.rpm
python3-debuginfo-3.6.8-18.el7.i686.rpm
python3-debuginfo-3.6.8-18.el7.x86_64.rpm
python3-libs-3.6.8-18.el7.i686.rpm
python3-libs-3.6.8-18.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
python3-3.6.8-18.el7.i686.rpm
python3-debug-3.6.8-18.el7.i686.rpm
python3-debug-3.6.8-18.el7.x86_64.rpm
python3-debuginfo-3.6.8-18.el7.i686.rpm
python3-debuginfo-3.6.8-18.el7.x86_64.rpm
python3-devel-3.6.8-18.el7.i686.rpm
python3-devel-3.6.8-18.el7.x86_64.rpm
python3-idle-3.6.8-18.el7.i686.rpm
python3-idle-3.6.8-18.el7.x86_64.rpm
python3-test-3.6.8-18.el7.i686.rpm
python3-test-3.6.8-18.el7.x86_64.rpm
python3-tkinter-3.6.8-18.el7.i686.rpm
python3-tkinter-3.6.8-18.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
python3-3.6.8-18.el7.src.rpm

ppc64:
python3-3.6.8-18.el7.ppc64.rpm
python3-debuginfo-3.6.8-18.el7.ppc.rpm
python3-debuginfo-3.6.8-18.el7.ppc64.rpm
python3-libs-3.6.8-18.el7.ppc.rpm
python3-libs-3.6.8-18.el7.ppc64.rpm

ppc64le:
python3-3.6.8-18.el7.ppc64le.rpm
python3-debuginfo-3.6.8-18.el7.ppc64le.rpm
python3-libs-3.6.8-18.el7.ppc64le.rpm

s390x:
python3-3.6.8-18.el7.s390x.rpm
python3-debuginfo-3.6.8-18.el7.s390.rpm
python3-debuginfo-3.6.8-18.el7.s390x.rpm
python3-libs-3.6.8-18.el7.s390.rpm
python3-libs-3.6.8-18.el7.s390x.rpm

x86_64:
python3-3.6.8-18.el7.x86_64.rpm
python3-debuginfo-3.6.8-18.el7.i686.rpm
python3-debuginfo-3.6.8-18.el7.x86_64.rpm
python3-libs-3.6.8-18.el7.i686.rpm
python3-libs-3.6.8-18.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
python3-3.6.8-18.el7.ppc.rpm
python3-debug-3.6.8-18.el7.ppc.rpm
python3-debug-3.6.8-18.el7.ppc64.rpm
python3-debuginfo-3.6.8-18.el7.ppc.rpm
python3-debuginfo-3.6.8-18.el7.ppc64.rpm
python3-devel-3.6.8-18.el7.ppc.rpm
python3-devel-3.6.8-18.el7.ppc64.rpm
python3-idle-3.6.8-18.el7.ppc.rpm
python3-idle-3.6.8-18.el7.ppc64.rpm
python3-test-3.6.8-18.el7.ppc.rpm
python3-test-3.6.8-18.el7.ppc64.rpm
python3-tkinter-3.6.8-18.el7.ppc.rpm
python3-tkinter-3.6.8-18.el7.ppc64.rpm

ppc64le:
python3-debug-3.6.8-18.el7.ppc64le.rpm
python3-debuginfo-3.6.8-18.el7.ppc64le.rpm
python3-devel-3.6.8-18.el7.ppc64le.rpm
python3-idle-3.6.8-18.el7.ppc64le.rpm
python3-test-3.6.8-18.el7.ppc64le.rpm
python3-tkinter-3.6.8-18.el7.ppc64le.rpm

s390x:
python3-3.6.8-18.el7.s390.rpm
python3-debug-3.6.8-18.el7.s390.rpm
python3-debug-3.6.8-18.el7.s390x.rpm
python3-debuginfo-3.6.8-18.el7.s390.rpm
python3-debuginfo-3.6.8-18.el7.s390x.rpm
python3-devel-3.6.8-18.el7.s390.rpm
python3-devel-3.6.8-18.el7.s390x.rpm
python3-idle-3.6.8-18.el7.s390.rpm
python3-idle-3.6.8-18.el7.s390x.rpm
python3-test-3.6.8-18.el7.s390.rpm
python3-test-3.6.8-18.el7.s390x.rpm
python3-tkinter-3.6.8-18.el7.s390.rpm
python3-tkinter-3.6.8-18.el7.s390x.rpm

x86_64:
python3-3.6.8-18.el7.i686.rpm
python3-debug-3.6.8-18.el7.i686.rpm
python3-debug-3.6.8-18.el7.x86_64.rpm
python3-debuginfo-3.6.8-18.el7.i686.rpm
python3-debuginfo-3.6.8-18.el7.x86_64.rpm
python3-devel-3.6.8-18.el7.i686.rpm
python3-devel-3.6.8-18.el7.x86_64.rpm
python3-idle-3.6.8-18.el7.i686.rpm
python3-idle-3.6.8-18.el7.x86_64.rpm
python3-test-3.6.8-18.el7.i686.rpm
python3-test-3.6.8-18.el7.x86_64.rpm
python3-tkinter-3.6.8-18.el7.i686.rpm
python3-tkinter-3.6.8-18.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
python3-3.6.8-18.el7.src.rpm

x86_64:
python3-3.6.8-18.el7.x86_64.rpm
python3-debuginfo-3.6.8-18.el7.i686.rpm
python3-debuginfo-3.6.8-18.el7.x86_64.rpm
python3-libs-3.6.8-18.el7.i686.rpm
python3-libs-3.6.8-18.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
python3-3.6.8-18.el7.i686.rpm
python3-debug-3.6.8-18.el7.i686.rpm
python3-debug-3.6.8-18.el7.x86_64.rpm
python3-debuginfo-3.6.8-18.el7.i686.rpm
python3-debuginfo-3.6.8-18.el7.x86_64.rpm
python3-devel-3.6.8-18.el7.i686.rpm
python3-devel-3.6.8-18.el7.x86_64.rpm
python3-idle-3.6.8-18.el7.i686.rpm
python3-idle-3.6.8-18.el7.x86_64.rpm
python3-test-3.6.8-18.el7.i686.rpm
python3-test-3.6.8-18.el7.x86_64.rpm
python3-tkinter-3.6.8-18.el7.i686.rpm
python3-tkinter-3.6.8-18.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-20907
https://access.redhat.com/security/cve/CVE-2020-14422
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX6qUVtzjgjWX9erEAQiahxAAhy8V14PQc3ZwRJTO4tqhxMwDLsrU4VPZ
ykcvxsDf6vfqnOabs16CsP8qum5fiuAOOfQzXwOGB3niW8hbrzHhxj1Mq9pdvHEd
pGLXf2ZQl3rGTD9A+oJUt4kTFKCqc/YNBQsvqj8nmd7D3+A9R79aGmMXndpNiKHN
kRfraHVWfdASCuRKdF6WUCWOEZEDwLz1o4BUwwEWgCnzPSCtlyn4nwEhScIZ/RUx
wRWHbC4TBbg/kHYfe53bJChgOl7HNjOUJreZMjg5WaIpmIr4vq1TChTy502D0ayb
44UZtOULklnli/zyBKn3carkege+hJdjZEdaRmPFcHFRMq0p64GMRZeXfFUkKTyb
SyKbA1M4qUZbTz01OXIPoiyl83PcS3JpE4wBr4EKBM2pcI69dZ6H1m5CndyVrmjl
FYBhRxTBHzI4Pwv9b0eKzk/aap7CkRwyS/UKsWwddC79NVJsavDlBmovKc0xoe3J
7vYjrVs1rWdlrfhaUYv3mlOyY8Du/6lvfa92dRtLFuspqzlcVN36YM5zzhLNsG+I
zB8xZNz0T+PYr0GNZifbSpZqAq1l/dgITwGyl+YvU8o6jMRTms4yiVxojVoNTtwC
gpd7WHtECTK/2dzq9O0w+0qPzZNbpSuIABJo/JLYOexRLpmWl9ZvqbFcZLUWY5Pw
GiqHW/TMddw=
=/PtA
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX6t66uNLKJtyKPYoAQjAhQ/+KLycQlH2pbOZC0DnhUlcfYAWiZ6GbrCY
5u7WpjDjrc/N6ztUJBhRlhNBKXBPWYwHtXKNoVynu6XPteejytlgOftnM0/eTyQP
Op1jcdUCApePRcefoaRwUkGA8KqBuZ/e3c8GVkH5CR0bIs95uop9i9EBULGYAoy3
U9bJGN6vScpuoeuSd4NsHrCc7Tg+IEJMyGWcMoG4vhQ1vGHIgy+4ilmG6ecWPwa7
Xqpy7GOFbcsb+lh6XoRWLLXv6UJ8VyS23DuRn4joTKyhEermgTzysUDkaAuW0prY
oZpAQBsj6bYw0WbjT8AvZqY1B+O5bVfflYugj1puCZjS2ZIK87UcHkeRytHxmby/
TFvH6REGxTtc9ZhJJEaCb18mNH4KtRK27fw7GFFSzYMpkgviJGuNGxizP4LqWSDI
6WsNTzIKZAMIijpngODAlUJNedhFe1RcJIrB1Rb9cmPchkZ5EGBNOYPa0fcSFvIY
6RtHJFdGB2mLSAEy7+qztp0XpALBdOK8006Dgi1WRASQuqMAFfjNMYDGAI3RXdVb
aP4qZ17yBjpQFg4NNoz3K8Xs7wKV55Ask52Ls9cSBxUKnTqmSaXalF1+OPVbtgqE
vVhMqQ9GZVtgefdJRLznCaJg0EOEkacIuKcmLlhjQYJOopuimEB+Znk9Ux2NDXQW
LNcIKI+/JG8=
=LKu+
-----END PGP SIGNATURE-----