Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.2923
libsndfile security updates
31 August 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: libsndfile
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2021-3246
Reference: ESB-2021.2903
ESB-2021.2786
ESB-2021.2653
ESB-2021.2570
ESB-2021.2546
Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:3295
https://access.redhat.com/errata/RHSA-2021:3297
https://access.redhat.com/errata/RHSA-2021:3298
Comment: This bulletin contains three (3) Red Hat security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: libsndfile security update
Advisory ID: RHSA-2021:3295-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:3295
Issue date: 2021-08-30
CVE Names: CVE-2021-3246
=====================================================================
1. Summary:
An update for libsndfile is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
libsndfile is a C library for reading and writing files containing sampled
sound, such as AIFF, AU, or WAV.
Security Fix(es):
* libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary
code execution (CVE-2021-3246)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1984319 - CVE-2021-3246 libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
libsndfile-1.0.25-12.el7_9.1.src.rpm
x86_64:
libsndfile-1.0.25-12.el7_9.1.i686.rpm
libsndfile-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.i686.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
libsndfile-debuginfo-1.0.25-12.el7_9.1.i686.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-devel-1.0.25-12.el7_9.1.i686.rpm
libsndfile-devel-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-utils-1.0.25-12.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
libsndfile-1.0.25-12.el7_9.1.src.rpm
x86_64:
libsndfile-1.0.25-12.el7_9.1.i686.rpm
libsndfile-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.i686.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
libsndfile-debuginfo-1.0.25-12.el7_9.1.i686.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-devel-1.0.25-12.el7_9.1.i686.rpm
libsndfile-devel-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-utils-1.0.25-12.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
libsndfile-1.0.25-12.el7_9.1.src.rpm
ppc64:
libsndfile-1.0.25-12.el7_9.1.ppc.rpm
libsndfile-1.0.25-12.el7_9.1.ppc64.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.ppc.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.ppc64.rpm
ppc64le:
libsndfile-1.0.25-12.el7_9.1.ppc64le.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.ppc64le.rpm
s390x:
libsndfile-1.0.25-12.el7_9.1.s390.rpm
libsndfile-1.0.25-12.el7_9.1.s390x.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.s390.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.s390x.rpm
x86_64:
libsndfile-1.0.25-12.el7_9.1.i686.rpm
libsndfile-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.i686.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
libsndfile-debuginfo-1.0.25-12.el7_9.1.ppc.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.ppc64.rpm
libsndfile-devel-1.0.25-12.el7_9.1.ppc.rpm
libsndfile-devel-1.0.25-12.el7_9.1.ppc64.rpm
libsndfile-utils-1.0.25-12.el7_9.1.ppc64.rpm
ppc64le:
libsndfile-debuginfo-1.0.25-12.el7_9.1.ppc64le.rpm
libsndfile-devel-1.0.25-12.el7_9.1.ppc64le.rpm
libsndfile-utils-1.0.25-12.el7_9.1.ppc64le.rpm
s390x:
libsndfile-debuginfo-1.0.25-12.el7_9.1.s390.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.s390x.rpm
libsndfile-devel-1.0.25-12.el7_9.1.s390.rpm
libsndfile-devel-1.0.25-12.el7_9.1.s390x.rpm
libsndfile-utils-1.0.25-12.el7_9.1.s390x.rpm
x86_64:
libsndfile-debuginfo-1.0.25-12.el7_9.1.i686.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-devel-1.0.25-12.el7_9.1.i686.rpm
libsndfile-devel-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-utils-1.0.25-12.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
libsndfile-1.0.25-12.el7_9.1.src.rpm
x86_64:
libsndfile-1.0.25-12.el7_9.1.i686.rpm
libsndfile-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.i686.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
libsndfile-debuginfo-1.0.25-12.el7_9.1.i686.rpm
libsndfile-debuginfo-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-devel-1.0.25-12.el7_9.1.i686.rpm
libsndfile-devel-1.0.25-12.el7_9.1.x86_64.rpm
libsndfile-utils-1.0.25-12.el7_9.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-3246
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYSyjO9zjgjWX9erEAQhXvQ/+Lc7dLGqal7SF07mvQMHKNeOaRcZ5m6y4
p1GN/UQM+maSmP/2RZoW1Bv8JaP72AohNZv4c4sAICQ/Yer2JCFnYn7sKkX+czu7
E9sknfTDAahPPiYkEKJD2WgsINV6WNPCNwbwkhpBx2el3ZsaIesreBu0YmNTSfqe
6angJpmMQZ+6pjbvA4UffnaYAymHN/PhOpJFQ/Q6toHxCyuRvH7sVDnb4+du1XYi
HfQ2Vb4B0VihpWooeelbqAULGNUfoOpfVhvIK8285x1/AU2xXUekMLMtFRHHug2D
FRQlSFwwnavuEBhzW8ADOVoli+KHw+I84rBbHB5w9gOfn+1AUFMDbg5dC5sJYyhS
wP+6ruuNaDXJCQjzrvSNv5rNecsl0Jbgbt4l5ux0cdGybjntzOomUVDtd6WXU8o4
U918F9Bcnvey6mFLt72Gx7stcm/EiUE64suMNQW2iPhlIZSclmi4wzDLVU2dvb+9
6OwgAjCgsCVkgTPkvl7d1sZf2KlWYklayOtR8N46qUtmtP77FSaR+NgHdrRo7Qmr
qtsL380AgY2AGSrYjEIPIkZ0wJRG9tCnz5u2mjJmSUbL6XMy/bPt3i05PGNuuKWf
rKmPABZ5KT0DN+A5R1BJg8yC10ERu1NhUWwwC5Gm8g1enm+atlhE7TF35x7N1xM4
RJrhosmWpLI=
=8Fqe
- -----END PGP SIGNATURE-----
- ---------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: libsndfile security update
Advisory ID: RHSA-2021:3297-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:3297
Issue date: 2021-08-30
CVE Names: CVE-2021-3246
=====================================================================
1. Summary:
An update for libsndfile is now available for Red Hat Enterprise Linux 8.1
Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder EUS (v. 8.1) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream EUS (v. 8.1) - aarch64, ppc64le, s390x, x86_64
3. Description:
libsndfile is a C library for reading and writing files containing sampled
sound, such as AIFF, AU, or WAV.
Security Fix(es):
* libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary
code execution (CVE-2021-3246)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1984319 - CVE-2021-3246 libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution
6. Package List:
Red Hat Enterprise Linux AppStream EUS (v. 8.1):
Source:
libsndfile-1.0.28-8.el8_1.1.src.rpm
aarch64:
libsndfile-1.0.28-8.el8_1.1.aarch64.rpm
libsndfile-debuginfo-1.0.28-8.el8_1.1.aarch64.rpm
libsndfile-debugsource-1.0.28-8.el8_1.1.aarch64.rpm
libsndfile-utils-debuginfo-1.0.28-8.el8_1.1.aarch64.rpm
ppc64le:
libsndfile-1.0.28-8.el8_1.1.ppc64le.rpm
libsndfile-debuginfo-1.0.28-8.el8_1.1.ppc64le.rpm
libsndfile-debugsource-1.0.28-8.el8_1.1.ppc64le.rpm
libsndfile-utils-debuginfo-1.0.28-8.el8_1.1.ppc64le.rpm
s390x:
libsndfile-1.0.28-8.el8_1.1.s390x.rpm
libsndfile-debuginfo-1.0.28-8.el8_1.1.s390x.rpm
libsndfile-debugsource-1.0.28-8.el8_1.1.s390x.rpm
libsndfile-utils-debuginfo-1.0.28-8.el8_1.1.s390x.rpm
x86_64:
libsndfile-1.0.28-8.el8_1.1.i686.rpm
libsndfile-1.0.28-8.el8_1.1.x86_64.rpm
libsndfile-debuginfo-1.0.28-8.el8_1.1.i686.rpm
libsndfile-debuginfo-1.0.28-8.el8_1.1.x86_64.rpm
libsndfile-debugsource-1.0.28-8.el8_1.1.i686.rpm
libsndfile-debugsource-1.0.28-8.el8_1.1.x86_64.rpm
libsndfile-utils-debuginfo-1.0.28-8.el8_1.1.i686.rpm
libsndfile-utils-debuginfo-1.0.28-8.el8_1.1.x86_64.rpm
Red Hat CodeReady Linux Builder EUS (v. 8.1):
aarch64:
libsndfile-debuginfo-1.0.28-8.el8_1.1.aarch64.rpm
libsndfile-debugsource-1.0.28-8.el8_1.1.aarch64.rpm
libsndfile-devel-1.0.28-8.el8_1.1.aarch64.rpm
libsndfile-utils-debuginfo-1.0.28-8.el8_1.1.aarch64.rpm
ppc64le:
libsndfile-debuginfo-1.0.28-8.el8_1.1.ppc64le.rpm
libsndfile-debugsource-1.0.28-8.el8_1.1.ppc64le.rpm
libsndfile-devel-1.0.28-8.el8_1.1.ppc64le.rpm
libsndfile-utils-debuginfo-1.0.28-8.el8_1.1.ppc64le.rpm
s390x:
libsndfile-debuginfo-1.0.28-8.el8_1.1.s390x.rpm
libsndfile-debugsource-1.0.28-8.el8_1.1.s390x.rpm
libsndfile-devel-1.0.28-8.el8_1.1.s390x.rpm
libsndfile-utils-debuginfo-1.0.28-8.el8_1.1.s390x.rpm
x86_64:
libsndfile-debuginfo-1.0.28-8.el8_1.1.i686.rpm
libsndfile-debuginfo-1.0.28-8.el8_1.1.x86_64.rpm
libsndfile-debugsource-1.0.28-8.el8_1.1.i686.rpm
libsndfile-debugsource-1.0.28-8.el8_1.1.x86_64.rpm
libsndfile-devel-1.0.28-8.el8_1.1.i686.rpm
libsndfile-devel-1.0.28-8.el8_1.1.x86_64.rpm
libsndfile-utils-debuginfo-1.0.28-8.el8_1.1.i686.rpm
libsndfile-utils-debuginfo-1.0.28-8.el8_1.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-3246
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYSyTS9zjgjWX9erEAQg/VQ/+KMoXuKcGMjY0X9EsLJFLbnAaOtdHRGp0
DyS6UGZH+2SGTHid5Mp0DMXP2HfChrG2MMgbWNe79HqlMozLIB/FU+ebp4Xc7bdg
gieCAlSMjUWBcrcpWYPbkE420sVhuSOiEACMRMQOsvAj5+JH1Z7ZibAoELNhrJHO
SBGnSrmoqwwDzqG+oqxa3UDwL8MJac/CzhsjiDrSlyfGTgbtPG/h0+bmUAZo9MiO
NlA3KunpoI4Yycp9JAklY/0O9NWFa+g/b/dJNmQ/BGZcu52VLcw4vQ8PcqSBO18q
eV93zd+1veg7PT8KhubLBXD2ossthJBvenXp7RnesBTepn+4jvrsYDmgzM24zMfh
2UeOiTLuz+aPO4OzOIXiLwz3BPIlXsgfEP282dSaId8Y87e8k1SCexgqRJ5wNxCw
iuNRowmz+mEc1ArM/qdsJaZ2JEB9jOYZXuiRXCIzTlyrTI0k/lhuWTHdj9bbfbSv
1/O2nSPIXiEr2DwfUiUvSUAh6phD27BNn7DdN7HiT+HDZAlS1BZxsYMGCw+Jj0yw
TwxX/G5g0ur4Wyiw26if2377p1w5LcFvqZO2jweqnXRhLzLs/vb+7zaBZ13skMJ8
fc+yiB9AQclsxEa6HW6qDJjdVl8x42GAv5AoCI60ae5n5oYXjBG+OcJmZPVCyEwy
TwipvCnksnU=
=3vVA
- -----END PGP SIGNATURE-----
- ---------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: libsndfile security update
Advisory ID: RHSA-2021:3298-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:3298
Issue date: 2021-08-30
CVE Names: CVE-2021-3246
=====================================================================
1. Summary:
An update for libsndfile is now available for Red Hat Enterprise Linux 8.2
Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64
3. Description:
libsndfile is a C library for reading and writing files containing sampled
sound, such as AIFF, AU, or WAV.
Security Fix(es):
* libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary
code execution (CVE-2021-3246)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1984319 - CVE-2021-3246 libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution
6. Package List:
Red Hat Enterprise Linux AppStream EUS (v. 8.2):
Source:
libsndfile-1.0.28-10.el8_2.1.src.rpm
aarch64:
libsndfile-1.0.28-10.el8_2.1.aarch64.rpm
libsndfile-debuginfo-1.0.28-10.el8_2.1.aarch64.rpm
libsndfile-debugsource-1.0.28-10.el8_2.1.aarch64.rpm
libsndfile-utils-debuginfo-1.0.28-10.el8_2.1.aarch64.rpm
ppc64le:
libsndfile-1.0.28-10.el8_2.1.ppc64le.rpm
libsndfile-debuginfo-1.0.28-10.el8_2.1.ppc64le.rpm
libsndfile-debugsource-1.0.28-10.el8_2.1.ppc64le.rpm
libsndfile-utils-debuginfo-1.0.28-10.el8_2.1.ppc64le.rpm
s390x:
libsndfile-1.0.28-10.el8_2.1.s390x.rpm
libsndfile-debuginfo-1.0.28-10.el8_2.1.s390x.rpm
libsndfile-debugsource-1.0.28-10.el8_2.1.s390x.rpm
libsndfile-utils-debuginfo-1.0.28-10.el8_2.1.s390x.rpm
x86_64:
libsndfile-1.0.28-10.el8_2.1.i686.rpm
libsndfile-1.0.28-10.el8_2.1.x86_64.rpm
libsndfile-debuginfo-1.0.28-10.el8_2.1.i686.rpm
libsndfile-debuginfo-1.0.28-10.el8_2.1.x86_64.rpm
libsndfile-debugsource-1.0.28-10.el8_2.1.i686.rpm
libsndfile-debugsource-1.0.28-10.el8_2.1.x86_64.rpm
libsndfile-utils-debuginfo-1.0.28-10.el8_2.1.i686.rpm
libsndfile-utils-debuginfo-1.0.28-10.el8_2.1.x86_64.rpm
Red Hat CodeReady Linux Builder EUS (v. 8.2):
aarch64:
libsndfile-debuginfo-1.0.28-10.el8_2.1.aarch64.rpm
libsndfile-debugsource-1.0.28-10.el8_2.1.aarch64.rpm
libsndfile-devel-1.0.28-10.el8_2.1.aarch64.rpm
libsndfile-utils-debuginfo-1.0.28-10.el8_2.1.aarch64.rpm
ppc64le:
libsndfile-debuginfo-1.0.28-10.el8_2.1.ppc64le.rpm
libsndfile-debugsource-1.0.28-10.el8_2.1.ppc64le.rpm
libsndfile-devel-1.0.28-10.el8_2.1.ppc64le.rpm
libsndfile-utils-debuginfo-1.0.28-10.el8_2.1.ppc64le.rpm
s390x:
libsndfile-debuginfo-1.0.28-10.el8_2.1.s390x.rpm
libsndfile-debugsource-1.0.28-10.el8_2.1.s390x.rpm
libsndfile-devel-1.0.28-10.el8_2.1.s390x.rpm
libsndfile-utils-debuginfo-1.0.28-10.el8_2.1.s390x.rpm
x86_64:
libsndfile-debuginfo-1.0.28-10.el8_2.1.i686.rpm
libsndfile-debuginfo-1.0.28-10.el8_2.1.x86_64.rpm
libsndfile-debugsource-1.0.28-10.el8_2.1.i686.rpm
libsndfile-debugsource-1.0.28-10.el8_2.1.x86_64.rpm
libsndfile-devel-1.0.28-10.el8_2.1.i686.rpm
libsndfile-devel-1.0.28-10.el8_2.1.x86_64.rpm
libsndfile-utils-debuginfo-1.0.28-10.el8_2.1.i686.rpm
libsndfile-utils-debuginfo-1.0.28-10.el8_2.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-3246
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYSyVZtzjgjWX9erEAQip+RAAlPqpM0g5QsPiiiJUAL7fGvumt2upCSdz
qpA0vjJvG3kCE1U6qH6241oBxcJrwwq5JutPT/UQfNYravUwcCMAx4Z1M4Ja+MqK
Lr2wtz87hZOUvzhc/xkGSPhlAEe0C+fXKjxifSKrrJNWX1v/s0kM1cD11a+3CjzG
4GuWmu6oavOR1TR8TBDyW3NqAb/Rowx/NR8LXkPMx5x+yNUzstesLWQV6LjD77Eb
nzPZKUjPyfnF+yZAOpUmaZknqEBsNhSaRjJkYfEBvR5r3X9D68kEiXmwYuU1fe9C
AYLl6PEex20dw0kdgUq76fXA6pghXKVEeesl7MU9S5ztNBbbg8hXZWFJPHQPQVmQ
MxEAmuReAWzZN0QlR+7Z68zNmdEoE/nmhoypHVEClKjAQu/aMEv8RBkA0YjkD9ZS
ITsO9EHF3pTKlPg5E7CnbZ2dasGG3h+swRR3sl1v23JhxC/wjpcvwCYllCdYauNC
x42ig8WiZcvgbpIcETZ/Z1JpR7VoBrAYmnaGJcHXOicc+KxahD1pHiGZOoONQqgx
30IMjMA7IKp8ceNPOw/w0dQ91juIotP3TkW7A5rQTae6rWqli6arIr8A2d5yXoMU
I+57WAp4FcBoHwOTEXuoVVVG1LQIYc6io7lcFdGmHtzKZ/6m8+BaBP7+iKiW2hr3
YVUq+qwE86Q=
=c0/J
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYS1l6ONLKJtyKPYoAQhF8A/9FRsKZ+NVV3pG2Qm6ApkVgFKs1YpQkdRP
f7ZGQ4GCEw3p9ccjmiULXjIXRzcIkI9zc0dFJECG0uN7RDzCQFIY8Ed5KAGfL7Qe
T0a9ebSFz+7AiPiQe8nOoMpJh4GNvreV20J6S6BYF+SesH4X4si1XVVv/ZzWtVZ4
AKPRscYnguQ8DX93B3RABjXw9nmNMhr3bnLq64ro38xPWNZktXlCzYL3MzOXikY2
xSYZc6hNH5a/i4ETxjRGcSbbNPOVbIQalmCBKDjruKTLS9ajbGlS41Nn/tVVSYpI
AyrMFzL24xFII2g3ZQmGAmN35GShC2q+w1HPnMX7uJjXggiOVatIkEBTJiIYOArK
dfbgSHXcSCPBvYBNu2vl0Z/kVRNzLAZVwG+wU+9zLZaXTg6oobN45P+TCaCHOsO4
935TZ5bDk26WfFXuUrX2gPSNjHpE+k8nmEmJGwwjLHAYZ+Bsc0MdDsw+RrknQq6s
9uSmNjrbXITANBEA6w0EjArfEuKiLucRif/Xyiad6OXv/Qyo3bfr7gFra/GVHjbl
YWizwu9J0OxiM3twsq5G5zSLViCEbJ4TvzUzciS7LNmJHAklAPpZI8oWI03h8436
QdS80suiTH20l+GoF6j2itlACtjWhps3eqJa8hIkomU+bNhsJun778RBloSR3NkN
xEz6QnAZrVI=
=yPdH
-----END PGP SIGNATURE-----