[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 559/05 - Fedora - Five Update Notifications



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 559/05 dated 21.07.05  Time: 10:45  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Fedora - Five Update Notifications:
     1.  Fedora Core 4 Update: mysql-4.1.12-2.FC4.1       [FEDORA-2005-557]
     2.  Fedora Core 4 Update: firefox-1.0.6-1.1.fc4      [FEDORA-2005-605]
     3.  Fedora Core 4 Update: thunderbird-1.0.6-1.1.fc4  [FEDORA-2005-606]
     4.  Fedora Core 3 Update: firefox-1.0.6-1.1.fc3      [FEDORA-2005-603]
     5.  Fedora Core 3 Update: thunderbird-1.0.6-1.1.fc3  [FEDORA-2005-604]


Detail
====== 

Update notification summaries:

     1.  Update to MySQL 4.1.12 (includes a low-impact security fix, see bz#158689).

     2.  Users of Firefox are advised to upgrade to this updated package that
         contains Firefox version 1.0.6 and is not vulnerable to listed issues.

     3.  Users of Thunderbird are advised to upgrade to this updated package that
         contains Thunderbird version 1.0.6 and is not vulnerable to listed issues.
 
     4.  Users of Firefox are advised to upgrade to this updated package that
         contains Firefox version 1.0.6 and is not vulnerable to listed issues.

     5.  Users of Thunderbird are advised to upgrade to this updated package that
         contains Thunderbird version 1.0.6 and is not vulnerable to listed issues. 


Update notification content follows:


1.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-557
2005-07-20
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : mysql
Version     : 4.1.12                      
Release     : 2.FC4.1                  
Summary     : MySQL client programs and shared library.
Description :
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. This package
contains the MySQL client programs, the client shared library, and
generic MySQL files.

- ---------------------------------------------------------------------
Update Information:

Update to MySQL 4.1.12 (includes a low-impact security fix, see bz#158689).
Repair some issues in openssl support.
Re-enable the old ISAM table type.
- ---------------------------------------------------------------------
* Tue Jul 12 2005 Tom Lane <tgl@xxxxxxxxxx> 4.1.12-2.FC4.1
- - Update to MySQL 4.1.12 (includes a fix for bz#158688, bz#158689)
- - Extend mysql-test-ssl.patch to solve rpl_openssl test failure (bz#155850)
- - Update mysql-lock-ssl.patch to match the upstream committed version
- - Add --with-isam to re-enable the old ISAM table type, per bz#159262
- - Add dependency on openssl-devel per bz#159569
- - Remove manual.txt, as upstream decided not to ship it anymore;
  it was redundant with the mysql.info file anyway.
- - Fix buffer overflow newly exposed in isam code; it's the same issue
  previously found in myisam, and not very exciting, but I'm tired of
  seeing build warnings.

* Mon May  9 2005 Tom Lane <tgl@xxxxxxxxxx> 4.1.11-4
- - Include proper locking for OpenSSL in the server, per bz#155850

* Mon Apr 25 2005 Tom Lane <tgl@xxxxxxxxxx> 4.1.11-3
- - Enable openssl tests during build, per bz#155850
- - Might as well turn on --disable-dependency-tracking


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

774460107972d53004a6a2008caebc72  SRPMS/mysql-4.1.12-2.FC4.1.src.rpm
e45f42d42cf30b5b78a2d549f0e25847  ppc/mysql-4.1.12-2.FC4.1.ppc.rpm
98c3ccc6b9fddc04e939e533773ec789  ppc/mysql-server-4.1.12-2.FC4.1.ppc.rpm
cd0089e82da75b84e7db807d1d61dc4d  ppc/mysql-devel-4.1.12-2.FC4.1.ppc.rpm
1ab9651bdc3f25ce5d8608b6e52e296c  ppc/mysql-bench-4.1.12-2.FC4.1.ppc.rpm
f13f7b728be053fae4306a5fb3da9b77  ppc/debug/mysql-debuginfo-4.1.12-2.FC4.1.ppc.rpm
d7579b55ca0523ee093562ca80be3647  ppc/mysql-4.1.12-2.FC4.1.ppc64.rpm
657bb78043fdb9fbc4ab51d9153f147b  x86_64/mysql-4.1.12-2.FC4.1.x86_64.rpm
c522150d70660d88a0c3ab44a2cfa4ba  x86_64/mysql-server-4.1.12-2.FC4.1.x86_64.rpm
cb21a91f82c0b39d227c0aaa4d498f53  x86_64/mysql-devel-4.1.12-2.FC4.1.x86_64.rpm
0187d563d0cdecec49375c9b39e5c116  x86_64/mysql-bench-4.1.12-2.FC4.1.x86_64.rpm
85d8d44fc23c0c3960dc825937fa02e2  x86_64/debug/mysql-debuginfo-4.1.12-2.FC4.1.x86_64.rpm
97de47bd2c66fc9e213f9484d04db852  x86_64/mysql-4.1.12-2.FC4.1.i386.rpm
97de47bd2c66fc9e213f9484d04db852  i386/mysql-4.1.12-2.FC4.1.i386.rpm
3999316e1bea7bc0b832447a59870b98  i386/mysql-server-4.1.12-2.FC4.1.i386.rpm
1137e6778dc99f56df1c8c0eb462338b  i386/mysql-devel-4.1.12-2.FC4.1.i386.rpm
657113d7ec9d26971f064035ab410a7b  i386/mysql-bench-4.1.12-2.FC4.1.i386.rpm
f7c8443e9d551b7fc2651c98195a24e1  i386/debug/mysql-debuginfo-4.1.12-2.FC4.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




2.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-605
2005-07-20
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : firefox
Version     : 1.0.6                      
Release     : 1.1.fc4                  
Summary     : Mozilla Firefox Web browser.
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

- ---------------------------------------------------------------------
Update Information:

Mozilla Firefox is an open source Web browser.

A bug was found in the way Firefox handled synthetic events. It is possible
that Web content could generate events such as keystrokes or mouse clicks
that could be used to steal data or execute malicious JavaScript code. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-2260 to this issue.


A bug was found in the way Firefox executed Javascript in XBL controls. It
is possible for a malicious webpage to leverage this vulnerability to
execute other JavaScript based attacks even when JavaScript is disabled.
(CAN-2005-2261)

A bug was found in the way Firefox set an image as the desktop wallpaper.
If a user chooses the "Set As Wallpaper..." context menu item on a
specially crafted image, it is possible for an attacker to execute
arbitrary code on a victim's machine. (CAN-2005-2262)

A bug was found in the way Firefox installed its extensions. If a user can
be tricked into visiting a malicious webpage, it may be possible to obtain
sensitive information such as cookies or passwords. (CAN-2005-2263)

A bug was found in the way Firefox handled the _search target. It is
possible for a malicious website to inject JavaScript into an already open
webpage. (CAN-2005-2264)

A bug was found in the way Firefox handled certain Javascript functions. It
is possible for a malicious web page to crash the browser by executing
malformed Javascript code. (CAN-2005-2265)

A bug was found in the way Firefox handled multiple frame domains. It is
possible for a frame as part of a malicious web site to inject content into
a frame that belongs to another domain. This issue was previously fixed as
CAN-2004-0718 but was accidentally disabled. (CAN-2005-1937)

A bug was found in the way Firefox handled child frames. It is possible for
a malicious framed page to steal sensitive information from its parent
page. (CAN-2005-2266)

A bug was found in the way Firefox opened URLs from media players. If a
media player opens a URL that is JavaScript, JavaScript is executed
with access to the currently open webpage. (CAN-2005-2267)

A design flaw was found in the way Firefox displayed alerts and prompts.
Alerts and prompts were given the generic title [JavaScript Application]
which prevented a user from knowing which site created them. (CAN-2005-2268)

A bug was found in the way Firefox handled DOM node names. It is possible
for a malicious site to overwrite a DOM node name, allowing certain
privileged chrome actions to execute the malicious JavaScript. (CAN-2005-2269)

A bug was found in the way Firefox cloned base objects. It is possible for
Web content to navigate up the prototype chain to gain access to privileged
chrome objects. (CAN-2005-2270)

Users of Firefox are advised to upgrade to this updated package that
contains Firefox version 1.0.6 and is not vulnerable to these issues. 

- ---------------------------------------------------------------------
* Wed Jul 20 2005 Christopher Aillon <caillon@xxxxxxxxxx> 0:1.0.6-1.1.fc4
- - Update to 1.0.6

* Mon Jul 18 2005 Christopher Aillon <caillon@xxxxxxxxxx> 0:1.0.6-0.1.fc4
- - 1.0.6 Release Candidate


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

ff916b514b9af918d03c5c3fc84b7d27  SRPMS/firefox-1.0.6-1.1.fc4.src.rpm
9facc82245e82e7eb55ed5efb9928bfd  ppc/firefox-1.0.6-1.1.fc4.ppc.rpm
2ec89c34a5f8f407039d6062a55c5aa7  ppc/debug/firefox-debuginfo-1.0.6-1.1.fc4.ppc.rpm
6ddc89c3fba24903f5304bc08e8a3163  x86_64/firefox-1.0.6-1.1.fc4.x86_64.rpm
d2f45bece85710236ed59f25b68f3a56  x86_64/debug/firefox-debuginfo-1.0.6-1.1.fc4.x86_64.rpm
5e71924a825cdcf578af4362c431adbf  i386/firefox-1.0.6-1.1.fc4.i386.rpm
23816e60313ff356c93b52045ab12ecb  i386/debug/firefox-debuginfo-1.0.6-1.1.fc4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




3.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-606
2005-07-20
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : thunderbird
Version     : 1.0.6                      
Release     : 1.1.fc4                  
Summary     : Mozilla Thunderbird mail/newsgroup client
Description :
Mozilla Thunderbird is a standalone mail and newsgroup client.

- ---------------------------------------------------------------------
Update Information:

Mozilla Thunderbird is a standalone mail and newsgroup client.

A bug was found in the way Thunderbird handled anonymous functions during
regular expression string replacement. It is possible for a malicious HTML
mail to capture a random block of client memory. The Common
Vulnerabilities and Exposures project has assigned this bug the name
CAN-2005-0989.

A bug was found in the way Thunderbird validated several XPInstall related
JavaScript objects. A malicious HTML mail could pass other objects to the
XPInstall objects, resulting in the JavaScript interpreter jumping to
arbitrary locations in memory. (CAN-2005-1159)

A bug was found in the way the Thunderbird privileged UI code handled DOM
nodes from the content window. An HTML message could install malicious
JavaScript code or steal data when a user performs commonplace actions such
as clicking a link or opening the context menu. (CAN-2005-1160)

A bug was found in the way Thunderbird executed JavaScript code. JavaScript
executed from HTML mail should run with a restricted access level,
preventing dangerous actions. It is possible that a malicious HTML mail
could execute JavaScript code with elevated privileges, allowing access to
protected data and functions. (CAN-2005-1532)

A bug was found in the way Thunderbird executed Javascript in XBL controls.
It is possible for a malicious HTML mail to leverage this vulnerability to
execute other JavaScript based attacks even when JavaScript is disabled.
(CAN-2005-2261)

A bug was found in the way Thunderbird handled certain Javascript
functions. It is possible for a malicious HTML mail to crash the client by
executing malformed Javascript code. (CAN-2005-2265)

A bug was found in the way Thunderbird handled child frames. It is possible
for a malicious framed HTML mail to steal sensitive information from its
parent frame. (CAN-2005-2266)

A bug was found in the way Thunderbird handled DOM node names. It is
possible for a malicious HTML mail to overwrite a DOM node name, allowing
certain privileged chrome actions to execute the malicious JavaScript.
(CAN-2005-2269)

A bug was found in the way Thunderbird cloned base objects. It is possible
for HTML content to navigate up the prototype chain to gain access to
privileged chrome objects. (CAN-2005-2270)

Users of Thunderbird are advised to upgrade to this updated package that
contains Thunderbird version 1.0.6 and is not vulnerable to these issues. 
- ---------------------------------------------------------------------
* Wed Jul 20 2005 Christopher Aillon <caillon@xxxxxxxxxx> 1.0.6-1.1.fc4
- - Update to 1.0.6

* Mon Jul 18 2005 Christopher Aillon <caillon@xxxxxxxxxx> 1.0.6-0.1.fc4
- - 1.0.6 Release Candidate


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

51f614a0a887ffb58ce6bbf4f4eb7431  SRPMS/thunderbird-1.0.6-1.1.fc4.src.rpm
fc206b1fd0dccb15da66b2fe3b272175  ppc/thunderbird-1.0.6-1.1.fc4.ppc.rpm
0b94083b2f2415f84069e30c20742ec1  ppc/debug/thunderbird-debuginfo-1.0.6-1.1.fc4.ppc.rpm
38da7902f6e1bcfc45ef688e04a770e8  x86_64/thunderbird-1.0.6-1.1.fc4.x86_64.rpm
1a6bbee24e0559176e19ba1218d91e02  x86_64/debug/thunderbird-debuginfo-1.0.6-1.1.fc4.x86_64.rpm
f858562b2d77180acb6d40022fe1c3cd  i386/thunderbird-1.0.6-1.1.fc4.i386.rpm
90cba454ded9c8d4e049262abdea64d2  i386/debug/thunderbird-debuginfo-1.0.6-1.1.fc4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




4.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-603
2005-07-20
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : firefox
Version     : 1.0.6                      
Release     : 1.1.fc3                  
Summary     : Mozilla Firefox Web browser.
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

- ---------------------------------------------------------------------
Update Information:

Mozilla Firefox is an open source Web browser.

A bug was found in the way Firefox handled synthetic events. It is possible
that Web content could generate events such as keystrokes or mouse clicks
that could be used to steal data or execute malicious JavaScript code. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-2260 to this issue.


A bug was found in the way Firefox executed Javascript in XBL controls. It
is possible for a malicious webpage to leverage this vulnerability to
execute other JavaScript based attacks even when JavaScript is disabled.
(CAN-2005-2261)

A bug was found in the way Firefox set an image as the desktop wallpaper.
If a user chooses the "Set As Wallpaper..." context menu item on a
specially crafted image, it is possible for an attacker to execute
arbitrary code on a victim's machine. (CAN-2005-2262)

A bug was found in the way Firefox installed its extensions. If a user can
be tricked into visiting a malicious webpage, it may be possible to obtain
sensitive information such as cookies or passwords. (CAN-2005-2263)

A bug was found in the way Firefox handled the _search target. It is
possible for a malicious website to inject JavaScript into an already open
webpage. (CAN-2005-2264)

A bug was found in the way Firefox handled certain Javascript functions. It
is possible for a malicious web page to crash the browser by executing
malformed Javascript code. (CAN-2005-2265)

A bug was found in the way Firefox handled multiple frame domains. It is
possible for a frame as part of a malicious web site to inject content into
a frame that belongs to another domain. This issue was previously fixed as
CAN-2004-0718 but was accidentally disabled. (CAN-2005-1937)

A bug was found in the way Firefox handled child frames. It is possible for
a malicious framed page to steal sensitive information from its parent
page. (CAN-2005-2266)

A bug was found in the way Firefox opened URLs from media players. If a
media player opens a URL that is JavaScript, JavaScript is executed
with access to the currently open webpage. (CAN-2005-2267)

A design flaw was found in the way Firefox displayed alerts and prompts.
Alerts and prompts were given the generic title [JavaScript Application]
which prevented a user from knowing which site created them. (CAN-2005-2268)

A bug was found in the way Firefox handled DOM node names. It is possible
for a malicious site to overwrite a DOM node name, allowing certain
privileged chrome actions to execute the malicious JavaScript. (CAN-2005-2269)

A bug was found in the way Firefox cloned base objects. It is possible for
Web content to navigate up the prototype chain to gain access to privileged
chrome objects. (CAN-2005-2270)

Users of Firefox are advised to upgrade to this updated package that
contains Firefox version 1.0.6 and is not vulnerable to these issues. 

- ---------------------------------------------------------------------
* Wed Jul 20 2005 Christopher Aillon <caillon@xxxxxxxxxx> 0:1.0.6-1.1.fc3
- - Update to 1.0.6

* Mon Jul 18 2005 Christopher Aillon <caillon@xxxxxxxxxx> 0:1.0.6-0.1.fc3
- - 1.0.6 Candidate Release

* Sun May 15 2005 Christopher Aillon <caillon@xxxxxxxxxx>
- - Re-enable jsd now that there are venkman versions that work with Firefox


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

af02171d12225714c15c60f04c20e2f9  SRPMS/firefox-1.0.6-1.1.fc3.src.rpm
ef8cb22e843e9c462b070913124eb55d  x86_64/firefox-1.0.6-1.1.fc3.x86_64.rpm
54fbfd492a9d044b64166a226cef75ca  x86_64/debug/firefox-debuginfo-1.0.6-1.1.fc3.x86_64.rpm
0b8019d7294f3be8d1647cf7d571ae14  i386/firefox-1.0.6-1.1.fc3.i386.rpm
8f0c85f49676902e4f0be8f90aa52712  i386/debug/firefox-debuginfo-1.0.6-1.1.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




5.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-604
2005-07-20
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : thunderbird
Version     : 1.0.6                      
Release     : 1.1.fc3                  
Summary     : Mozilla Thunderbird mail/newsgroup client
Description :
Mozilla Thunderbird is a standalone mail and newsgroup client.

- ---------------------------------------------------------------------
Update Information:

Mozilla Thunderbird is a standalone mail and newsgroup client.

A bug was found in the way Thunderbird handled anonymous functions during
regular expression string replacement. It is possible for a malicious HTML
mail to capture a random block of client memory. The Common
Vulnerabilities and Exposures project has assigned this bug the name
CAN-2005-0989.

A bug was found in the way Thunderbird validated several XPInstall related
JavaScript objects. A malicious HTML mail could pass other objects to the
XPInstall objects, resulting in the JavaScript interpreter jumping to
arbitrary locations in memory. (CAN-2005-1159)

A bug was found in the way the Thunderbird privileged UI code handled DOM
nodes from the content window. An HTML message could install malicious
JavaScript code or steal data when a user performs commonplace actions such
as clicking a link or opening the context menu. (CAN-2005-1160)

A bug was found in the way Thunderbird executed JavaScript code. JavaScript
executed from HTML mail should run with a restricted access level,
preventing dangerous actions. It is possible that a malicious HTML mail
could execute JavaScript code with elevated privileges, allowing access to
protected data and functions. (CAN-2005-1532)

A bug was found in the way Thunderbird executed Javascript in XBL controls.
It is possible for a malicious HTML mail to leverage this vulnerability to
execute other JavaScript based attacks even when JavaScript is disabled.
(CAN-2005-2261)

A bug was found in the way Thunderbird handled certain Javascript
functions. It is possible for a malicious HTML mail to crash the client by
executing malformed Javascript code. (CAN-2005-2265)

A bug was found in the way Thunderbird handled child frames. It is possible
for a malicious framed HTML mail to steal sensitive information from its
parent frame. (CAN-2005-2266)

A bug was found in the way Thunderbird handled DOM node names. It is
possible for a malicious HTML mail to overwrite a DOM node name, allowing
certain privileged chrome actions to execute the malicious JavaScript.
(CAN-2005-2269)

A bug was found in the way Thunderbird cloned base objects. It is possible
for HTML content to navigate up the prototype chain to gain access to
privileged chrome objects. (CAN-2005-2270)

Users of Thunderbird are advised to upgrade to this updated package that
contains Thunderbird version 1.0.6 and is not vulnerable to these issues. 
- ---------------------------------------------------------------------
* Wed Jul 20 2005 Christopher Aillon <caillon@xxxxxxxxxx> 1.0.6-1.1.fc3
- - Update to 1.0.6

* Mon Jul 18 2005 Christopher Aillon <caillon@xxxxxxxxxx> 1.0.6-0.1.fc3
- - 1.0.6 Release Candidate


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

e060dd6ce427541531cc40c28a678643  SRPMS/thunderbird-1.0.6-1.1.fc3.src.rpm
617b9df6931ff067e896d29399849df0  x86_64/thunderbird-1.0.6-1.1.fc3.x86_64.rpm
8bcb33b02ad164e499e4109dc6909caa  x86_64/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.x86_64.rpm
2781375f4ff5c6280692d573787f5064  i386/thunderbird-1.0.6-1.1.fc3.i386.rpm
774d64ba857b9c430c3ae87471bc68f6  i386/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------



- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Fedora for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQt9u8opao72zK539AQHlugP/TOWsr9oDsge+ReWQ/TpyufavI3zXJU8G
kf1RrhpgdFOTF1Gc33Q9tL+2QfVawnYSj7pJM6MCNvAgp9o9hDkV4HI8OO5iGGkq
zL7b1dtQrZlruM2vVbZk214rFIx8pUWXz9STWp6dGHBNF1TiwIxrnMA+f/Wpt3CM
EuBZL0f18jM=
=PCc/
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________