[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 651/05 - Fedora - Eight Update Notifications



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 651/05 dated 19.08.05  Time: 15:58
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Fedora - Eight Update Notifications:
     1.  Fedora Core 4 Update: netpbm-10.28-1.FC4.2    [FEDORA-2005-728]
     2.  Fedora Core 4 Update: cups-1.1.23-15.1        [FEDORA-2005-732]
     3.  Fedora Core 4 Update: kdeedu-3.4.2-0.fc4.2    [FEDORA-2005-744]
     4.  Fedora Core 4 Update: gaim-1.5.0-1.fc4        [FEDORA-2005-751]
     5.  Fedora Core 4 Update: epiphany-1.6.5-1        [FEDORA-2005-768]
     6.  Fedora Core 3 Update: ncpfs-2.2.4-4.FC3.1     [FEDORA-2005-435]
     7.  Fedora Core 3 Update: cups-1.1.22-0.rc1.8.6   [FEDORA-2005-733]
     8.  Fedora Core 3 Update: gaim-1.5.0-1.fc3        [FEDORA-2005-750]


Detail
====== 

Update notification summaries:

     1.  pstopnm in netpbm does not properly use the "-dSAFER" option
         when calling Ghostscript to convert a PostScript file into a
         (1) PBM, (2) PGM, or (3) PNM file, which allows external
         user-complicit attackers to execute arbitrary commands. 

     2.  These updated packages fix a problem handling PDF files that
         could have security implications (CAN-2005-2097).

     3.  Ben Burton notified the KDE security team about several
         tempfile handling related vulnerabilities in langen2kvtml,
         a conversion script for kvoctrain. The script must be
         manually invoked.

     4.  Please see the Changelog details and security information at
         the upstream Gaim Project site.

     5.  Update to 1.6.5 and remove patch integrated upstream

     6.  Fixed getuid security bug CAN-2005-0014, security bug CAN-2004-1079,
         and getuid security bug CAN-2005-0013.

     7.  These updated packages fix a problem handling PDF files that
         could have security implications (CAN-2005-2097).

     8.  Please see the Changelog details and security information at
         the upstream Gaim Project site.


Update notification content follows:


1.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-728
2005-08-17
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : netpbm
Version     : 10.28                      
Release     : 1.FC4.2                  
Summary     : A library for handling different graphics file formats.
Description :
The netpbm package contains a library of functions that support
programs for handling various graphics file formats, including .pbm
(portable bitmaps), .pgm (portable graymaps), .pnm (portable anymaps),
.ppm (portable pixmaps), and others.

- ---------------------------------------------------------------------
Update Information:

pstopnm in netpbm does not properly use the "-dSAFER" option
when calling Ghostscript to convert a PostScript file into a
(1) PBM, (2) PGM, or (3) PNM file, which allows external
user-complicit attackers to execute arbitrary commands. 
- ---------------------------------------------------------------------
* Tue Aug  9 2005 Jindrich Novy <jnovy@xxxxxxxxxx> 10.28-1.FC4.2
- - fix CAN-2005-2471, unsafe gs calls from pstopnm (#165355)


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

c75f2c0006ab6426c1bac141ed356a48  SRPMS/netpbm-10.28-1.FC4.2.src.rpm
ca0c2e549644066eb9c7c138516835b0  ppc/netpbm-10.28-1.FC4.2.ppc.rpm
1bd1efa2ae963b6b334c872af0fd6d69  ppc/netpbm-devel-10.28-1.FC4.2.ppc.rpm
ee199a8a3564ca536fc3a913b2616b4d  ppc/netpbm-progs-10.28-1.FC4.2.ppc.rpm
ea3cc0fcb9da447b0d9afa3444046578  ppc/debug/netpbm-debuginfo-10.28-1.FC4.2.ppc.rpm
cb51d09e97c1bc99a07c1fbc71c47dbb  ppc/netpbm-10.28-1.FC4.2.ppc64.rpm
d0cd8297ab8834026f6869775d5da348  x86_64/netpbm-10.28-1.FC4.2.x86_64.rpm
d4693dec7263b06ed6f83fe6bc193910  x86_64/netpbm-devel-10.28-1.FC4.2.x86_64.rpm
4edf64b8929c8e9bb6519ea595bae6ec  x86_64/netpbm-progs-10.28-1.FC4.2.x86_64.rpm
0b8e26bbcf2026cc9e39e553550827fc 
x86_64/debug/netpbm-debuginfo-10.28-1.FC4.2.x86_64.rpm
7dfa20764e441856e3bd693649a6fd45  x86_64/netpbm-10.28-1.FC4.2.i386.rpm
7dfa20764e441856e3bd693649a6fd45  i386/netpbm-10.28-1.FC4.2.i386.rpm
21207195f92b79d9fa489b18d0d76041  i386/netpbm-devel-10.28-1.FC4.2.i386.rpm
d5be30f7bb4099ba335f77efa70448b3  i386/netpbm-progs-10.28-1.FC4.2.i386.rpm
2487ef9bc6fcd162587a3f128a2556b8  i386/debug/netpbm-debuginfo-10.28-1.FC4.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




2.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-732
2005-08-17
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : cups
Version     : 1.1.23                      
Release     : 15.1                  
Summary     : Common Unix Printing System
Description :
The Common UNIX Printing System provides a portable printing layer for
UNIX(R) operating systems. It has been developed by Easy Software Products
to promote a standard printing solution for all UNIX vendors and users.
CUPS provides the System V and Berkeley command-line interfaces.

- ---------------------------------------------------------------------
Update Information:

These updated packages fix a problem handling PDF files that
could have security implications (CAN-2005-2097).
- ---------------------------------------------------------------------
* Tue Aug  2 2005 Tim Waugh <twaugh@xxxxxxxxxx> 1:1.1.23-15.1
- - Fixed CAN-2005-2097 (bug #164510).


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

ec7213464be03340c8e8f5e74d111b9e  SRPMS/cups-1.1.23-15.1.src.rpm
4f113fa7a2359346410ab3f86a85ce87  ppc/cups-1.1.23-15.1.ppc.rpm
001e8b6650127f374b7c8ac7a3f68b01  ppc/cups-devel-1.1.23-15.1.ppc.rpm
564fbe2280f8d31723a9a4efa1a00196  ppc/cups-libs-1.1.23-15.1.ppc.rpm
ea25b000fe123c49b34d94c9dda0d121  ppc/cups-lpd-1.1.23-15.1.ppc.rpm
2b097f818d14b71d7d394dbdb3a37858  ppc/debug/cups-debuginfo-1.1.23-15.1.ppc.rpm
3617cf623462710551c2ea9b2741fff2  ppc/cups-libs-1.1.23-15.1.ppc64.rpm
53124446c30fa4a7255dd8ba456a1e0a  x86_64/cups-1.1.23-15.1.x86_64.rpm
3c93dc767a62034d8e59c4cf1eb9be1e  x86_64/cups-devel-1.1.23-15.1.x86_64.rpm
eb08fea2de8232a7a03cc5cc8e4b81dc  x86_64/cups-libs-1.1.23-15.1.x86_64.rpm
b814109933061794da85dbb68939dedc  x86_64/cups-lpd-1.1.23-15.1.x86_64.rpm
b90daf36edbcb76d5492d40c8090b2e5  x86_64/debug/cups-debuginfo-1.1.23-15.1.x86_64.rpm
3821fe25e6a9289cb5a88d6ec4cc1ea0  x86_64/cups-libs-1.1.23-15.1.i386.rpm
334d07b5e5a32d606f6099d9f439c40d  i386/cups-1.1.23-15.1.i386.rpm
456a782ec62919d7d347bfe0f460b42a  i386/cups-devel-1.1.23-15.1.i386.rpm
3821fe25e6a9289cb5a88d6ec4cc1ea0  i386/cups-libs-1.1.23-15.1.i386.rpm
413d14f76f66fd82fa027c85f68a172d  i386/cups-lpd-1.1.23-15.1.i386.rpm
7d9601b97899c208eeba811180d48e70  i386/debug/cups-debuginfo-1.1.23-15.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




3.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-744
2005-08-16
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : kdeedu
Version     : 3.4.2                      
Release     : 0.fc4.2                  
Summary     : Educational/Edutainment applications for KDE
Description :
Educational/Edutainment applications for KDE

- ---------------------------------------------------------------------
Update Information:

Ben Burton notified the KDE security team about several
tempfile handling related vulnerabilities in langen2kvtml,
a conversion script for kvoctrain. The script must be
manually invoked.

The script uses known filenames in /tmp which allow an local 
attacker to overwrite files writeable by the user invoking the 
conversion script.

This update fixes these vulnerabilities.
- ---------------------------------------------------------------------
* Tue Aug  9 2005 Than Ngo <than@xxxxxxxxxx> 3.4.2-0.fc4.2
- - apply patch to fix tempfile vulnerability, CAN-2005-2101, #165606


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

c67158d3b335fbc4a8f2ea525c3b72b7  SRPMS/kdeedu-3.4.2-0.fc4.2.src.rpm
bd7bb376d62d379191c13e41ddacc71c  ppc/kdeedu-3.4.2-0.fc4.2.ppc.rpm
0078da1ed86fb27e7cafdf7266aaf531  ppc/kdeedu-devel-3.4.2-0.fc4.2.ppc.rpm
2413132c98bd9056d83d3a36599a7a7c  ppc/debug/kdeedu-debuginfo-3.4.2-0.fc4.2.ppc.rpm
ad81b18583d1c1ae12b7bb80e5f9a231  x86_64/kdeedu-3.4.2-0.fc4.2.x86_64.rpm
dc9701f17f39a2b2e7557445cb643a0c  x86_64/kdeedu-devel-3.4.2-0.fc4.2.x86_64.rpm
3fdfc3ac1f9b274aa23105f668669928  x86_64/debug/kdeedu-debuginfo-3.4.2-0.fc4.2.x86_64.rpm
2dec5389a9e086cfe32bea50dfc0020f  i386/kdeedu-3.4.2-0.fc4.2.i386.rpm
3fb79b0ca43b4f83b535ded7c8d6bcdb  i386/kdeedu-devel-3.4.2-0.fc4.2.i386.rpm
7ac009558c5f813312dd95b9e9ef03b1  i386/debug/kdeedu-debuginfo-3.4.2-0.fc4.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




4.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-751
2005-08-17
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : gaim
Version     : 1.5.0                      
Release     : 1.fc4                  
Summary     : A GTK+ clone of the AOL Instant Messenger client.
Description :
Gaim is a clone of America Online's Instant Messenger client. It
features nearly all of the functionality of the official AIM client
while also being smaller, faster, and commercial-free.

- ---------------------------------------------------------------------
Update Information:

http://gaim.sourceforge.net/
Please see the Changelog details and security information at
the upstream Gaim Project site.
- ---------------------------------------------------------------------
* Thu Aug 11 2005 Warren Togami <wtogami@xxxxxxxxxx> - 1:1.5.0-1
- - 1.5.0 security and bug fixes
  CAN-2005-2370 Gadu-Gadu memory alignment bug
  CAN-2005-2102 AIM/ICQ non-UTF-8 Filename Crash
  CAN-2005-2103 AIM/ICQ away message buffer overflow

* Tue Aug  9 2005 Jeremy Katz <katzj@xxxxxxxxxx> - 1:1.4.0-7
- - rebuild for new evolution-data-server

* Mon Aug  1 2005 Warren Togami <wtogami@xxxxxxxxxx> 1:1.4.0-6
- - FC5+ bash regex replace for -fstack-protector-all (mharris)

* Sun Jul 31 2005 Warren Togami <wtogami@xxxxxxxxxx> 1:1.4.0-5
- - FC5+ automatic -fstack-protector-all switch
- - 150: MSN buddy names with space disconnect and profile corruption
       (supercedes patch 149)
- - 151: Gadu Gadu memory alignment crash
- - 152: Rename Group Merge crash
- - 153: mailto: parse crash (util.c)
- - 154: mailto: parse crash (MSN)
- - 155: mailto: parse crash (Zephyr)


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

7c9ae8871169b9b52a165be73b886536  SRPMS/gaim-1.5.0-1.fc4.src.rpm
4903d7d71010d3f3e6ef83a42a9e8fdd  ppc/gaim-1.5.0-1.fc4.ppc.rpm
e47699be139e84eb7c02758b3ce8f2e9  ppc/debug/gaim-debuginfo-1.5.0-1.fc4.ppc.rpm
c175e173ace9cb5cfdae196938c1a0f6  x86_64/gaim-1.5.0-1.fc4.x86_64.rpm
03e36cdf98f41d96d95c4aa7284b101c  x86_64/debug/gaim-debuginfo-1.5.0-1.fc4.x86_64.rpm
939242b073bc6a64eeefe2d1ccfa4484  i386/gaim-1.5.0-1.fc4.i386.rpm
ea6e8adf567e8288ead13b9044989494  i386/debug/gaim-debuginfo-1.5.0-1.fc4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




5.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-768
2005-08-17
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : epiphany
Version     : 1.6.5                      
Release     : 1                  
Summary     : GNOME web browser based on the Mozilla rendering engine
Description :
epiphany is a simple GNOME web browser based on the Mozilla rendering
engine

- ---------------------------------------------------------------------

* Wed Aug 17 2005 Marco Pesenti Gritti <mpg@xxxxxxxxxx> -  1.6.5-1
- - Update to 1.6.5
- - Remove patch integrated upstream


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

99fec86f8515989856285e83a549284c  SRPMS/epiphany-1.6.5-1.src.rpm
f06f4e3da318e50516a10cb6d3956373  ppc/epiphany-1.6.5-1.ppc.rpm
e1692fdd30b1a882e5fcaddcc64ed923  ppc/epiphany-devel-1.6.5-1.ppc.rpm
da3dc22b947c8e222443ce94b5db3e8a  ppc/debug/epiphany-debuginfo-1.6.5-1.ppc.rpm
2b059d8b0e564fc1d984d1f4e0f489f7  x86_64/epiphany-1.6.5-1.x86_64.rpm
effb4eb02562be004685a2b685f8f051  x86_64/epiphany-devel-1.6.5-1.x86_64.rpm
16b229aaecd73ad69589aaf5d41404c7  x86_64/debug/epiphany-debuginfo-1.6.5-1.x86_64.rpm
cc2e9466c0570142b1f4a29d6f432889  i386/epiphany-1.6.5-1.i386.rpm
6872a06d2cea3cfc83f29581308e925b  i386/epiphany-devel-1.6.5-1.i386.rpm
43dc35463f64e1a696c034349c09b498  i386/debug/epiphany-debuginfo-1.6.5-1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------





6.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-435
2005-08-16
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : ncpfs
Version     : 2.2.4
Release     : 4.FC3.1
Summary     : Utilities for the ncpfs filesystem, a NetWare client for 
Linux.
Description :
Ncpfs is a filesystem which understands the Novell NetWare(TM) NCP
protocol.  Functionally, NCP is used for NetWare the way NFS is used
in the TCP/IP world.  For a Linux system to mount a NetWare
filesystem, it needs a special mount program.  The ncpfs package
contains such a mount program plus other tools for configuring and
using the ncpfs filesystem.

Install the ncpfs package if you need to use the ncpfs filesystem
to use Novell NetWare files or services.

- ---------------------------------------------------------------------

* Fri Jun 17 2005 Jiri Ryska <jryska@xxxxxxxxxx> 2.2.4-4.FC3.1

- - fixed getuid security bug CAN-2005-0014
- - fixed security bug CAN-2004-1079

* Mon Apr 11 2005 Jiri Ryska <jryska@xxxxxxxxxx> 2.2.4-4.FC3

- - fixed getuid security bug CAN-2005-0013


- ---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

6af0d3c19911051510d951cefd6666ed  SRPMS/ncpfs-2.2.4-4.FC3.1.src.rpm
fdc4956a24599f539dc8c70e5060631b  x86_64/ncpfs-2.2.4-4.FC3.1.x86_64.rpm
61bbe162ded6e049d87bf08375d7c43d  x86_64/ipxutils-2.2.4-4.FC3.1.x86_64.rpm
760a4728c89cbbd94aeb355d74292157 
x86_64/debug/ncpfs-debuginfo-2.2.4-4.FC3.1.x86_64.rpm
09dc713963e1af3e68756237fc7fc621  i386/ncpfs-2.2.4-4.FC3.1.i386.rpm
439ec771747839c02362a2c198072d04  i386/ipxutils-2.2.4-4.FC3.1.i386.rpm
20cda6efc8a8b970fdce80140d245a5f 
i386/debug/ncpfs-debuginfo-2.2.4-4.FC3.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
- ---------------------------------------------------------------------





7.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-733
2005-08-17
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : cups
Version     : 1.1.22                      
Release     : 0.rc1.8.6                  
Summary     : Common Unix Printing System
Description :
The Common UNIX Printing System provides a portable printing layer for
UNIX(R) operating systems. It has been developed by Easy Software Products
to promote a standard printing solution for all UNIX vendors and users.
CUPS provides the System V and Berkeley command-line interfaces.

- ---------------------------------------------------------------------
Update Information:

These updated packages fix a problem handling PDF files that
could have security implications (CAN-2005-2097).
- ---------------------------------------------------------------------
* Tue Aug  2 2005 Tim Waugh <twaugh@xxxxxxxxxx> 1:1.1.22-0.rc1.8.6
- - Fixed CAN-2005-2097 (bug #164510).


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

cc2152a66d09b14017cb2eff6f567ec7  SRPMS/cups-1.1.22-0.rc1.8.6.src.rpm
76925859e833ac42461c73f8e3407fdc  x86_64/cups-1.1.22-0.rc1.8.6.x86_64.rpm
7e53871212aad9471cd40cf7c591415f  x86_64/cups-devel-1.1.22-0.rc1.8.6.x86_64.rpm
2bc60d667f3b8add3773688d4a6e1882  x86_64/cups-libs-1.1.22-0.rc1.8.6.x86_64.rpm
1cace506d0bf9ef2814654017055de0e 
x86_64/debug/cups-debuginfo-1.1.22-0.rc1.8.6.x86_64.rpm
d1c8ce98760c2db7f8fc6eb00f16b505  x86_64/cups-libs-1.1.22-0.rc1.8.6.i386.rpm
6442cc21a8fb77d50e6a7f8b990add6c  i386/cups-1.1.22-0.rc1.8.6.i386.rpm
ffa62eaadd5a8f293964657964d1226a  i386/cups-devel-1.1.22-0.rc1.8.6.i386.rpm
d1c8ce98760c2db7f8fc6eb00f16b505  i386/cups-libs-1.1.22-0.rc1.8.6.i386.rpm
0e89863db13c2a9d0e2c9eae00b4bf51 
i386/debug/cups-debuginfo-1.1.22-0.rc1.8.6.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------
 
 
 
 
 
8.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-750
2005-08-17
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : gaim
Version     : 1.5.0                      
Release     : 1.fc3                  
Summary     : A GTK+ clone of the AOL Instant Messenger client.
Description :
Gaim is a clone of America Online's Instant Messenger client. It
features nearly all of the functionality of the official AIM client
while also being smaller, faster, and commercial-free.

- ---------------------------------------------------------------------
Update Information:

http://gaim.sourceforge.net/
Please see the Changelog details and security information at
the upstream Gaim Project site.
- ---------------------------------------------------------------------
* Thu Aug 11 2005 Warren Togami <wtogami@xxxxxxxxxx> - 1:1.5.0-1
- - 1.5.0 security and bug fixes
  CAN-2005-2370 Gadu-Gadu memory alignment bug
  CAN-2005-2102 AIM/ICQ non-UTF-8 Filename Crash
  CAN-2005-2103 AIM/ICQ away message buffer overflow

* Tue Aug  9 2005 Jeremy Katz <katzj@xxxxxxxxxx> - 1:1.4.0-7
- - rebuild for new evolution-data-server

* Mon Aug  1 2005 Warren Togami <wtogami@xxxxxxxxxx> 1:1.4.0-6
- - FC5+ bash regex replace for -fstack-protector-all (mharris)

* Sun Jul 31 2005 Warren Togami <wtogami@xxxxxxxxxx> 1:1.4.0-5
- - FC5+ automatic -fstack-protector-all switch
- - 150: MSN buddy names with space disconnect and profile corruption
       (supercedes patch 149)
- - 151: Gadu Gadu memory alignment crash
- - 152: Rename Group Merge crash
- - 153: mailto: parse crash (util.c)
- - 154: mailto: parse crash (MSN)
- - 155: mailto: parse crash (Zephyr)


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

709dfeddc2b8ae02448478518ad6579c  SRPMS/gaim-1.5.0-1.fc3.src.rpm
788f4fe7561131aaf406c8bb7a473e50  x86_64/gaim-1.5.0-1.fc3.x86_64.rpm
17ac20c2e95577cbe268bff717d08bcc  x86_64/debug/gaim-debuginfo-1.5.0-1.fc3.x86_64.rpm
d22007b8bf36278a4511ccb164f91de1  i386/gaim-1.5.0-1.fc3.i386.rpm
7ae413d0f5b18409f64f63887574f748  i386/debug/gaim-debuginfo-1.5.0-1.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------



- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Fedora for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQwXzn4pao72zK539AQGVoQP/ace7H2D9qZpdbYuETngxE2B+9/t9iuu6
PM70BQbYS7Auw4W6g1nLFc6wriFb+gcIaaYg3OhsHJJ7bt0L9YRxHYT4lKOhf7dM
fZd8vt9oSCQ7bPjMR/YqtgesL8qDYvgcf+KbD0kEBGc0wpyjD9dAcTfGe3QhchYF
I030qt83r5M=
=6nM+
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________