[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 683/05 - Fedora - Eleven Update Notifications



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 683/05 dated 30.08.05  Time: 13:40 
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Fedora - Eleven Update Notifications:
     1.  Fedora Core 3 Update: pcre-4.5-3.1.1.fc3          [FEDORA-2005-802]
     2.  Fedora Core 4 Update: pcre-5.0-4.1.fc4            [FEDORA-2005-803]
     3.  Fedora Core 3 Update: epiphany-1.4.9-0            [FEDORA-2005-804]
     4.  Fedora Core 3 Update: openmotif-2.2.3-9.FC3.1     [FEDORA-2005-808]
     5.  Fedora Core 3 Update: php-4.3.11-2.7              [FEDORA-2005-809]
     6.  Fedora Core 4 Update: php-5.0.4-10.4              [FEDORA-2005-810]
     7.  Fedora Core 3 Update: ntp-4.2.0.a.20040617-5.FC3  [FEDORA-2005-812]
     8.  Fedora Core 3 Update: lesstif-0.93.36-6.FC3.2     [FEDORA-2005-815]
     9.  Fedora Core 4 Update: kernel-2.6.12-1.1447_FC4    [FEDORA-2005-820]
    10.  Fedora Core 3 Update: kernel-2.6.12-1.1376_FC3    [FEDORA-2005-821]
    11.  Fedora Core 4 Update: dbus-0.33-3.fc4.1           [FEDORA-2005-822]


Detail
====== 

Update notification summaries:

     1.  backport patch to fix heap overflow, CAN-2005-2491, #166330.  

     2.  backport patch to fix heap overflow, CAN-2005-2491, #166330.

     3.  Remove download patch (integrated upstream).

     4.  Various issues addressed.

     5.  This update includes the latest upstream version of the PEAR
         XML_RPC package, which fixes a security issue in request
         parsing in the XML_RPC Server code.

     6.  This update includes the latest upstream version of the PEAR
         XML_RPC package, which fixes a security issue in request
         parsing in the XML_RPC Server code.

     7.  When starting xntpd with the -u option and specifying the
         group by using a string not a numeric gid the daemon uses
         the gid of the user not the group. This problem is now fixed
         by this update.

     8.  Fixed possible libXpm overflows (#151640), fixed CAN-2004-0687 
         (integer overflows) and CAN-2004-0688 (stack overflows) in embedded 
         Xpm library (#135080), and added latest Xpm patches: CAN-2004-0914 
         (#135081)

     9.  Multiple issues addressed.

    10.  Multiple issues addressed.

    11.  Add patch from 0.2x series that fixes an exploit where
         users can attach to another user's session bus (CAN-2005-0201)


Update notification content follows:


1.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-802
2005-08-24
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : pcre
Version     : 4.5                      
Release     : 3.1.1.fc3                  
Summary     : Perl-compatible regular expression library.
Description :
Perl-compatible regular expression library. PCRE has its own native
API, but a set of "wrapper" functions that are based on the POSIX API
are also supplied in the library libpcreposix. Note that this just
provides a POSIX calling interface to PCRE; the regular expressions
themselves still follow Perl syntax and semantics. The header file for
the POSIX-style functions is called pcreposix.h.

- ---------------------------------------------------------------------
Update Information:

the new package includes a fix for a heap buffer overflow.
- ---------------------------------------------------------------------
* Fri Aug 19 2005 Than Ngo <than@xxxxxxxxxx> 4.5-3.1.1.fc3
- - backport patch to fix heap overflow, CAN-2005-2491, #166330


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

cfca595b559afe8d33cbc39ab744d6db  SRPMS/pcre-4.5-3.1.1.fc3.src.rpm
9f498d84c73b744cd03b2b93aca582c6  x86_64/pcre-4.5-3.1.1.fc3.x86_64.rpm
344d94e5b5b64c6422c71fec331dd94c  x86_64/pcre-devel-4.5-3.1.1.fc3.x86_64.rpm
08efe09b0a59fcff8df2b42a1b64309a  x86_64/debug/pcre-debuginfo-4.5-3.1.1.fc3.x86_64.rpm
81729fbca4064dd687bab07ae6cf9fd1  x86_64/pcre-4.5-3.1.1.fc3.i386.rpm
81729fbca4064dd687bab07ae6cf9fd1  i386/pcre-4.5-3.1.1.fc3.i386.rpm
35b406ce33a16b67b73a600ab5cb5b3e  i386/pcre-devel-4.5-3.1.1.fc3.i386.rpm
14c8d8b5d8dec038bd54f9e16668d5da  i386/debug/pcre-debuginfo-4.5-3.1.1.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




2.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-803
2005-08-24
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : pcre
Version     : 5.0                      
Release     : 4.1.fc4                  
Summary     : Perl-compatible regular expression library.
Description :
Perl-compatible regular expression library. PCRE has its own native
API, but a set of "wrapper" functions that are based on the POSIX API
are also supplied in the library libpcreposix. Note that this just
provides a POSIX calling interface to PCRE; the regular expressions
themselves still follow Perl syntax and semantics. The header file for
the POSIX-style functions is called pcreposix.h.

- ---------------------------------------------------------------------
Update Information:

the new package includes a fix for a heap buffer overflow.
- ---------------------------------------------------------------------
* Fri Aug 19 2005 Than Ngo <than@xxxxxxxxxx> 5.0-4.1.fc4
- - backport patch to fix heap overflow, CAN-2005-2491, #166330


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

ec1decec12e651d1d5bec690e3627a7d  SRPMS/pcre-5.0-4.1.fc4.src.rpm
1b891f92b05f283dfdb34b741d80cc56  ppc/pcre-5.0-4.1.fc4.ppc.rpm
6eaa9ffa13d1c54c2a77f3e38c09b243  ppc/pcre-devel-5.0-4.1.fc4.ppc.rpm
6cbe01b454cf34947086ac285f1b2434  ppc/debug/pcre-debuginfo-5.0-4.1.fc4.ppc.rpm
6f850622f337cc426174855d078080cf  ppc/pcre-5.0-4.1.fc4.ppc64.rpm
f47bed04d3eeb5df7dd3eae206a4efc9  x86_64/pcre-5.0-4.1.fc4.x86_64.rpm
59d58d979da779954a975fd3b147c892  x86_64/pcre-devel-5.0-4.1.fc4.x86_64.rpm
c84a457fb0b05b28a32f4c225445091f  x86_64/debug/pcre-debuginfo-5.0-4.1.fc4.x86_64.rpm
31bcef8ff26efea03e2a2825364ab420  x86_64/pcre-5.0-4.1.fc4.i386.rpm
31bcef8ff26efea03e2a2825364ab420  i386/pcre-5.0-4.1.fc4.i386.rpm
f8ff870b071671a3a4757fc38460a95d  i386/pcre-devel-5.0-4.1.fc4.i386.rpm
198825cc873affdfe8dde48fb52b3556  i386/debug/pcre-debuginfo-5.0-4.1.fc4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




3.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-804
2005-08-24
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : epiphany
Version     : 1.4.9                      
Release     : 0                  
Summary     : GNOME web browser based on the Mozilla rendering engine
Description :
epiphany is a simple GNOME web browser based on the Mozilla rendering
engine

- ---------------------------------------------------------------------

* Thu Aug 18 2005 Marco Pesenti Gritti <mpg@xxxxxxxxxx> 1.4.9-0
- - Update to 1.4.9
- - Remove download patch (integrated upstream)
- - Add the manual to the package


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

215f0da5fecdb2dd5e3590b11b6d2a56  SRPMS/epiphany-1.4.9-0.src.rpm
3ffec6505656ee3f2bdffaa375187128  x86_64/epiphany-1.4.9-0.x86_64.rpm
95ceb629352e0221cf89530ae1906a83  x86_64/epiphany-devel-1.4.9-0.x86_64.rpm
b459864c4cf3558045fef0c844f9a94c  x86_64/debug/epiphany-debuginfo-1.4.9-0.x86_64.rpm
882cd7f444e2edd85fab9f0dfcb7b48a  i386/epiphany-1.4.9-0.i386.rpm
e3e7927eaf8a7278fc4628294850d58a  i386/epiphany-devel-1.4.9-0.i386.rpm
72699feb4ede1670707bd9dfe4913939  i386/debug/epiphany-debuginfo-1.4.9-0.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




4.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-808
2005-08-25
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : openmotif
Version     : 2.2.3                      
Release     : 9.FC3.1                  
Summary     : Open Motif runtime libraries and executables.
Description :
This is the Open Motif 2.2.1 runtime environment. It includes the
Motif shared libraries, needed to run applications which are dynamically
linked against Motif, and the Motif Window Manager "mwm".

- ---------------------------------------------------------------------

* Mon Apr  4 2005 Thomas Woerner <twoerner@xxxxxxxxxx> 2.2.3-9.FC3.1
- - fixed possible libXpm overflows (#151642)
- - Upstream Fix: Multiscreen mode
- - Upstream Fix: Crash when restarting by a session manager (motifzone#1193)
- - Upstream Fix: Crash when duplicating a window menu containing f.circle_up
  (motifzone#1202)
- - fixed divide by zero error in ComputeVizCount() (#144420)
- - Xpmcreate: define LONG64 on 64 bit architectures (#143689)

* Mon Nov 29 2004 Thomas Woerner <twoerner@xxxxxxxxxx> 2.2.3-6.FC3.2
- - allow to write XPM files with absolute path names again (#140815)


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

44ad7dbba8941c741784859be3e05d39  SRPMS/openmotif-2.2.3-9.FC3.1.src.rpm
3fab42d7c700d11826559ca0cee95838  x86_64/openmotif-2.2.3-9.FC3.1.x86_64.rpm
11916783c2c51b82c33b32666fe88ed2  x86_64/openmotif-devel-2.2.3-9.FC3.1.x86_64.rpm
ffcbc472795a9694d436706834c1d511  x86_64/debug/openmotif-debuginfo-2.2.3-9.FC3.1.x86_64.rpm
0ca7af9e3064663b28900c7cb2796366  x86_64/openmotif-2.2.3-9.FC3.1.i386.rpm
0ca7af9e3064663b28900c7cb2796366  i386/openmotif-2.2.3-9.FC3.1.i386.rpm
1b1b00ad520f23423cbb55b3a66ad96b  i386/openmotif-devel-2.2.3-9.FC3.1.i386.rpm
1e872b3ed5934d59d159c6a650822ca7  i386/debug/openmotif-debuginfo-2.2.3-9.FC3.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




5.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-809
2005-08-25
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : php
Version     : 4.3.11                      
Release     : 2.7                  
Summary     : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts. The
mod_php module enables the Apache Web server to understand and process
the embedded PHP language in Web pages.

- ---------------------------------------------------------------------
Update Information:

This update includes the latest upstream version of the PEAR
XML_RPC package, which fixes a security issue in request
parsing in the XML_RPC Server code.  The Common
Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-2498 to this issue.
- ---------------------------------------------------------------------
* Wed Aug 17 2005 Joe Orton <jorton@xxxxxxxxxx> 4.3.11-2.7
- - pear: update to XML_RPC 1.4.0 (CAN-2005-2498, #165847)


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

8ee124ab881288fd6bbfb2fd9c7ea13e  SRPMS/php-4.3.11-2.7.src.rpm
913fb86266b1c68e686f0ba3f2b414c2  x86_64/php-4.3.11-2.7.x86_64.rpm
c68ec21fa6a61c67f942e5445c7e1743  x86_64/php-devel-4.3.11-2.7.x86_64.rpm
08f69204bc70f2f12e0a086e375c331e  x86_64/php-pear-4.3.11-2.7.x86_64.rpm
2bf2480fb69fc136038a634fbcfcce48  x86_64/php-imap-4.3.11-2.7.x86_64.rpm
d3bacd5fdbf67254c705bc7bc61d281e  x86_64/php-ldap-4.3.11-2.7.x86_64.rpm
3344ccc2e07d4b3397706e1872989482  x86_64/php-mysql-4.3.11-2.7.x86_64.rpm
de65d833cb8e07eca0f56e018c828bbf  x86_64/php-pgsql-4.3.11-2.7.x86_64.rpm
7e76bc8bd1bac00d2571bb97ea42cc9b  x86_64/php-odbc-4.3.11-2.7.x86_64.rpm
9537ed06161fcc317831ffeaf7026f9e  x86_64/php-snmp-4.3.11-2.7.x86_64.rpm
e84e3bf1da132eb91e0be70f01edd3a5  x86_64/php-domxml-4.3.11-2.7.x86_64.rpm
922a1ea8060e709a06d26d594242ee32  x86_64/php-xmlrpc-4.3.11-2.7.x86_64.rpm
b6145a24e3798e6e61a4a8bc89e8c0c5  x86_64/php-mbstring-4.3.11-2.7.x86_64.rpm
90dd25b292a8e2c823e5b5d98168d43a  x86_64/php-ncurses-4.3.11-2.7.x86_64.rpm
09806af9f54acee63f849e2e60ef2b91  x86_64/php-gd-4.3.11-2.7.x86_64.rpm
3bbeb07601b8ec69463c336c0c205fff  x86_64/debug/php-debuginfo-4.3.11-2.7.x86_64.rpm
1e4265fc6ef11f87897ab6a35aff6aa3  i386/php-4.3.11-2.7.i386.rpm
c02d99c3007643a3a1a7bd9e1bac2e50  i386/php-devel-4.3.11-2.7.i386.rpm
11925259bae2e97e3f77b73d87d1fb70  i386/php-pear-4.3.11-2.7.i386.rpm
195b3c6e2479dcfdedcaa11859a7bd6b  i386/php-imap-4.3.11-2.7.i386.rpm
18115f4afa5c36802e9014d5f3f0d7f7  i386/php-ldap-4.3.11-2.7.i386.rpm
77c0eaa6b267a24fd6635425dfb54743  i386/php-mysql-4.3.11-2.7.i386.rpm
b1b8decc25e8f58711e00e5a26c90392  i386/php-pgsql-4.3.11-2.7.i386.rpm
f563dd6f5b41da7c42f5689bfeaea825  i386/php-odbc-4.3.11-2.7.i386.rpm
f47b90f3573f6abf1eb03feb6bcdf069  i386/php-snmp-4.3.11-2.7.i386.rpm
d4e19949fe88844cc1bfdac03613fa74  i386/php-domxml-4.3.11-2.7.i386.rpm
74b4eafd808d15d93096be7e448a3749  i386/php-xmlrpc-4.3.11-2.7.i386.rpm
e81c3b236495308bd48a05600c003afc  i386/php-mbstring-4.3.11-2.7.i386.rpm
4731638caeeeffb16f4d45671a70de68  i386/php-ncurses-4.3.11-2.7.i386.rpm
4063e0d5f86bdfcf9a38f4fcb6426d33  i386/php-gd-4.3.11-2.7.i386.rpm
971a5476be2929cc7d131b84351a9137  i386/debug/php-debuginfo-4.3.11-2.7.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




6.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-810
2005-08-25
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : php
Version     : 5.0.4                      
Release     : 10.4                  
Summary     : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts. The
mod_php module enables the Apache Web server to understand and process
the embedded PHP language in Web pages.

- ---------------------------------------------------------------------
Update Information:

This update includes the latest upstream version of the PEAR
XML_RPC package, which fixes a security issue in request
parsing in the XML_RPC Server code.  The Common
Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-2498 to this issue.
- ---------------------------------------------------------------------
* Mon Aug 15 2005 Joe Orton <jorton@xxxxxxxxxx> 5.0.4-10.4
- - pear: update to XML_RPC 1.4.0 (CAN-2005-2498, #165847)
- - use /etc/httpd/conf/magic for mime_magic (#163116)


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

fe38143c01170f7ee26dca074b193280  SRPMS/php-5.0.4-10.4.src.rpm
929c91fd6d06f91135ac1809aca3920e  ppc/php-5.0.4-10.4.ppc.rpm
665ac2279a8a5fad648d4ed212cbe2b4  ppc/php-devel-5.0.4-10.4.ppc.rpm
7d0a95bf294d1214ba99dfa6e5999b6c  ppc/php-pear-5.0.4-10.4.ppc.rpm
039976e7c06a716f178ea9d1e1af4952  ppc/php-imap-5.0.4-10.4.ppc.rpm
4fd6e3191bf61efa0b26ea3cabe6092c  ppc/php-ldap-5.0.4-10.4.ppc.rpm
d305c37182e03226c02e20350f83892e  ppc/php-mysql-5.0.4-10.4.ppc.rpm
8d690e21921beba761d1fcd581f91b45  ppc/php-pgsql-5.0.4-10.4.ppc.rpm
2c314bbc75a08da08468a1bb57271c71  ppc/php-odbc-5.0.4-10.4.ppc.rpm
9d60e31b08804d0e341af41f82dd8c0e  ppc/php-soap-5.0.4-10.4.ppc.rpm
cbffc98a6b79ce877c2b394c287e3522  ppc/php-snmp-5.0.4-10.4.ppc.rpm
5df40de2f6fdcdf9003fba27100ef5d5  ppc/php-xml-5.0.4-10.4.ppc.rpm
c14979cd059c316cecbd75952ed757b5  ppc/php-xmlrpc-5.0.4-10.4.ppc.rpm
8f5fd0034bbc23d8c8f0e590a47035dc  ppc/php-mbstring-5.0.4-10.4.ppc.rpm
91f583e0d4283d36e18b51dd852bd9b0  ppc/php-ncurses-5.0.4-10.4.ppc.rpm
b2a9320837449b106d6ac9f8a8f6e996  ppc/php-gd-5.0.4-10.4.ppc.rpm
c33d579a1094ee6730c1fe6af09b23a0  ppc/php-bcmath-5.0.4-10.4.ppc.rpm
62b45095119390fa2a35ddc13e27d46b  ppc/php-dba-5.0.4-10.4.ppc.rpm
aa3cfa523a77f6dd85343b9412f0cedc  ppc/debug/php-debuginfo-5.0.4-10.4.ppc.rpm
26556e8667778b59a15cdc25bc84a957  x86_64/php-5.0.4-10.4.x86_64.rpm
6bf32e3c1324e61de1462a78de689cdf  x86_64/php-devel-5.0.4-10.4.x86_64.rpm
0abfae49cfdaf5814c33209b05b1a544  x86_64/php-pear-5.0.4-10.4.x86_64.rpm
84c963007c603e94c6c3522ccf2b842e  x86_64/php-imap-5.0.4-10.4.x86_64.rpm
fc0a1456aa4c979a620b126f4f7fb9ef  x86_64/php-ldap-5.0.4-10.4.x86_64.rpm
ab4fd99ebf4e7c10c7685f9352b554b0  x86_64/php-mysql-5.0.4-10.4.x86_64.rpm
38fc2645debd8aecce858f27522a8188  x86_64/php-pgsql-5.0.4-10.4.x86_64.rpm
c4b8800e63a5da0b1a6f576a1ca3cd8a  x86_64/php-odbc-5.0.4-10.4.x86_64.rpm
c6aecaf60eadbd13e40c1401ca6abf2b  x86_64/php-soap-5.0.4-10.4.x86_64.rpm
738f3918427bf2999a9410ad43d08622  x86_64/php-snmp-5.0.4-10.4.x86_64.rpm
a9af554aff90e068ab29e016156901da  x86_64/php-xml-5.0.4-10.4.x86_64.rpm
7a4fcf7cc3a3390efccd4ed0519dbd8d  x86_64/php-xmlrpc-5.0.4-10.4.x86_64.rpm
d5a9ad5133b2b5a5c33baf54422af0f3  x86_64/php-mbstring-5.0.4-10.4.x86_64.rpm
c6c93b0fde415f50d3ecc8f5a0aa9052  x86_64/php-ncurses-5.0.4-10.4.x86_64.rpm
c79d1ebcb411451bbdc1eae4d68d0673  x86_64/php-gd-5.0.4-10.4.x86_64.rpm
617ee8bbf62e92b1a42073ac13c67cb1  x86_64/php-bcmath-5.0.4-10.4.x86_64.rpm
62f8ea4cdf82db2a4c4562b45bb1b9e2  x86_64/php-dba-5.0.4-10.4.x86_64.rpm
0731bebeec174b81454f332e66d77d6c  x86_64/debug/php-debuginfo-5.0.4-10.4.x86_64.rpm
9ef6e2a3f67be0b14db4dbec4e157032  i386/php-5.0.4-10.4.i386.rpm
19908abb1f9b93a86f5ec07fc9dcb5c1  i386/php-devel-5.0.4-10.4.i386.rpm
8006deba80affa8407ccaaf03a461afa  i386/php-pear-5.0.4-10.4.i386.rpm
d96f3a81a215dc16d299db1e175b4eb7  i386/php-imap-5.0.4-10.4.i386.rpm
7baed49e9b3fab6102ca7d0dd449cc37  i386/php-ldap-5.0.4-10.4.i386.rpm
e918a457273a710834c1e4b4abcdcecf  i386/php-mysql-5.0.4-10.4.i386.rpm
b843122aad7954b79d1f34f658838b5f  i386/php-pgsql-5.0.4-10.4.i386.rpm
85fa86a30159676d97e915bc4747a1ba  i386/php-odbc-5.0.4-10.4.i386.rpm
79b9b45b05efd7b77f4ce8d44a563d98  i386/php-soap-5.0.4-10.4.i386.rpm
eb00673044f03300758fa3e8d337fa10  i386/php-snmp-5.0.4-10.4.i386.rpm
3f8f28c632adc9daf4175eb4a3e69ad4  i386/php-xml-5.0.4-10.4.i386.rpm
8377ac103221b019f1b935a476a392eb  i386/php-xmlrpc-5.0.4-10.4.i386.rpm
4ab80eb682f39a60f12e47d26dfcf404  i386/php-mbstring-5.0.4-10.4.i386.rpm
49fbd501244ac289b968acb2aa1a114b  i386/php-ncurses-5.0.4-10.4.i386.rpm
302a2b807f8ec38d8076ab451677a50f  i386/php-gd-5.0.4-10.4.i386.rpm
31200336bccb48e549248b9376b88b0f  i386/php-bcmath-5.0.4-10.4.i386.rpm
c25ad5eb9d33379b0965428b84febbde  i386/php-dba-5.0.4-10.4.i386.rpm
d7fd702bb4034aec07850080e53d54df  i386/debug/php-debuginfo-5.0.4-10.4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




7.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-812
2005-08-26
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : ntp
Version     : 4.2.0.a.20040617                      
Release     : 5.FC3                  
Summary     : Synchronizes system time using the Network Time Protocol (NTP).
Description :
The Network Time Protocol (NTP) is used to synchronize a computer's
time with another reference time source. The ntp package contains
utilities and daemons that will synchronize your computer's time to
Coordinated Universal Time (UTC) via the NTP protocol and NTP servers.
The ntp package includes ntpdate (a program for retrieving the date
and time from remote machines via a network) and ntpd (a daemon which
continuously adjusts system time).

Install the ntp package if you need tools for keeping your system's
time synchronized via the NTP protocol.

- ---------------------------------------------------------------------
Update Information:

When starting xntpd with the -u option and specifying the
group by using a string not a numeric gid the daemon uses
the gid of the user not the group. This problem is now fixed
by this update.

The Common Vulnerabilities and Exposures project assigned
the name CAN-2005-2496 to this issue.
- ---------------------------------------------------------------------
* Fri Aug 26 2005 Jindrich Novy <jnovy@xxxxxxxxxx> 4.2.0.a.20040617-5.FC3
- - release update to fix CAN-2005-2496 (#147743)

* Thu Apr 14 2005 Jiri Ryska <jryska@xxxxxxxxxx> - 4.2.0.a.20040617-4.FC3
- - fixed gid setting when ntpd started with -u flag


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

8ffa25a375fde2490f9066094f9b963a  SRPMS/ntp-4.2.0.a.20040617-5.FC3.src.rpm
a1df48b304321dcab2d50d1ab7ad490c  x86_64/ntp-4.2.0.a.20040617-5.FC3.x86_64.rpm
c90cc76e4a237216e1fa73099a7784f4  x86_64/debug/ntp-debuginfo-4.2.0.a.20040617-5.FC3.x86_64.rpm
19f969758a759187854a4082f939ca09  i386/ntp-4.2.0.a.20040617-5.FC3.i386.rpm
6c0067db4f0f98903d8107dee90f78ce  i386/debug/ntp-debuginfo-4.2.0.a.20040617-5.FC3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




8.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-815
2005-08-26
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : lesstif
Version     : 0.93.36                      
Release     : 6.FC3.2                  
Summary     : An OSF/Motif(R) clone.
Description :
LessTif is a free replacement for OSF/Motif(R), which provides a full
set of widgets for application development (menus, text entry areas,
scrolling windows, etc.). LessTif is source compatible with
OSF/Motif(R) 1.2. The widget set code is the primary focus of
development. If you are installing lesstif, you also need to install
lesstif-clients.

- ---------------------------------------------------------------------

* Fri May  6 2005 Thomas Woerner <twoerner@xxxxxxxxxx> 0.93-36-6.FC3.2
- - fixed possible libXpm overflows (#151640)
- - allow to write XPM files with absolute path names again (#140815)

* Fri Nov 26 2004 Thomas Woerner <twoerner@xxxxxxxxxx> 0.93.36-6.FC3.1
- - fixed CAN-2004-0687 (integer overflows) and CAN-2004-0688 (stack overflows)
  in embedded Xpm library (#135080)
- - latest Xpm patches: CAN-2004-0914 (#135081)


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

76df08792027e75229e837cffcbb476a  SRPMS/lesstif-0.93.36-6.FC3.2.src.rpm
013397612e73b1dc3fa6280a1ca8e599  x86_64/lesstif-0.93.36-6.FC3.2.x86_64.rpm
576eb1fe1829b35b680292d122ec0048  x86_64/lesstif-devel-0.93.36-6.FC3.2.x86_64.rpm
d83b1cedb08ff23388264006f864aa58  x86_64/debug/lesstif-debuginfo-0.93.36-6.FC3.2.x86_64.rpm
daf976dcd539551a9fcd4a6105e3b953  x86_64/lesstif-0.93.36-6.FC3.2.i386.rpm
daf976dcd539551a9fcd4a6105e3b953  i386/lesstif-0.93.36-6.FC3.2.i386.rpm
89f43a0e8fc6c30eecc1db4dcc61236b  i386/lesstif-devel-0.93.36-6.FC3.2.i386.rpm
e8dbbcccd334047d50aea2b3e6eaf134  i386/debug/lesstif-debuginfo-0.93.36-6.FC3.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




9.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-820
2005-08-28
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : kernel
Version     : 2.6.12                      
Release     : 1.1447_FC4                  
Summary     : The Linux kernel (the core of the Linux operating system).
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of
the Red Hat Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process
allocation, device input and output, etc.

- ---------------------------------------------------------------------

* Fri Aug 26 2005 Dave Jones <davej@xxxxxxxxxx> [2.6.12-1.1447_FC4]
- - Better identify local builds. (#159696)
- - Fix disk/net dump & netconsole. (#152586)
- - Fix up sleeping in invalid context in sym2 driver. (#164995)
- - Fix 'semaphore is not ready' error in snd-intel8x0m.
- - Restore hwclock functionality on some systems. (#144894)
- - Merge patches proposed for 2.6.12.6
- - Fix typo in ALPS driver.
- - Fix 'No sense' error with Transcend USB key. (#162559)
- - Fix up ide-scsi check for medium not present. (#160868)
- - powernow-k8 driver update from 2.6.13rc7.

* Tue Aug 23 2005 Dave Jones <davej@xxxxxxxxxx> [2.6.12-1.1435_FC4]
- - Work around AMD x86-64 errata 122.

* Tue Aug 23 2005 Rik van Riel <riel@xxxxxxxxxx>
- - upgrade to today's Xen snapshot

* Mon Aug 22 2005 Rik van Riel <riel@xxxxxxxxxx>
- - make sure that the vsyscall-note is linked in so the right glibc is used

* Sun Aug 21 2005 Rik van Riel <riel@xxxxxxxxxx>
- - fix the Xen vsyscall problem

* Thu Aug 18 2005 David Woodhouse <dwmw2@xxxxxxxxxx>
- - Don't probe 8250 ports on ppc32 unless they're in the device tree
- - Enable ISDN, 8250 console, i8042 keyboard controller on ppc32
- - Audit updates from git tree

* Wed Aug 17 2005 Rik van Riel <riel@xxxxxxxxxx>
- - temporarily disable the vsyscall page for Xen

* Tue Aug 16 2005 Dave Jones <davej@xxxxxxxxxx>
- - Restrict ipsec socket policy loading to CAP_NET_ADMIN. (CAN-2005-2555)

* Mon Aug 15 2005 Rik van Riel <riel@xxxxxxxxxx>
- - upgrade Xen to a newer version

* Mon Aug 15 2005 Dave Jones <davej@xxxxxxxxxx>
- - 2.6.11.5
- - Fix module_verify_elf check that rejected valid .ko files. (#165528)

* Thu Aug 11 2005 Dave Jones <davej@xxxxxxxxxx>
- - Audit speedup in syscall path.
- - Update to a newer ACPI drop.

* Fri Aug  5 2005 Dave Jones <davej@xxxxxxxxxx> [2.6.12-1.1420_FC4]
- - update to final 2.6.12.4 patchset.
- - ACPI update to 20050729.
- - Disable experimental ACPI HOTKEY driver. (#163355)

* Thu Aug  4 2005 Dave Jones <davej@xxxxxxxxxx>
- - Enable Amiga partition support. (#149802)

* Wed Aug  3 2005 Dave Jones <davej@xxxxxxxxxx> [2.6.12-1.1411_FC4]
- - Include pre-release 2.6.12.4 patchset
- - Silence some messages from PowerMac thermal driver. (#158739)
- - nfs server intermitently claimed ENOENT on existing files or directories. (#150759)
- - Stop usbhid driver incorrectly claiming Wireless Security Lock as a mouse. (#147479)
- - Further NFSD fixing for non-standard ports.
- - Fix up miscalculated i_nlink in /proc (#162418)
- - Fix addrlen checks in selinux_socket_connect. (#164165)

* Thu Jul 28 2005 Dave Jones <davej@xxxxxxxxxx>
- - Fix compilation with older gcc. (#164041)


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

f865ad76db429f63ac1bf7bdf832e55b  SRPMS/kernel-2.6.12-1.1447_FC4.src.rpm
648cbbb6eba90c28438fe5ce983f276b  ppc/kernel-2.6.12-1.1447_FC4.ppc.rpm
113f8fc4e635137e2e733636d3987aa0  ppc/kernel-devel-2.6.12-1.1447_FC4.ppc.rpm
700022469101d7b36637329fa3cad79a  ppc/kernel-smp-2.6.12-1.1447_FC4.ppc.rpm
ba9e46586510d306bcccd34434066b9e  ppc/kernel-smp-devel-2.6.12-1.1447_FC4.ppc.rpm
3b6433e888c76f4f95b2e183f340561d  ppc/debug/kernel-debuginfo-2.6.12-1.1447_FC4.ppc.rpm
8b3ac8ca1a781c10713180a0740c2547  ppc/kernel-2.6.12-1.1447_FC4.ppc64.rpm
831e67fb5c0564b17e1724f8ef8f17b2  ppc/kernel-devel-2.6.12-1.1447_FC4.ppc64.rpm
1b70224af322b0af165e2a45b7d8c956  ppc/kernel-2.6.12-1.1447_FC4.ppc64iseries.rpm
0d779a02c47a2ebb48074d4ca2e5d7a5  ppc/kernel-devel-2.6.12-1.1447_FC4.ppc64iseries.rpm
5b0e3e8de7ff40b7fd6cb66b415d5701  x86_64/kernel-2.6.12-1.1447_FC4.x86_64.rpm
fbad3a0cc7421cf1fe19b3592ee71cbe  x86_64/kernel-devel-2.6.12-1.1447_FC4.x86_64.rpm
87ac8412d75adc796050f60efb72964a  x86_64/kernel-smp-2.6.12-1.1447_FC4.x86_64.rpm
760fb1745aba2f93daf46156d248e9a6  x86_64/kernel-smp-devel-2.6.12-1.1447_FC4.x86_64.rpm
348ed73152c6837c0fcd4819c96a458e  x86_64/debug/kernel-debuginfo-2.6.12-1.1447_FC4.x86_64.rpm
4b247f0141b5de649f25c905418178f5  x86_64/kernel-doc-2.6.12-1.1447_FC4.noarch.rpm
451145a445be6310ec261d72de5a097a  i386/kernel-2.6.12-1.1447_FC4.i586.rpm
279e6474bb29df58a046de1373572684  i386/kernel-devel-2.6.12-1.1447_FC4.i586.rpm
727229e153f886405f53fa9a2aaac47f  i386/debug/kernel-debuginfo-2.6.12-1.1447_FC4.i586.rpm
513bc2f58e33465b895a229c2f2d7cea  i386/kernel-2.6.12-1.1447_FC4.i686.rpm
a564cb8c227ed5be8052696d90627b00  i386/kernel-devel-2.6.12-1.1447_FC4.i686.rpm
6627ee6a0b5be936114b033d7f11ba50  i386/kernel-smp-2.6.12-1.1447_FC4.i686.rpm
5b43c01ee82477ae04db6270d34801bf  i386/kernel-smp-devel-2.6.12-1.1447_FC4.i686.rpm
a1f0ef8f638fd33aff5db7a015c9d687  i386/kernel-xen0-2.6.12-1.1447_FC4.i686.rpm
ee5f74131f5e32b8142b8554a6e92885  i386/kernel-xen0-devel-2.6.12-1.1447_FC4.i686.rpm
e529cbe54194868937feb008a6d105da  i386/kernel-xenU-2.6.12-1.1447_FC4.i686.rpm
d80754a9a5bee95cab45729eed47f2c5  i386/kernel-xenU-devel-2.6.12-1.1447_FC4.i686.rpm
6c8dfced541a5a40f432d7c037c8d780  i386/debug/kernel-debuginfo-2.6.12-1.1447_FC4.i686.rpm
4b247f0141b5de649f25c905418178f5  i386/kernel-doc-2.6.12-1.1447_FC4.noarch.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




10.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-821
2005-08-28
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : kernel
Version     : 2.6.12                      
Release     : 1.1376_FC3                  
Summary     : The Linux kernel (the core of the Linux operating system).
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of
the Red Hat Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process
allocation, device input and output, etc.

- ---------------------------------------------------------------------

* Fri Aug 26 2005 Dave Jones <davej@xxxxxxxxxx> [2.6.12-1.1376_FC3]
- - Better identify local builds. (#159696)
- - Fix disk/net dump & netconsole. (#152586)
- - Fix up sleeping in invalid context in sym2 driver. (#164995)
- - Fix 'semaphore is not ready' error in snd-intel8x0m.
- - Restore hwclock functionality on some systems. (#144894)
- - Merge patches proposed for 2.6.12.6
- - Fix typo in ALPS driver.
- - Fix 'No sense' error with Transcend USB key. (#162559)
- - Fix up ide-scsi check for medium not present. (#160868)
- - powernow-k8 driver update from 2.6.13rc7

* Tue Aug 23 2005 Dave Jones <davej@xxxxxxxxxx> [2.6.12-1.1375_FC3]
- - Work around AMD x86-64 errata 122.

* Thu Aug 18 2005 David Woodhouse <dwmw2@xxxxxxxxxx>
- - Don't probe 8250 ports on ppc32 unless they're in the device tree
- - Enable ISDN, 8250 console, i8042 keyboard controller on ppc32
- - Audit updates from git tree

* Tue Aug 16 2005 Dave Jones <davej@xxxxxxxxxx> [2.6.12-1.1374_FC3]
- - Restrict ipsec socket policy loading to CAP_NET_ADMIN. (CAN-2005-2555)

* Mon Aug 15 2005 Dave Jones <davej@xxxxxxxxxx>
- - 2.6.11.5
- - Fix module_verify_elf check that rejected valid .ko files. (#165528)

* Thu Aug 11 2005 Dave Jones <davej@xxxxxxxxxx>
- - Audit speedup in syscall path.
- - Update to a newer ACPI drop.

* Wed Aug 10 2005 Dave Jones <davej@xxxxxxxxxx>
- - Reenable 586-smp builds. (Another FC4 change that crept in).

* Fri Aug  5 2005 Dave Jones <davej@xxxxxxxxxx> [2.6.12-1.1373_FC3]
- - Sync with FC4 update.
- - Add Appletouch support.
- - Audit updates. In particular, don't printk audit messages that
  are passed from userspace when auditing is disabled.
- - update to final 2.6.12.4 patchset.
- - ACPI update to 20050729.
- - Disable experimental ACPI HOTKEY driver. (#163355)

* Thu Aug  4 2005 Dave Jones <davej@xxxxxxxxxx>
- - Enable Amiga partition support. (#149802)

* Wed Aug  3 2005 Dave Jones <davej@xxxxxxxxxx> 
- - Silence some messages from PowerMac thermal driver. (#158739)
- - nfs server intermitently claimed ENOENT on existing files or directories. (#150759)
- - Stop usbhid driver incorrectly claiming Wireless Security Lock as a mouse. (#147479)
- - Further NFSD fixing for non-standard ports.
- - Fix up miscalculated i_nlink in /proc (#162418)
- - Fix addrlen checks in selinux_socket_connect. (#164165)

* Thu Jul 28 2005 Dave Jones <davej@xxxxxxxxxx>
- - Fix compilation with older gcc. (#164041)
- - Bump mkinitrd minimum requirement.
- - Drop the -devel changes that leaked in from the FC4 backport. (#163406)


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

753df12a49a38a9f3a09d29476aaff31  SRPMS/kernel-2.6.12-1.1376_FC3.src.rpm
98239a277a4d0407e8a2b341c10afd7f  x86_64/kernel-2.6.12-1.1376_FC3.x86_64.rpm
9f10115a728f0f47c27812e940be4dc5  x86_64/kernel-smp-2.6.12-1.1376_FC3.x86_64.rpm
1eed8cfb77a26a83ce1997b551cfef0c  x86_64/debug/kernel-debuginfo-2.6.12-1.1376_FC3.x86_64.rpm
efd44f4e12ae365f4a789bf37de211d3  x86_64/kernel-doc-2.6.12-1.1376_FC3.noarch.rpm
4c5cc76e85bed920b58d7f2218f2b503  i386/kernel-2.6.12-1.1376_FC3.i586.rpm
5929676dc3cb7e98e636ed8a786530cf  i386/kernel-smp-2.6.12-1.1376_FC3.i586.rpm
073d020e4a1d6a7fccb1fae5edf10849  i386/debug/kernel-debuginfo-2.6.12-1.1376_FC3.i586.rpm
0dd7e645d472df5902d51a4c633f315f  i386/kernel-2.6.12-1.1376_FC3.i686.rpm
6e4672a0ff6f336489f8240c2097019a  i386/kernel-smp-2.6.12-1.1376_FC3.i686.rpm
ce4442efd8edc5e3cd2af383c9862127  i386/debug/kernel-debuginfo-2.6.12-1.1376_FC3.i686.rpm
efd44f4e12ae365f4a789bf37de211d3  i386/kernel-doc-2.6.12-1.1376_FC3.noarch.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------




11.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-822
2005-08-29
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : dbus
Version     : 0.33                      
Release     : 3.fc4.1                  
Summary     : D-BUS message bus
Description :

D-BUS is a system for sending messages between applications. It is
used both for the systemwide message bus service, and as a
per-user-login-session messaging facility.

- ---------------------------------------------------------------------

* Mon Aug 29 2005 John (J5) Palmieri <johnp@xxxxxxxxxx> - 0.33-3.fc4.1
- - add patch from 0.2x series that fixes an exploit where
  users can attach to another user's session bus (CAN-2005-0201)


- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

a5f7ec019ae83d8ba7bc34ad5e455b1f  SRPMS/dbus-0.33-3.fc4.1.src.rpm
b18b22127961fdfffe5361a408a8a3a1  ppc/dbus-0.33-3.fc4.1.ppc.rpm
8e3fa6f831df2888842035c2272573f4  ppc/dbus-devel-0.33-3.fc4.1.ppc.rpm
989d3af37848d07a11fe85af05729cfe  ppc/dbus-glib-0.33-3.fc4.1.ppc.rpm
6aba9846ef9ed05e276a73570ba9250b  ppc/dbus-x11-0.33-3.fc4.1.ppc.rpm
a51431b65a5a7dc389ab1b680f93d22b  ppc/dbus-python-0.33-3.fc4.1.ppc.rpm
e4f117cea0d30e1c6cc475ae1b168740  ppc/debug/dbus-debuginfo-0.33-3.fc4.1.ppc.rpm
84823a401d47631f95dac20d76b49aaf  ppc/dbus-0.33-3.fc4.1.ppc64.rpm
863a61e3a5a69682bbb72a603c5f4228  ppc/dbus-glib-0.33-3.fc4.1.ppc64.rpm
1900b51f1a622fca3677ccf33fee8712  x86_64/dbus-0.33-3.fc4.1.x86_64.rpm
e469ec09a5df40b99f6a5e592723bcb2  x86_64/dbus-devel-0.33-3.fc4.1.x86_64.rpm
5609ebfc1844fa3d4fd82772dd055709  x86_64/dbus-glib-0.33-3.fc4.1.x86_64.rpm
8a232308c032cd5b7b3d798aa7e18339  x86_64/dbus-x11-0.33-3.fc4.1.x86_64.rpm
b82c3f4720c867dc88202c8f58ac65f4  x86_64/dbus-python-0.33-3.fc4.1.x86_64.rpm
429984bab7e596546906e95bfd9698ea  x86_64/debug/dbus-debuginfo-0.33-3.fc4.1.x86_64.rpm
ccc0b77a02f0586dbf1acf1adc81e019  x86_64/dbus-0.33-3.fc4.1.i386.rpm
0f3a59c3f02f5b2f7097989ebfa7b41a  x86_64/dbus-glib-0.33-3.fc4.1.i386.rpm
ccc0b77a02f0586dbf1acf1adc81e019  i386/dbus-0.33-3.fc4.1.i386.rpm
ce7293f13fadcfd3b71c2bd1989c3eaa  i386/dbus-devel-0.33-3.fc4.1.i386.rpm
0f3a59c3f02f5b2f7097989ebfa7b41a  i386/dbus-glib-0.33-3.fc4.1.i386.rpm
04e3b4b44f14b21d5b5ce95313ee25ad  i386/dbus-x11-0.33-3.fc4.1.i386.rpm
b00faaa5e17a85defadb884b3dcfdf30  i386/dbus-python-0.33-3.fc4.1.i386.rpm
99f4db31da2d4ab69878127151deab3b  i386/debug/dbus-debuginfo-0.33-3.fc4.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
- ---------------------------------------------------------------------



- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Fedora for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQxRTwopao72zK539AQFHygQAhGgpRhqnlMias7tTFG/0miR3KSlaDXOt
EUBjA8LWm04WwEBGiQXb4JXZbS2hJX91jp3GoTFqtRGFj907NqM/B7EUkJRWc1Pw
oO1XOoZZzLQQ9jIMznHxTkk7/655JISYYWb/30w3jwTz1/xaiwrNNUrinA8lQiRt
QkL3SKp7gHQ=
=Tk28
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________