Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    I am pleased to announce version 2.15.0 of the Python bindings for GObject. The new release is available from ftp.gnome.org as and its mirrors as soon as its synced correctly: http://download.gnome.org/sources/pygobject/2.15/ There are two new significant features in this release, initial bindings for GIO. Note that these are not complete, please report missing API in Bugzilla so we know what people are missing. Codegen has been moved from PyGTK and can now be used without depending on GTK+, which should be useful for GObject based libraries. What's new since PyGObject 2.14.x? - Add GIO bindings (Johan, Mario Tagliaretti, Thomas Leonard) - Move codegen from PyGTK (Johan, Paul Pogonyshev, #542821) - Add more variables to the .pc files (Damien Carbery, Paul, Dan Winship, #486876) - Add pyg_option_group_new to the public API (Johan) - Add g_get_application_anme and g_get_progname (Sebastian Rittau) - Avoid making wakeups when using Python 2.6 (Johan, Gustavo, Adam Olsen, Josselin Mouette, Philippe Normand, Guido Van Rossum) - Only link against libffi when found (Ed Catmur, #496006) - Improve gobject.property (Tomeu Vizoso, #523352) - Improve enum comparision and warnings (Paul, Phil Dumont, #428732) - Many gobject.Source improvements (Bryan Silverthorn) - Apply some fixes to make pylint happier (Johan, Simon Schampijer, #523821) - Fix error message in pyg_io_add_watch (Juha Sahkangas) - Improve h2def.py (Oliver Crete, Murray Cumming, Lauro Moura) Blurb: GObject is a object system library used by GTK+ and GStreamer. PyGObject provides a convenient wrapper for the GObject+ library for use in Python programs, and takes care of many of the boring details such as managing memory and type casting. When combined with PyGTK, PyORBit and gnome-python, it can be used to write full featured Gnome applications. Like the GObject library itself PyGObject is licensed under the GNU LGPL, so is suitable for use in both free software and proprietary applications. It is already in use in many applications ranging from small single purpose scripts up to large full featured applications. PyGObject requires glib >= 2.8.0 and Python >= 2.3.5 to build. GIO bindings require glib >= 2.16.0. -- Johan Dahlin jdahlin ( -at -) async.com.br _______________________________________________
  2. news
    Hi Editors, Tech-Reviews.co.uk has just posted a news review online. A link or inclusion of the review in a news post would be much appreciated. Title: Scythe Orochi 10-Heatpipe CPU Cooler ( -at -) Tech-Reviews.co.uk Briefing: I have seen more than my fair share of coolers in the past ranging from the more conservative OEM coolers to the weird and wonderful world of aftermarket coolers. So you might think that I wouldn't want to review any more, but when I was asked if I would review the Scythe Orochi - a ten heatpipe monster - I just couldn't say no. Link: http://tech-reviews.co.uk/reviews/scythe-orochi/ Image SRC: http://tech-reviews.co.uk/images/thumbs/torochi.jpg Please continue to send us news at the provided address:
  3. news
    Crucial 32GB Solid State Drive Review ( -at -) DriverHeaven.net http://www.driverheaven.net/reviews.php?reviewid=589 Hard drives are constantly getting larger and cheaper as the technology improves, but their speed increases only marginally each year because they are limited by their inherent mechanical nature. No matter how efficient an algorithm or the overall design might be, the rotational speed of the platters is not going to increase much further... Thanks Craig
  4. news
    Hello, - Obsidian Conflict v1.3 Released http://www.gamershell.com/news_55100.html - This is Vegas E3 2008 Trailer http://www.gamershell.com/news_55098.html - Unreal Tournament 3 E3 2008 Trailer http://www.gamershell.com/news_55096.html Best Regards, GamersHell.com Staff =============================================================================
  5. news
    Hi, We've just posted a new article on our website, Hardware Secrets. Title: Sunbeamtech 9-Bay Acrylic Case Review Link: http://www.hardwaresecrets.com/article/584 Category: Reviews Summary: Are you interested in an all-acrylic case for your system? Today we took a look on Sunbeamtech’s 9-bay acrylic case (AC-9B-HUVB). Here is a snippet: "For many geeks acrylic cases are a dream coming true. Sunbeamtech currently manufactures five models and even though theoretically acrylic is a material more expensive than steel, Sunbeamtech is able to market their acrylic products between USD 50 to USD 85, which is a real bargain. Today we are going to take an in-depth look on their most expensive model, AC-9B-HUVB, a mid-tower case featuring nine 5 ¼" bays, a hard disk drive cage for up to four drives and space for installing up to six fans (the case comes with three 120-mm fans that glow blue when they are turned on). Check it out." A news post would be highly appreciated. Thanks in advance, Gabriel Torres Editor-in-Chief Hardware Secrets http://www.hardwaresecrets.com ---------------------------------------------------------------------
  6. news
    Hello, - Fallout 3 E3 2008 Gameplay Trailer http://www.gamershell.com/news_55092.html - BET and RACE Announced and Screens http://www.gamershell.com/news_55088.html - Very Big Games Demo Pack http://www.gamershell.com/news_55086.html Best Regards, GamersHell.com Staff =============================================================================
  7. news
    Hello, - Full Metal Soccer Released and Demo http://www.gamershell.com/news_55084.html - City of Heroes Veteran Rewards Badges Announced http://www.gamershell.com/news_55082.html - Lineage II Chaotic Throne: Gracia Details/Screens #2 http://www.gamershell.com/news_55080.html - Apogee Software is Back/Duke Nukem Trilogy Announced http://www.gamershell.com/news_55078.html Best Regards, GamersHell.com Staff =============================================================================
  8. news
    Hello, - Operation Peacekeeper 2 v0.25 Released http://www.gamershell.com/news_55076.html - Allegiance 2.1 build 165 Free Full Game http://www.gamershell.com/news_55072.html - Hydrophobia E3 2008 Trailer and Screens http://www.gamershell.com/news_55074.html Best Regards, GamersHell.com Staff =============================================================================
  9. news
    Hello, - Space Chimps Cheryl Hines Trailer http://www.gamershell.com/news_55068.html - Reflective Layer Free Full Games http://www.gamershell.com/news_55070.html - Yumi's Odd Odyssey E3 2008 Screens http://www.gamershell.com/news_55066.html - Rune Factory 2: A Fantasy Harvest Moon E3 2008 Screens http://www.gamershell.com/news_55064.html - Princess Debut E3 2008 Screens http://www.gamershell.com/news_55062.html - Hi! Hamtaro Ham-Ham Challenge E3 2008 Screens http://www.gamershell.com/news_55060.html - Rock Band 2 New Details Revealed http://www.gamershell.com/news_55054.html Best Regards, GamersHell.com Staff =============================================================================
  10. news
    Hello, Asrock Penryn1600SLIX3-WiFi S775 Motherboard Review "In their known style, Asrock re-invented the 680i platform by creating the only official 45nm and 3-Way SLI supporting 680i motherboard. Let´s see how this relatively cheap motherboard performs against the newer 750i platform. http://www.madshrimps.be/gotoartik.php?articID=808 __________________________________ Thank you in advance for posting,
  11. news
    Hey news partners, I just finished publishing "4 Must Have iPhone Games", if you think this post will resonate with your readership, then by all means please share it with them. Title: 4 Must Have iPhone Games Link: http://osxreality.com/2008/07/13/4-must-have-iphone-games-2/ Image: http://osxreality.com/wp-content/uploads/2008/07/4iphonegames-sm.jpg Excerpt: "Since the debut of the App Store, there has been a flood of generic puzzle games and a good number of racing games. The accelerometer based steering for racing games is now becoming the norm, is this all iPhone gaming will consist of? Racing and puzzle games galore? Not if these guys have anything to do with it, check out these hidden gems." Thank you, Phi Nguyen If you have any news you'd like to share please be sure to send them to osxreality ( -at -) mac.com
  12. news
    Hello, - Atlantica Online Screens #6 and Trailer #3 http://www.gamershell.com/news_55058.html - Reflective Layer Demo Pack http://www.gamershell.com/news_55056.html - The Lord of the Rings: Conquest E3 2008 Screens http://www.gamershell.com/news_55052.html Best Regards, GamersHell.com Staff =============================================================================
  13. news
    TechwareLabs has published a editorial on Synthetic vs Real World Benchmarks. Here's a clip from the editorial: Quote: Do you find yourself often confused by reviews you find online? Are the results that you see much higher than those of your system or do they make any sense at all? Read our explanation of Real World vs Synthetic Benchmarks and find out how to read those reviews. We explain what you should be looking for and some of the tricks used by other sites to affect their results. LINK: http://www.techwarelabs.com/articles/editorials/real-vs-synthetic/ Title: Synthetic vs Real World Benchmarks ( -at -) TechwareLabs Image:http://www.techwarelabs.com/images/articles/Synthetic_VS_Real_World_Benchmarks_.jpg A news post would be greatly appreciated!
  14. news
    Hi Editors, Tech-Reviews.co.uk has just posted a news review online. A link or inclusion of the review in a news post would be much appreciated. Title: Scythe Eclipse 2 Keyboard ( -at -) Tech-Reviews.co.uk Briefing: Keyboards are probably one of the most understated peripherals available on the computing market. Does a keyboard really make any difference to your performance on a PC? Well here at Tech-Reviews I've been given the Saitek Eclipse 2 to review. Let's see if it can. Link: <http://tech-reviews.co.uk/reviews/scythe-eclipse-2-keyboard/> http://tech-reviews.co.uk/reviews/scythe-eclipse-2-keyboard/ Image SRC: <http://tech-reviews.co.uk/images/thumbs/teclipse2.jpg> http://tech-reviews.co.uk/images/thumbs/teclipse2.jpg Please continue to send us news at the provided address:
  15. news
    Hello Everyone, We're writing to let you all know that we have just posted a new article at HotHardware in which we evaluate the features and performance of the Asus Maximus II Formula Intel P45 motherboard. The Maximus II Formula is a member of Asus' high-end "Republic of Gamers", or RoG, series of motherboard and as such it is loaded with integrated peripherals and has an elaborate cooling setup. Head on over to the site and check it out... URL: http://www.hothardware.com/Articles/Asus_Maximus_II_Formula_Intel_P45_Mother board Site: http://www.hothardware.com/ As always, a link in your news sections would be much appreciated! If you'd like us to return the favor, please don't hesitate to send your press
  16. news
    Hello, - Age of Conan Machinima Videos http://www.gamershell.com/news_55050.html - Harvest Moon: Tree of Tranquility E3 2008 Trailer and Screens http://www.gamershell.com/news_55048.html - Harvest Moon: Island of Happiness E3 2008 Trailer and Screens http://www.gamershell.com/news_55046.html Best Regards, GamersHell.com Staff =============================================================================
  17. news
    At Phoronix we have posted a new article. A link to this from your site's news section would be greatly appreciated. Title: Ubuntu 8.04.1 LTS vs. 8.10 Alpha 2 Performance ( -at -) Phoronix Direct Link: http://www.phoronix.com/vr.php?view=12604 Summary: "With Canonical having pulled many new packages into Ubuntu 8.10 from Debian unstable and there being the Linux 2.6.26-rc8 kernel, a near-final version of X.Org 7.4 / Mesa 7.1, and GCC 4.3 among them, we've decided to run a few early benchmarks of Intrepid Ibex. In this article we have enclosed 32 benchmark results from the Phoronix Test Suite comparing Ubuntu 8.04.1 LTS to Ubuntu 8.10 Alpha 2." Please feel free to contact us with any questions or comments you may
  18. news
    Hello, - Prince of Persia Prodigy Artwork Trailer #3 http://www.gamershell.com/news_55044.html - Rise of the Argonauts Video Dev Diary http://www.gamershell.com/news_55042.html - Alone in the Dark Making Of Trailer #6 http://www.gamershell.com/news_55040.html Best Regards, GamersHell.com Staff =============================================================================
  19. news
    Hello, - The Chronicles of Spellborn Background Story #1 and Artwork #2 http://www.gamershell.com/news_55038.html - Dark Horizon E3 2008 Screens http://www.gamershell.com/news_55036.html - Majesty 2 - The Fantasy Kingdom Sim E3 2008 Screens http://www.gamershell.com/news_55034.html Best Regards, GamersHell.com Staff =============================================================================
  20. news
    Analog Devices' SoundMAX line of audio codecs has been one of the more notable integrated audio options in PC motherboards for some time now. SoundMAX solutions have found their way into motherboards from Intel and Asus, among others, and have fared reasonably well in our testing. However, ADI hasn't quite managed to steal enough market share away from suppliers like Realtek to make a go of it, and now, the firm has decided to cease development of new PC audio codecs in order to focus on other markets. http://techreport.com/discussions.x/15112 Thanks, Scott __ Scott Wasson The Tech Report PC Hardware Explored http://techreport.com -- To unsubscribe from: TR-News, just follow this link:
  21. news
    Hi Editors, Tech-Reviews.co.uk has just posted a news review online. A link or inclusion of the review in a news post would be much appreciated. Title: Scythe Zipang CPU Cooler ( -at -) Tech-Reviews.co.uk Briefing: Scythe is renowned for their uber large CPU coolers. These high performance coolers are normally a favourite among gamers and overclockers alike. However, silencing is normally a large problem that is entailed on a large variety of these heat sink and fan combinations. Today though, we have another CPU cooler from the Japanease manufacturer Scythe, the Scythe Zipang. This cooler doesn't just pack good performance though, but it's also relatively quiet at its rated 21dBA. Let's give it a spin. Link: http://tech-reviews.co.uk/reviews/scythe-zipang/ Image SRC: http://tech-reviews.co.uk/images/thumbs/tzipang.jpg Please continue to send us news at the provided address:
  22. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.4.2-ibm security update Advisory ID: RHSA-2008:0555-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0555.html Issue date: 2008-07-14 Keywords: Security CVE Names: CVE-2008-1187 CVE-2008-1196 ===================================================================== 1. Summary: Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 Extras - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 3 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, ia64, x86_64 RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: IBM's 1.4.2 SR11 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1187) A buffer overflow flaw was found in Java Web Start (JWS). An untrusted application using the Java Network Launch Protocol (JNLP) could access local files or execute local applications accessible to the user running the JRE. (CVE-2008-1196) All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain IBM's 1.4.2 SR11 Java release which resolves these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 436030 - CVE-2008-1187 Untrusted applet and application XSLT processing privilege escalation 436302 - CVE-2008-1196 Buffer overflow security vulnerabilities in Java Web Start 6. Package List: Red Hat Enterprise Linux AS version 3 Extras: i386: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.i386.rpm ia64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.ia64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.ia64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.ia64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.ia64.rpm ppc: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.ppc.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.ppc.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.ppc.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el3.ppc.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.ppc.rpm s390: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.s390.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.s390.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.s390.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el3.s390.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.s390.rpm s390x: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.s390x.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.s390x.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.s390x.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.s390x.rpm x86_64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.x86_64.rpm Red Hat Desktop version 3 Extras: i386: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.i386.rpm x86_64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3 Extras: i386: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.i386.rpm ia64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.ia64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.ia64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.ia64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3 Extras: i386: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el3.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.i386.rpm ia64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.ia64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.ia64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.ia64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3.x86_64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4 Extras: i386: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.ia64.rpm ppc: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.ppc.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.ppc.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.ppc.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el4.ppc.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el4.ppc.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.ppc.rpm s390: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.s390.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.s390.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.s390.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el4.s390.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.s390.rpm s390x: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.s390x.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.s390x.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.s390x.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.s390x.rpm x86_64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.i386.rpm x86_64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4.x86_64.rpm RHEL Desktop Supplementary (v. 5 client): i386: java-1.4.2-ibm-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5.i386.rpm x86_64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-1.4.2.11-1jpp.2.el5.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el5.x86_64.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5.x86_64.rpm RHEL Supplementary (v. 5 server): i386: java-1.4.2-ibm-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5.i386.rpm ia64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el5.ia64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5.ia64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5.ia64.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5.ia64.rpm ppc: java-1.4.2-ibm-1.4.2.11-1jpp.2.el5.ppc.rpm java-1.4.2-ibm-1.4.2.11-1jpp.2.el5.ppc64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5.ppc.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5.ppc64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5.ppc.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5.ppc64.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el5.ppc.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el5.ppc64.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el5.ppc.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5.ppc.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5.ppc64.rpm s390x: java-1.4.2-ibm-1.4.2.11-1jpp.2.el5.s390.rpm java-1.4.2-ibm-1.4.2.11-1jpp.2.el5.s390x.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5.s390.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5.s390x.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5.s390.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5.s390x.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el5.s390.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5.s390.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5.s390x.rpm x86_64: java-1.4.2-ibm-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-1.4.2.11-1jpp.2.el5.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el5.x86_64.rpm java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1196 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFIe1BWXlSAg2UNWIIRAkUbAKCV+U/8p2idcPBcEejZkAuM0qjO4QCgwn4i YU/Ty2pa3RbZxcj2dHXJw/c= =PDMq -----END PGP SIGNATURE----- --
  23. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: ruby security update Advisory ID: RHSA-2008:0561-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0561.html Issue date: 2008-07-14 CVE Names: CVE-2008-2662 CVE-2008-2663 CVE-2008-2664 CVE-2008-2725 CVE-2008-2726 CVE-2008-2376 ===================================================================== 1. Summary: Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: Ruby is an interpreted scripting language for quick and easy object-oriented programming. Multiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array or string operations. (CVE-2008-2376, CVE-2008-2662, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726) It was discovered that Ruby used the alloca() memory allocation function in the format (%) method of the String class without properly restricting maximum string length. An attacker could use this flaw to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using long, untrusted strings as format strings. (CVE-2008-2664) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of Ruby should upgrade to these updated packages, which contain a backported patch to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 450821 - CVE-2008-2662 ruby: Integer overflows in rb_str_buf_append() 450825 - CVE-2008-2663 ruby: Integer overflows in rb_ary_store() 450834 - CVE-2008-2664 ruby: Unsafe use of alloca in rb_str_format() 451821 - CVE-2008-2725 ruby: integer overflow in rb_ary_splice/update/replace() - REALLOC_N 451828 - CVE-2008-2726 ruby: integer overflow in rb_ary_splice/update/replace() - beg + rlen 453589 - CVE-2008-2376 ruby: integer overflows in rb_ary_fill() / Array#fill 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ruby-1.8.1-7.el4_6.1.src.rpm i386: irb-1.8.1-7.el4_6.1.i386.rpm ruby-1.8.1-7.el4_6.1.i386.rpm ruby-debuginfo-1.8.1-7.el4_6.1.i386.rpm ruby-devel-1.8.1-7.el4_6.1.i386.rpm ruby-docs-1.8.1-7.el4_6.1.i386.rpm ruby-libs-1.8.1-7.el4_6.1.i386.rpm ruby-mode-1.8.1-7.el4_6.1.i386.rpm ruby-tcltk-1.8.1-7.el4_6.1.i386.rpm ia64: irb-1.8.1-7.el4_6.1.ia64.rpm ruby-1.8.1-7.el4_6.1.ia64.rpm ruby-debuginfo-1.8.1-7.el4_6.1.i386.rpm ruby-debuginfo-1.8.1-7.el4_6.1.ia64.rpm ruby-devel-1.8.1-7.el4_6.1.ia64.rpm ruby-docs-1.8.1-7.el4_6.1.ia64.rpm ruby-libs-1.8.1-7.el4_6.1.i386.rpm ruby-libs-1.8.1-7.el4_6.1.ia64.rpm ruby-mode-1.8.1-7.el4_6.1.ia64.rpm ruby-tcltk-1.8.1-7.el4_6.1.ia64.rpm ppc: irb-1.8.1-7.el4_6.1.ppc.rpm ruby-1.8.1-7.el4_6.1.ppc.rpm ruby-debuginfo-1.8.1-7.el4_6.1.ppc.rpm ruby-debuginfo-1.8.1-7.el4_6.1.ppc64.rpm ruby-devel-1.8.1-7.el4_6.1.ppc.rpm ruby-docs-1.8.1-7.el4_6.1.ppc.rpm ruby-libs-1.8.1-7.el4_6.1.ppc.rpm ruby-libs-1.8.1-7.el4_6.1.ppc64.rpm ruby-mode-1.8.1-7.el4_6.1.ppc.rpm ruby-tcltk-1.8.1-7.el4_6.1.ppc.rpm s390: irb-1.8.1-7.el4_6.1.s390.rpm ruby-1.8.1-7.el4_6.1.s390.rpm ruby-debuginfo-1.8.1-7.el4_6.1.s390.rpm ruby-devel-1.8.1-7.el4_6.1.s390.rpm ruby-docs-1.8.1-7.el4_6.1.s390.rpm ruby-libs-1.8.1-7.el4_6.1.s390.rpm ruby-mode-1.8.1-7.el4_6.1.s390.rpm ruby-tcltk-1.8.1-7.el4_6.1.s390.rpm s390x: irb-1.8.1-7.el4_6.1.s390x.rpm ruby-1.8.1-7.el4_6.1.s390x.rpm ruby-debuginfo-1.8.1-7.el4_6.1.s390.rpm ruby-debuginfo-1.8.1-7.el4_6.1.s390x.rpm ruby-devel-1.8.1-7.el4_6.1.s390x.rpm ruby-docs-1.8.1-7.el4_6.1.s390x.rpm ruby-libs-1.8.1-7.el4_6.1.s390.rpm ruby-libs-1.8.1-7.el4_6.1.s390x.rpm ruby-mode-1.8.1-7.el4_6.1.s390x.rpm ruby-tcltk-1.8.1-7.el4_6.1.s390x.rpm x86_64: irb-1.8.1-7.el4_6.1.x86_64.rpm ruby-1.8.1-7.el4_6.1.x86_64.rpm ruby-debuginfo-1.8.1-7.el4_6.1.i386.rpm ruby-debuginfo-1.8.1-7.el4_6.1.x86_64.rpm ruby-devel-1.8.1-7.el4_6.1.x86_64.rpm ruby-docs-1.8.1-7.el4_6.1.x86_64.rpm ruby-libs-1.8.1-7.el4_6.1.i386.rpm ruby-libs-1.8.1-7.el4_6.1.x86_64.rpm ruby-mode-1.8.1-7.el4_6.1.x86_64.rpm ruby-tcltk-1.8.1-7.el4_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ruby-1.8.1-7.el4_6.1.src.rpm i386: irb-1.8.1-7.el4_6.1.i386.rpm ruby-1.8.1-7.el4_6.1.i386.rpm ruby-debuginfo-1.8.1-7.el4_6.1.i386.rpm ruby-devel-1.8.1-7.el4_6.1.i386.rpm ruby-docs-1.8.1-7.el4_6.1.i386.rpm ruby-libs-1.8.1-7.el4_6.1.i386.rpm ruby-mode-1.8.1-7.el4_6.1.i386.rpm ruby-tcltk-1.8.1-7.el4_6.1.i386.rpm x86_64: irb-1.8.1-7.el4_6.1.x86_64.rpm ruby-1.8.1-7.el4_6.1.x86_64.rpm ruby-debuginfo-1.8.1-7.el4_6.1.i386.rpm ruby-debuginfo-1.8.1-7.el4_6.1.x86_64.rpm ruby-devel-1.8.1-7.el4_6.1.x86_64.rpm ruby-docs-1.8.1-7.el4_6.1.x86_64.rpm ruby-libs-1.8.1-7.el4_6.1.i386.rpm ruby-libs-1.8.1-7.el4_6.1.x86_64.rpm ruby-mode-1.8.1-7.el4_6.1.x86_64.rpm ruby-tcltk-1.8.1-7.el4_6.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ruby-1.8.1-7.el4_6.1.src.rpm i386: irb-1.8.1-7.el4_6.1.i386.rpm ruby-1.8.1-7.el4_6.1.i386.rpm ruby-debuginfo-1.8.1-7.el4_6.1.i386.rpm ruby-devel-1.8.1-7.el4_6.1.i386.rpm ruby-docs-1.8.1-7.el4_6.1.i386.rpm ruby-libs-1.8.1-7.el4_6.1.i386.rpm ruby-mode-1.8.1-7.el4_6.1.i386.rpm ruby-tcltk-1.8.1-7.el4_6.1.i386.rpm ia64: irb-1.8.1-7.el4_6.1.ia64.rpm ruby-1.8.1-7.el4_6.1.ia64.rpm ruby-debuginfo-1.8.1-7.el4_6.1.i386.rpm ruby-debuginfo-1.8.1-7.el4_6.1.ia64.rpm ruby-devel-1.8.1-7.el4_6.1.ia64.rpm ruby-docs-1.8.1-7.el4_6.1.ia64.rpm ruby-libs-1.8.1-7.el4_6.1.i386.rpm ruby-libs-1.8.1-7.el4_6.1.ia64.rpm ruby-mode-1.8.1-7.el4_6.1.ia64.rpm ruby-tcltk-1.8.1-7.el4_6.1.ia64.rpm x86_64: irb-1.8.1-7.el4_6.1.x86_64.rpm ruby-1.8.1-7.el4_6.1.x86_64.rpm ruby-debuginfo-1.8.1-7.el4_6.1.i386.rpm ruby-debuginfo-1.8.1-7.el4_6.1.x86_64.rpm ruby-devel-1.8.1-7.el4_6.1.x86_64.rpm ruby-docs-1.8.1-7.el4_6.1.x86_64.rpm ruby-libs-1.8.1-7.el4_6.1.i386.rpm ruby-libs-1.8.1-7.el4_6.1.x86_64.rpm ruby-mode-1.8.1-7.el4_6.1.x86_64.rpm ruby-tcltk-1.8.1-7.el4_6.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ruby-1.8.1-7.el4_6.1.src.rpm i386: irb-1.8.1-7.el4_6.1.i386.rpm ruby-1.8.1-7.el4_6.1.i386.rpm ruby-debuginfo-1.8.1-7.el4_6.1.i386.rpm ruby-devel-1.8.1-7.el4_6.1.i386.rpm ruby-docs-1.8.1-7.el4_6.1.i386.rpm ruby-libs-1.8.1-7.el4_6.1.i386.rpm ruby-mode-1.8.1-7.el4_6.1.i386.rpm ruby-tcltk-1.8.1-7.el4_6.1.i386.rpm ia64: irb-1.8.1-7.el4_6.1.ia64.rpm ruby-1.8.1-7.el4_6.1.ia64.rpm ruby-debuginfo-1.8.1-7.el4_6.1.i386.rpm ruby-debuginfo-1.8.1-7.el4_6.1.ia64.rpm ruby-devel-1.8.1-7.el4_6.1.ia64.rpm ruby-docs-1.8.1-7.el4_6.1.ia64.rpm ruby-libs-1.8.1-7.el4_6.1.i386.rpm ruby-libs-1.8.1-7.el4_6.1.ia64.rpm ruby-mode-1.8.1-7.el4_6.1.ia64.rpm ruby-tcltk-1.8.1-7.el4_6.1.ia64.rpm x86_64: irb-1.8.1-7.el4_6.1.x86_64.rpm ruby-1.8.1-7.el4_6.1.x86_64.rpm ruby-debuginfo-1.8.1-7.el4_6.1.i386.rpm ruby-debuginfo-1.8.1-7.el4_6.1.x86_64.rpm ruby-devel-1.8.1-7.el4_6.1.x86_64.rpm ruby-docs-1.8.1-7.el4_6.1.x86_64.rpm ruby-libs-1.8.1-7.el4_6.1.i386.rpm ruby-libs-1.8.1-7.el4_6.1.x86_64.rpm ruby-mode-1.8.1-7.el4_6.1.x86_64.rpm ruby-tcltk-1.8.1-7.el4_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/ruby-1.8.5-5.el5_2.3.src.rpm i386: ruby-1.8.5-5.el5_2.3.i386.rpm ruby-debuginfo-1.8.5-5.el5_2.3.i386.rpm ruby-docs-1.8.5-5.el5_2.3.i386.rpm ruby-irb-1.8.5-5.el5_2.3.i386.rpm ruby-libs-1.8.5-5.el5_2.3.i386.rpm ruby-rdoc-1.8.5-5.el5_2.3.i386.rpm ruby-ri-1.8.5-5.el5_2.3.i386.rpm ruby-tcltk-1.8.5-5.el5_2.3.i386.rpm x86_64: ruby-1.8.5-5.el5_2.3.x86_64.rpm ruby-debuginfo-1.8.5-5.el5_2.3.i386.rpm ruby-debuginfo-1.8.5-5.el5_2.3.x86_64.rpm ruby-docs-1.8.5-5.el5_2.3.x86_64.rpm ruby-irb-1.8.5-5.el5_2.3.x86_64.rpm ruby-libs-1.8.5-5.el5_2.3.i386.rpm ruby-libs-1.8.5-5.el5_2.3.x86_64.rpm ruby-rdoc-1.8.5-5.el5_2.3.x86_64.rpm ruby-ri-1.8.5-5.el5_2.3.x86_64.rpm ruby-tcltk-1.8.5-5.el5_2.3.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/ruby-1.8.5-5.el5_2.3.src.rpm i386: ruby-debuginfo-1.8.5-5.el5_2.3.i386.rpm ruby-devel-1.8.5-5.el5_2.3.i386.rpm ruby-mode-1.8.5-5.el5_2.3.i386.rpm x86_64: ruby-debuginfo-1.8.5-5.el5_2.3.i386.rpm ruby-debuginfo-1.8.5-5.el5_2.3.x86_64.rpm ruby-devel-1.8.5-5.el5_2.3.i386.rpm ruby-devel-1.8.5-5.el5_2.3.x86_64.rpm ruby-mode-1.8.5-5.el5_2.3.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/ruby-1.8.5-5.el5_2.3.src.rpm i386: ruby-1.8.5-5.el5_2.3.i386.rpm ruby-debuginfo-1.8.5-5.el5_2.3.i386.rpm ruby-devel-1.8.5-5.el5_2.3.i386.rpm ruby-docs-1.8.5-5.el5_2.3.i386.rpm ruby-irb-1.8.5-5.el5_2.3.i386.rpm ruby-libs-1.8.5-5.el5_2.3.i386.rpm ruby-mode-1.8.5-5.el5_2.3.i386.rpm ruby-rdoc-1.8.5-5.el5_2.3.i386.rpm ruby-ri-1.8.5-5.el5_2.3.i386.rpm ruby-tcltk-1.8.5-5.el5_2.3.i386.rpm ia64: ruby-1.8.5-5.el5_2.3.ia64.rpm ruby-debuginfo-1.8.5-5.el5_2.3.ia64.rpm ruby-devel-1.8.5-5.el5_2.3.ia64.rpm ruby-docs-1.8.5-5.el5_2.3.ia64.rpm ruby-irb-1.8.5-5.el5_2.3.ia64.rpm ruby-libs-1.8.5-5.el5_2.3.ia64.rpm ruby-mode-1.8.5-5.el5_2.3.ia64.rpm ruby-rdoc-1.8.5-5.el5_2.3.ia64.rpm ruby-ri-1.8.5-5.el5_2.3.ia64.rpm ruby-tcltk-1.8.5-5.el5_2.3.ia64.rpm ppc: ruby-1.8.5-5.el5_2.3.ppc.rpm ruby-debuginfo-1.8.5-5.el5_2.3.ppc.rpm ruby-debuginfo-1.8.5-5.el5_2.3.ppc64.rpm ruby-devel-1.8.5-5.el5_2.3.ppc.rpm ruby-devel-1.8.5-5.el5_2.3.ppc64.rpm ruby-docs-1.8.5-5.el5_2.3.ppc.rpm ruby-irb-1.8.5-5.el5_2.3.ppc.rpm ruby-libs-1.8.5-5.el5_2.3.ppc.rpm ruby-libs-1.8.5-5.el5_2.3.ppc64.rpm ruby-mode-1.8.5-5.el5_2.3.ppc.rpm ruby-rdoc-1.8.5-5.el5_2.3.ppc.rpm ruby-ri-1.8.5-5.el5_2.3.ppc.rpm ruby-tcltk-1.8.5-5.el5_2.3.ppc.rpm s390x: ruby-1.8.5-5.el5_2.3.s390x.rpm ruby-debuginfo-1.8.5-5.el5_2.3.s390.rpm ruby-debuginfo-1.8.5-5.el5_2.3.s390x.rpm ruby-devel-1.8.5-5.el5_2.3.s390.rpm ruby-devel-1.8.5-5.el5_2.3.s390x.rpm ruby-docs-1.8.5-5.el5_2.3.s390x.rpm ruby-irb-1.8.5-5.el5_2.3.s390x.rpm ruby-libs-1.8.5-5.el5_2.3.s390.rpm ruby-libs-1.8.5-5.el5_2.3.s390x.rpm ruby-mode-1.8.5-5.el5_2.3.s390x.rpm ruby-rdoc-1.8.5-5.el5_2.3.s390x.rpm ruby-ri-1.8.5-5.el5_2.3.s390x.rpm ruby-tcltk-1.8.5-5.el5_2.3.s390x.rpm x86_64: ruby-1.8.5-5.el5_2.3.x86_64.rpm ruby-debuginfo-1.8.5-5.el5_2.3.i386.rpm ruby-debuginfo-1.8.5-5.el5_2.3.x86_64.rpm ruby-devel-1.8.5-5.el5_2.3.i386.rpm ruby-devel-1.8.5-5.el5_2.3.x86_64.rpm ruby-docs-1.8.5-5.el5_2.3.x86_64.rpm ruby-irb-1.8.5-5.el5_2.3.x86_64.rpm ruby-libs-1.8.5-5.el5_2.3.i386.rpm ruby-libs-1.8.5-5.el5_2.3.x86_64.rpm ruby-mode-1.8.5-5.el5_2.3.x86_64.rpm ruby-rdoc-1.8.5-5.el5_2.3.x86_64.rpm ruby-ri-1.8.5-5.el5_2.3.x86_64.rpm ruby-tcltk-1.8.5-5.el5_2.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2376 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFIe1RLXlSAg2UNWIIRAs7wAJ95TZIQYSJIlD2t+wAjaF+2UE5DPwCePi9Z r2B3QtLlibky8F9MTvwxPGg= =9jL4 -----END PGP SIGNATURE----- --
  24. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: ruby security update Advisory ID: RHSA-2008:0562-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0562.html Issue date: 2008-07-14 CVE Names: CVE-2008-2663 CVE-2008-2664 CVE-2008-2725 CVE-2008-2726 CVE-2006-6303 CVE-2008-2376 ===================================================================== 1. Summary: Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: Ruby is an interpreted scripting language for quick and easy object-oriented programming. Multiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array or string operations. (CVE-2008-2376, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726) It was discovered that Ruby used the alloca() memory allocation function in the format (%) method of the String class without properly restricting maximum string length. An attacker could use this flaw to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using long, untrusted strings as format strings. (CVE-2008-2664) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. A flaw was discovered in the way Ruby's CGI module handles certain HTTP requests. A remote attacker could send a specially crafted request and cause the Ruby CGI script to enter an infinite loop, possibly causing a denial of service. (CVE-2006-6303) Users of Ruby should upgrade to these updated packages, which contain a backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 218287 - CVE-2006-6303 ruby's cgi.rb vulnerable infinite loop DoS 450825 - CVE-2008-2663 ruby: Integer overflows in rb_ary_store() 450834 - CVE-2008-2664 ruby: Unsafe use of alloca in rb_str_format() 451821 - CVE-2008-2725 ruby: integer overflow in rb_ary_splice/update/replace() - REALLOC_N 451828 - CVE-2008-2726 ruby: integer overflow in rb_ary_splice/update/replace() - beg + rlen 453589 - CVE-2008-2376 ruby: integer overflows in rb_ary_fill() / Array#fill 6. Package List: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 : Source: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ruby-1.6.4-6.el2.src.rpm i386: irb-1.6.4-6.el2.i386.rpm ruby-1.6.4-6.el2.i386.rpm ruby-devel-1.6.4-6.el2.i386.rpm ruby-docs-1.6.4-6.el2.i386.rpm ruby-libs-1.6.4-6.el2.i386.rpm ruby-tcltk-1.6.4-6.el2.i386.rpm Red Hat Enterprise Linux ES version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ruby-1.6.4-6.el2.src.rpm i386: irb-1.6.4-6.el2.i386.rpm ruby-1.6.4-6.el2.i386.rpm ruby-devel-1.6.4-6.el2.i386.rpm ruby-docs-1.6.4-6.el2.i386.rpm ruby-libs-1.6.4-6.el2.i386.rpm ruby-tcltk-1.6.4-6.el2.i386.rpm Red Hat Enterprise Linux WS version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ruby-1.6.4-6.el2.src.rpm i386: irb-1.6.4-6.el2.i386.rpm ruby-1.6.4-6.el2.i386.rpm ruby-devel-1.6.4-6.el2.i386.rpm ruby-docs-1.6.4-6.el2.i386.rpm ruby-libs-1.6.4-6.el2.i386.rpm ruby-tcltk-1.6.4-6.el2.i386.rpm Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ruby-1.6.8-12.el3.src.rpm i386: irb-1.6.8-12.el3.i386.rpm ruby-1.6.8-12.el3.i386.rpm ruby-debuginfo-1.6.8-12.el3.i386.rpm ruby-devel-1.6.8-12.el3.i386.rpm ruby-docs-1.6.8-12.el3.i386.rpm ruby-libs-1.6.8-12.el3.i386.rpm ruby-mode-1.6.8-12.el3.i386.rpm ruby-tcltk-1.6.8-12.el3.i386.rpm ia64: irb-1.6.8-12.el3.ia64.rpm ruby-1.6.8-12.el3.ia64.rpm ruby-debuginfo-1.6.8-12.el3.i386.rpm ruby-debuginfo-1.6.8-12.el3.ia64.rpm ruby-devel-1.6.8-12.el3.ia64.rpm ruby-docs-1.6.8-12.el3.ia64.rpm ruby-libs-1.6.8-12.el3.i386.rpm ruby-libs-1.6.8-12.el3.ia64.rpm ruby-mode-1.6.8-12.el3.ia64.rpm ruby-tcltk-1.6.8-12.el3.ia64.rpm ppc: irb-1.6.8-12.el3.ppc.rpm ruby-1.6.8-12.el3.ppc.rpm ruby-debuginfo-1.6.8-12.el3.ppc.rpm ruby-debuginfo-1.6.8-12.el3.ppc64.rpm ruby-devel-1.6.8-12.el3.ppc.rpm ruby-docs-1.6.8-12.el3.ppc.rpm ruby-libs-1.6.8-12.el3.ppc.rpm ruby-libs-1.6.8-12.el3.ppc64.rpm ruby-mode-1.6.8-12.el3.ppc.rpm ruby-tcltk-1.6.8-12.el3.ppc.rpm s390: irb-1.6.8-12.el3.s390.rpm ruby-1.6.8-12.el3.s390.rpm ruby-debuginfo-1.6.8-12.el3.s390.rpm ruby-devel-1.6.8-12.el3.s390.rpm ruby-docs-1.6.8-12.el3.s390.rpm ruby-libs-1.6.8-12.el3.s390.rpm ruby-mode-1.6.8-12.el3.s390.rpm ruby-tcltk-1.6.8-12.el3.s390.rpm s390x: irb-1.6.8-12.el3.s390x.rpm ruby-1.6.8-12.el3.s390x.rpm ruby-debuginfo-1.6.8-12.el3.s390.rpm ruby-debuginfo-1.6.8-12.el3.s390x.rpm ruby-devel-1.6.8-12.el3.s390x.rpm ruby-docs-1.6.8-12.el3.s390x.rpm ruby-libs-1.6.8-12.el3.s390.rpm ruby-libs-1.6.8-12.el3.s390x.rpm ruby-mode-1.6.8-12.el3.s390x.rpm ruby-tcltk-1.6.8-12.el3.s390x.rpm x86_64: irb-1.6.8-12.el3.x86_64.rpm ruby-1.6.8-12.el3.x86_64.rpm ruby-debuginfo-1.6.8-12.el3.i386.rpm ruby-debuginfo-1.6.8-12.el3.x86_64.rpm ruby-devel-1.6.8-12.el3.x86_64.rpm ruby-docs-1.6.8-12.el3.x86_64.rpm ruby-libs-1.6.8-12.el3.i386.rpm ruby-libs-1.6.8-12.el3.x86_64.rpm ruby-mode-1.6.8-12.el3.x86_64.rpm ruby-tcltk-1.6.8-12.el3.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ruby-1.6.8-12.el3.src.rpm i386: irb-1.6.8-12.el3.i386.rpm ruby-1.6.8-12.el3.i386.rpm ruby-debuginfo-1.6.8-12.el3.i386.rpm ruby-devel-1.6.8-12.el3.i386.rpm ruby-docs-1.6.8-12.el3.i386.rpm ruby-libs-1.6.8-12.el3.i386.rpm ruby-mode-1.6.8-12.el3.i386.rpm ruby-tcltk-1.6.8-12.el3.i386.rpm x86_64: irb-1.6.8-12.el3.x86_64.rpm ruby-1.6.8-12.el3.x86_64.rpm ruby-debuginfo-1.6.8-12.el3.i386.rpm ruby-debuginfo-1.6.8-12.el3.x86_64.rpm ruby-devel-1.6.8-12.el3.x86_64.rpm ruby-docs-1.6.8-12.el3.x86_64.rpm ruby-libs-1.6.8-12.el3.i386.rpm ruby-libs-1.6.8-12.el3.x86_64.rpm ruby-mode-1.6.8-12.el3.x86_64.rpm ruby-tcltk-1.6.8-12.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ruby-1.6.8-12.el3.src.rpm i386: irb-1.6.8-12.el3.i386.rpm ruby-1.6.8-12.el3.i386.rpm ruby-debuginfo-1.6.8-12.el3.i386.rpm ruby-devel-1.6.8-12.el3.i386.rpm ruby-docs-1.6.8-12.el3.i386.rpm ruby-libs-1.6.8-12.el3.i386.rpm ruby-mode-1.6.8-12.el3.i386.rpm ruby-tcltk-1.6.8-12.el3.i386.rpm ia64: irb-1.6.8-12.el3.ia64.rpm ruby-1.6.8-12.el3.ia64.rpm ruby-debuginfo-1.6.8-12.el3.i386.rpm ruby-debuginfo-1.6.8-12.el3.ia64.rpm ruby-devel-1.6.8-12.el3.ia64.rpm ruby-docs-1.6.8-12.el3.ia64.rpm ruby-libs-1.6.8-12.el3.i386.rpm ruby-libs-1.6.8-12.el3.ia64.rpm ruby-mode-1.6.8-12.el3.ia64.rpm ruby-tcltk-1.6.8-12.el3.ia64.rpm x86_64: irb-1.6.8-12.el3.x86_64.rpm ruby-1.6.8-12.el3.x86_64.rpm ruby-debuginfo-1.6.8-12.el3.i386.rpm ruby-debuginfo-1.6.8-12.el3.x86_64.rpm ruby-devel-1.6.8-12.el3.x86_64.rpm ruby-docs-1.6.8-12.el3.x86_64.rpm ruby-libs-1.6.8-12.el3.i386.rpm ruby-libs-1.6.8-12.el3.x86_64.rpm ruby-mode-1.6.8-12.el3.x86_64.rpm ruby-tcltk-1.6.8-12.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ruby-1.6.8-12.el3.src.rpm i386: irb-1.6.8-12.el3.i386.rpm ruby-1.6.8-12.el3.i386.rpm ruby-debuginfo-1.6.8-12.el3.i386.rpm ruby-devel-1.6.8-12.el3.i386.rpm ruby-docs-1.6.8-12.el3.i386.rpm ruby-libs-1.6.8-12.el3.i386.rpm ruby-mode-1.6.8-12.el3.i386.rpm ruby-tcltk-1.6.8-12.el3.i386.rpm ia64: irb-1.6.8-12.el3.ia64.rpm ruby-1.6.8-12.el3.ia64.rpm ruby-debuginfo-1.6.8-12.el3.i386.rpm ruby-debuginfo-1.6.8-12.el3.ia64.rpm ruby-devel-1.6.8-12.el3.ia64.rpm ruby-docs-1.6.8-12.el3.ia64.rpm ruby-libs-1.6.8-12.el3.i386.rpm ruby-libs-1.6.8-12.el3.ia64.rpm ruby-mode-1.6.8-12.el3.ia64.rpm ruby-tcltk-1.6.8-12.el3.ia64.rpm x86_64: irb-1.6.8-12.el3.x86_64.rpm ruby-1.6.8-12.el3.x86_64.rpm ruby-debuginfo-1.6.8-12.el3.i386.rpm ruby-debuginfo-1.6.8-12.el3.x86_64.rpm ruby-devel-1.6.8-12.el3.x86_64.rpm ruby-docs-1.6.8-12.el3.x86_64.rpm ruby-libs-1.6.8-12.el3.i386.rpm ruby-libs-1.6.8-12.el3.x86_64.rpm ruby-mode-1.6.8-12.el3.x86_64.rpm ruby-tcltk-1.6.8-12.el3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6303 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2376 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFIe1gHXlSAg2UNWIIRAqHZAJ0YYdTHBI+3VWFF4dmaD5mN71lp8ACeLwsY +KFTmUehS8lDB967OCewHL0= =7Ubq -----END PGP SIGNATURE----- --
  25. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: bluez-libs and bluez-utils security update Advisory ID: RHSA-2008:0581-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0581.html Issue date: 2008-07-14 CVE Names: CVE-2008-2374 ===================================================================== 1. Summary: Updated bluez-libs and bluez-utils packages that fix a security flaw are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, x86_64 3. Description: The bluez-libs package contains libraries for use in Bluetooth applications. The bluez-utils package contains Bluetooth daemons and utilities. An input validation flaw was found in the Bluetooth Session Description Protocol (SDP) packet parser used by the Bluez Bluetooth utilities. A Bluetooth device with an already-established trust relationship, or a local user registering a service record via a UNIX® socket or D-Bus interface, could cause a crash, or possibly execute arbitrary code with privileges of the hcid daemon. (CVE-2008-2374) Users of bluez-libs and bluez-utils are advised to upgrade to these updated packages, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 452715 - CVE-2008-2374 bluez-libs: SDP payload processing vulnerability 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/bluez-libs-2.10-3.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/bluez-utils-2.10-2.4.src.rpm i386: bluez-libs-2.10-3.i386.rpm bluez-libs-debuginfo-2.10-3.i386.rpm bluez-libs-devel-2.10-3.i386.rpm bluez-utils-2.10-2.4.i386.rpm bluez-utils-cups-2.10-2.4.i386.rpm bluez-utils-debuginfo-2.10-2.4.i386.rpm ia64: bluez-libs-2.10-3.i386.rpm bluez-libs-2.10-3.ia64.rpm bluez-libs-debuginfo-2.10-3.i386.rpm bluez-libs-debuginfo-2.10-3.ia64.rpm bluez-libs-devel-2.10-3.ia64.rpm bluez-utils-2.10-2.4.ia64.rpm bluez-utils-cups-2.10-2.4.ia64.rpm bluez-utils-debuginfo-2.10-2.4.ia64.rpm ppc: bluez-libs-2.10-3.ppc.rpm bluez-libs-2.10-3.ppc64.rpm bluez-libs-debuginfo-2.10-3.ppc.rpm bluez-libs-debuginfo-2.10-3.ppc64.rpm bluez-libs-devel-2.10-3.ppc.rpm bluez-utils-2.10-2.4.ppc.rpm bluez-utils-cups-2.10-2.4.ppc.rpm bluez-utils-debuginfo-2.10-2.4.ppc.rpm x86_64: bluez-libs-2.10-3.i386.rpm bluez-libs-2.10-3.x86_64.rpm bluez-libs-debuginfo-2.10-3.i386.rpm bluez-libs-debuginfo-2.10-3.x86_64.rpm bluez-libs-devel-2.10-3.x86_64.rpm bluez-utils-2.10-2.4.x86_64.rpm bluez-utils-cups-2.10-2.4.x86_64.rpm bluez-utils-debuginfo-2.10-2.4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/bluez-libs-2.10-3.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/bluez-utils-2.10-2.4.src.rpm i386: bluez-libs-2.10-3.i386.rpm bluez-libs-debuginfo-2.10-3.i386.rpm bluez-libs-devel-2.10-3.i386.rpm bluez-utils-2.10-2.4.i386.rpm bluez-utils-cups-2.10-2.4.i386.rpm bluez-utils-debuginfo-2.10-2.4.i386.rpm x86_64: bluez-libs-2.10-3.i386.rpm bluez-libs-2.10-3.x86_64.rpm bluez-libs-debuginfo-2.10-3.i386.rpm bluez-libs-debuginfo-2.10-3.x86_64.rpm bluez-libs-devel-2.10-3.x86_64.rpm bluez-utils-2.10-2.4.x86_64.rpm bluez-utils-cups-2.10-2.4.x86_64.rpm bluez-utils-debuginfo-2.10-2.4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/bluez-libs-2.10-3.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/bluez-utils-2.10-2.4.src.rpm i386: bluez-libs-2.10-3.i386.rpm bluez-libs-debuginfo-2.10-3.i386.rpm bluez-libs-devel-2.10-3.i386.rpm bluez-utils-2.10-2.4.i386.rpm bluez-utils-cups-2.10-2.4.i386.rpm bluez-utils-debuginfo-2.10-2.4.i386.rpm ia64: bluez-libs-2.10-3.i386.rpm bluez-libs-2.10-3.ia64.rpm bluez-libs-debuginfo-2.10-3.i386.rpm bluez-libs-debuginfo-2.10-3.ia64.rpm bluez-libs-devel-2.10-3.ia64.rpm bluez-utils-2.10-2.4.ia64.rpm bluez-utils-cups-2.10-2.4.ia64.rpm bluez-utils-debuginfo-2.10-2.4.ia64.rpm x86_64: bluez-libs-2.10-3.i386.rpm bluez-libs-2.10-3.x86_64.rpm bluez-libs-debuginfo-2.10-3.i386.rpm bluez-libs-debuginfo-2.10-3.x86_64.rpm bluez-libs-devel-2.10-3.x86_64.rpm bluez-utils-2.10-2.4.x86_64.rpm bluez-utils-cups-2.10-2.4.x86_64.rpm bluez-utils-debuginfo-2.10-2.4.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/bluez-libs-2.10-3.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/bluez-utils-2.10-2.4.src.rpm i386: bluez-libs-2.10-3.i386.rpm bluez-libs-debuginfo-2.10-3.i386.rpm bluez-libs-devel-2.10-3.i386.rpm bluez-utils-2.10-2.4.i386.rpm bluez-utils-cups-2.10-2.4.i386.rpm bluez-utils-debuginfo-2.10-2.4.i386.rpm ia64: bluez-libs-2.10-3.i386.rpm bluez-libs-2.10-3.ia64.rpm bluez-libs-debuginfo-2.10-3.i386.rpm bluez-libs-debuginfo-2.10-3.ia64.rpm bluez-libs-devel-2.10-3.ia64.rpm bluez-utils-2.10-2.4.ia64.rpm bluez-utils-cups-2.10-2.4.ia64.rpm bluez-utils-debuginfo-2.10-2.4.ia64.rpm x86_64: bluez-libs-2.10-3.i386.rpm bluez-libs-2.10-3.x86_64.rpm bluez-libs-debuginfo-2.10-3.i386.rpm bluez-libs-debuginfo-2.10-3.x86_64.rpm bluez-libs-devel-2.10-3.x86_64.rpm bluez-utils-2.10-2.4.x86_64.rpm bluez-utils-cups-2.10-2.4.x86_64.rpm bluez-utils-debuginfo-2.10-2.4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bluez-libs-3.7-1.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bluez-utils-3.7-2.2.src.rpm i386: bluez-libs-3.7-1.1.i386.rpm bluez-libs-debuginfo-3.7-1.1.i386.rpm bluez-utils-3.7-2.2.i386.rpm bluez-utils-cups-3.7-2.2.i386.rpm bluez-utils-debuginfo-3.7-2.2.i386.rpm x86_64: bluez-libs-3.7-1.1.i386.rpm bluez-libs-3.7-1.1.x86_64.rpm bluez-libs-debuginfo-3.7-1.1.i386.rpm bluez-libs-debuginfo-3.7-1.1.x86_64.rpm bluez-utils-3.7-2.2.x86_64.rpm bluez-utils-cups-3.7-2.2.x86_64.rpm bluez-utils-debuginfo-3.7-2.2.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bluez-libs-3.7-1.1.src.rpm i386: bluez-libs-debuginfo-3.7-1.1.i386.rpm bluez-libs-devel-3.7-1.1.i386.rpm x86_64: bluez-libs-debuginfo-3.7-1.1.i386.rpm bluez-libs-debuginfo-3.7-1.1.x86_64.rpm bluez-libs-devel-3.7-1.1.i386.rpm bluez-libs-devel-3.7-1.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bluez-libs-3.7-1.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bluez-utils-3.7-2.2.src.rpm i386: bluez-libs-3.7-1.1.i386.rpm bluez-libs-debuginfo-3.7-1.1.i386.rpm bluez-libs-devel-3.7-1.1.i386.rpm bluez-utils-3.7-2.2.i386.rpm bluez-utils-cups-3.7-2.2.i386.rpm bluez-utils-debuginfo-3.7-2.2.i386.rpm ia64: bluez-libs-3.7-1.1.ia64.rpm bluez-libs-debuginfo-3.7-1.1.ia64.rpm bluez-libs-devel-3.7-1.1.ia64.rpm bluez-utils-3.7-2.2.ia64.rpm bluez-utils-cups-3.7-2.2.ia64.rpm bluez-utils-debuginfo-3.7-2.2.ia64.rpm ppc: bluez-libs-3.7-1.1.ppc.rpm bluez-libs-3.7-1.1.ppc64.rpm bluez-libs-debuginfo-3.7-1.1.ppc.rpm bluez-libs-debuginfo-3.7-1.1.ppc64.rpm bluez-libs-devel-3.7-1.1.ppc.rpm bluez-libs-devel-3.7-1.1.ppc64.rpm bluez-utils-3.7-2.2.ppc.rpm bluez-utils-cups-3.7-2.2.ppc.rpm bluez-utils-debuginfo-3.7-2.2.ppc.rpm x86_64: bluez-libs-3.7-1.1.i386.rpm bluez-libs-3.7-1.1.x86_64.rpm bluez-libs-debuginfo-3.7-1.1.i386.rpm bluez-libs-debuginfo-3.7-1.1.x86_64.rpm bluez-libs-devel-3.7-1.1.i386.rpm bluez-libs-devel-3.7-1.1.x86_64.rpm bluez-utils-3.7-2.2.x86_64.rpm bluez-utils-cups-3.7-2.2.x86_64.rpm bluez-utils-debuginfo-3.7-2.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2374 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFIe1uBXlSAg2UNWIIRAtQzAJ4ibtJQcMpYv1yeQ+z/bu8+klcDAwCdF5lb L9br//0aSCZqA99PSZgd3ac= =mb9u -----END PGP SIGNATURE----- --
×