Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    The following errata for CentOS-2 have been built and uploaded to the centos mirror: RHSA-2008:0547-01 Critical: seamonkey security update Files available: seamonkey-1.0.9-0.17.el2.c2.1.i386.rpm seamonkey-chat-1.0.9-0.17.el2.c2.1.i386.rpm seamonkey-devel-1.0.9-0.17.el2.c2.1.i386.rpm seamonkey-dom-inspector-1.0.9-0.17.el2.c2.1.i386.rpm seamonkey-js-debugger-1.0.9-0.17.el2.c2.1.i386.rpm seamonkey-mail-1.0.9-0.17.el2.c2.1.i386.rpm seamonkey-nspr-1.0.9-0.17.el2.c2.1.i386.rpm seamonkey-nspr-devel-1.0.9-0.17.el2.c2.1.i386.rpm seamonkey-nss-1.0.9-0.17.el2.c2.1.i386.rpm seamonkey-nss-devel-1.0.9-0.17.el2.c2.1.i386.rpm More details are available from the RedHat web site at https://rhn.redhat.com/errata/rh21as-errata.html The easy way to make sure you are up to date with all the latest patches is to run: # yum update -- John Newbigin ITS Senior Analyst / Programmer Faculty of Information and Communication Technologies Swinburne University of Technology Melbourne, Australia http://www.ict.swin.edu.au/staff/jnewbigin _______________________________________________
  2. news
    Visit Ninjalane - http://www.ninjalane.com body { margin: 0px; padding: 10px; text-align: left; background-color: #FFF; } #header { vertical-align: top; height: 80px; } #footer { font-family: arial, Helvetica, sans-serif; font-size: 10px; color: #000; margin-top: 5px; padding: 3px; } .titletext { font-family: Arial, Helvetica, sans-serif; font-size: 18px; font-weight: bold; color: #852222; } .subtitletext { font-family: Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; color: #9E9E9E; } .bodytext { font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #000000; } .smalltext { font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #9E9E9E; } b { font-weight: bold; } i { font-style: italic; } a { color: #C00; } Hello Everyone,Ninjalane has posted a preview article featuring the DFI Lanparty UT X48 DDR3 edition. This is a long awaited board, but what DFI board isn't?Subject: DFI Lanparty UT X48 T3R Preview ( -at -) NinjalaneURL: http://www.ninjalane.com/display.aspx?docname=lanparty-x48-t3r_preA news posting would be appreciatedThanksDennis Garciahttp://www.ninjalane.com To no longer receive these types of emails please login to your member account and adjust your subscription settings. Your login is the email address we sent this message to. The account password has been generated so choose to have the password emailed to you. If you continue to have issues please contact us at support ( -at -) ninjalane.com and we will do what we can to help. Copyright © Ninja Lane 1999-2008 All rights reserved
  3. news
    This is a multi-part message in MIME format... ------------=_1215027351-11275-6932 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Advisory MDVA-2008:102 http://www.mandriva.com/security/ _______________________________________________________________________ Package : mkinitrd Date : July 2, 2008 Affected: 2008.1 _______________________________________________________________________ Problem Description: This mkinitrd update fixes issues with systems using dmraid. It makes sure that the modules for the disk controllers used by a dmraid array are included in the initrd. _______________________________________________________________________ References: http://qa.mandriva.com/show_bug.cgi?id=39481 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: 55517f21487aecbf090bc8f0b6b63b20 2008.1/i586/libbdevid-python-6.0.37-2.1mnb1.i586.rpm 1e4e8e4318574a5743a3d9281b751700 2008.1/i586/mkinitrd-6.0.37-2.1mnb1.i586.rpm fd180f73357850b37f216efd5ab9f917 2008.1/i586/mkinitrd-devel-6.0.37-2.1mnb1.i586.rpm b0109f27a40f935746da36a788a22dd1 2008.1/i586/nash-6.0.37-2.1mnb1.i586.rpm 1c6b188036e4b9916fa6be6b94c91c7a 2008.1/SRPMS/mkinitrd-6.0.37-2.1mnb1.src.rpm Mandriva Linux 2008.1/X86_64: 499d7cfafa36ec8010b5868273d77e50 2008.1/x86_64/libbdevid-python-6.0.37-2.1mnb1.x86_64.rpm 2695d606c74c174c087792491389181e 2008.1/x86_64/mkinitrd-6.0.37-2.1mnb1.x86_64.rpm 119d2705c7d53fa4329731235a517350 2008.1/x86_64/mkinitrd-devel-6.0.37-2.1mnb1.x86_64.rpm 976b3bc6dffeec5f407f6be95f03b3ce 2008.1/x86_64/nash-6.0.37-2.1mnb1.x86_64.rpm 1c6b188036e4b9916fa6be6b94c91c7a 2008.1/SRPMS/mkinitrd-6.0.37-2.1mnb1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIa62wmqjQ0CJFipgRAvsuAKCwQLMyZCkXuTmcflK7TCnfa6ZsogCgjrzt nzr25t+P/TjcyFwLDBAwuoI= =OOi1 -----END PGP SIGNATURE----- ------------=_1215027351-11275-6932 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________ ------------=_1215027351-11275-6932--
  4. news
    TechwareLabs has published a review of the Symphonic Designs Tube Amplifier with iPod Dock and Bluetooth. Here's a clip from the review: Quote: For the high end audio enthusiast the holy grail has always been vacuum tubes. Nothing else is capable of producing as clear or powerful sound. We take a look at the Symphonic Designs Vacuum Tube Amplifier which mates old with new in its design which integrates an iPod dock and even bluetooth. Do we like this "lifestyles of the rich and famous" priced amplifier? Or do we think it needs some more refinement. Read our review to find out. LINK: http://www.techwarelabs.com/reviews/audio/symphonic-designs/ Title: Symphonic Designs Tube Amplifier ( -at -) TechwareLabs Image: http://www.techwarelabs.com/reviews/audio/symphonic-designs/images/sd-1.jpg A news post would be greatly appreciated!
  5. news
    New Desinformado PDF based Newsletter launched - Published on 07/02/08 Desinformado is proud to announce their Desinformado Technology and Lifestyle Newsletter, a pdf based newsletter about technology, gadgets, mobile phones and mac related news that will be downloadable every month from Desinformado and other technology blogs. Santiago, Dominican Republic - Desinformado is proud to announce their Desinformado Technology and Lifestyle Newsletter, a pdf based newsletter about technology, gadgets, mobile phones and mac related news that will be downloadable every month from Desinformado and other technology blogs. The Desinformado Technology and Lifestyle Newsletter is a hobbyist publication aimed a young and not so young technology fans. The newsletter will serve as a new way to reach a broader audience providing fresh information, tips and tricks, iphone tutorials, applications and services reviews. The Newsletter will feature articles from technology experts, bloggers and reviews with a keen sense of details. It is an extension of our blogs and it is free to everybody that can help writing, just send us your blog post. At the same time Desinformado Technology and Lifestyle Newsletter will be an affordable way to promote your products and services, reaching an even broader audience. Desinformado: http://www.desinformado.com Direct Download Link: http://www.desinformado.com/newsletter/desinformadonewsletterv1.pdf Screenshot: http://www.desinformado.com/images/thenewsletter.jpg Desinformado.com is the younger technology related blog, with an increasing day by day audience we are making our way to the mainstream media, providing technology news and information for all ages and geography locations. ### Frank Guillen Webmaster 809-851-8403 media ( -at -) desinformado.com ******* ******* *******
  6. news
    New Software Empowers iPhone Users To Turn Any Media File Into Ringtones - Published on 07/02/08 Information Appliance Associates announces the release of the PocketMac RingtoneStudio for iPhone, a new tool that gives iPhone users the power to convert almost any media file on their Macs into a ringtone. PocketMac RingtoneStudio works with sound files, iTunes tracks you own, and any Mac-friendly movie formats to produce ringtones that can then be automatically synched to an iPhone. San Diego, CA - Information Appliance Associates, creators of industry-leading connectivity solutions, announces the release of the PocketMac® RingtoneStudio for iPhone, a new tool that gives iPhone users the power to convert almost any media file on their Macs into a ringtone. "We're incredibly excited," said Terence Goggin, CTO of Information Appliance Associates. "The iPhone is great, and as more people are using it, they want to expand the variety of ringtones they can use on their iPhone. But it was either too expensive or too difficult to do on their own. That's where this software comes in." PocketMac RingtoneStudio works with sound files, iTunes tracks you own, and any Mac-friendly movie formats to produce ringtones that can then be automatically synched to an iPhone. One of the many powerful features of PocketMac RingtoneStudio is EditingBay, which allows users to select exactly which 30 seconds they want to use at their ringtone. Goggin added, "With the EditingBay feature, customers can select whatever 30 seconds they want from the movies and music files. Literally any 30 seconds from each file. The 30 seconds from the beginning, the 30 seconds smack dab in the middle, or somewhere towards the end. It's visual, simple and completely up to the customer what they want to choose." Pricing and Availability: PocketMac RingtoneStudio works on OS 10.4.x and 10.5.x (Tiger and Leopard) and retails for $14.95 USD. A YouTube video demonstrating PocketMac RingtoneStudio is available. More information about the PocketMac RingtoneStudio for iPhone can be found at their website. "This opens up an entirely new world of source material for iPhone users looking to create custom ringtones. Using the powerful but easy- to-use editing features of PocketMac Ringtone Studio, iPhone users can now select up to 30 seconds from any of their favorite music, movies or iTunes files, and easily make them into ringtones," Goggin continued. "This opens up new possibilities for iPhone users." PocketMac: http://www.pocketmac.net/ RingtoneStudio: http://www.pocketmac.net/ringtonestudio.html YouTube Video Demo: Purchase Link: http://store.esellerate.net/pocketmac/buyrts?PT=press Information Appliance Associates (IAA) is a world leader in creating unique software solutions, primarily for the Macintosh platform. Their first product, PocketMac Pro, the original Mac-to-Pocket-PC sync solution accomplished what at the time was thought impossible--connecting a Mac to a Pocket PC. IAA then expanded into other areas of connectivity with their Microsoft Smartphone product, their iPod product and their BlackBerry sync and multimedia solution. ### Timothy Goggin VP 858-775-6116 timg ( -at -) pocketmac.net *******
  7. news
    Hello, - Legendary Weapons Trailer http://www.gamershell.com/news_54198.html - Ninjatown Trailer #2 http://www.gamershell.com/news_54196.html - BAJA Sponsorship and Damage Trailers Released http://www.gamershell.com/news_54194.html Best Regards, GamersHell.com Staff =============================================================================
  8. news
    Online Community for FileMaker Enthusiasts - Published on 07/02/08 FMGreet is a social networking site for FileMaker enthusiasts. FMGreet was created as an interactive messaging board for individuals attending Devcon as well as those unable to attend. FMGreet provides an easy way for all Devcon members to communicate and provides live information upadates and podcast to those unable to attend. FMGreet is free for everyone to use. Our goals are simple, to give everyone a voice, and to provide valuable information to everyone in the FileMaker community. Richmond, VA - FMWebschool, Inc., Announces FMGreet, an Online Community for FileMaker Enthusiasts. FMGreet is a social networking site for FileMaker enthusiasts. FMGreet was created as an interactive messaging board for individuals attending Devcon as well as those unable to attend. FMGreet provides an easy way for all Devcon members to communicate and provides live information upadates and podcast to those unable to attend. Why did we create FMGreet? It only happens once a year. That's right, your chance to meet other FileMaker enthusiasts is an annual experience. It certainly doesn't have to be that way. Every year FileMaker holds a convention called Devcon with an average of 1300 attendees from around the world. Developers en masse run from session to session and meeting to meeting without taking the time to really get to know one another. FMGreet hopes to change all of this by offering a website that actively brings the FileMaker community together - providing valuable information to Devcon attendees and those not attending. Every year developers unable to attend Devcon are left in a virtual information black hole. This is all about to change with our new campaign "No Developer Left Behind"! FMGreet Brings the FileMaker Community Together FMGreet is unique in many ways. First and foremost it was created to give the individual a voice. Visitors to FMGreet can create a profile, blog, post to the message board as well as communicate privately with their friends. A new exciting addition is our "Connection Questionnaire". The Connection Questionnaire is a series of questions that once answered we use our compatibility algorithm to match individuals with alike interest. This is a fun way to make new friends and establish new business relationships. FMGreet doesn't hold back when it comes to features. Currently FMGreet is focusing on the FileMaker convention to add value to everyones experience. Here is what FMGreet has to offer. * Message boards for General Conversations, Announcements, Consulting Help or Services, Youth Activities, Travel * Personal Profiles with personal chat wall * Podcast section to keep everyone informed of the daily events and new exciting announcements from Filemaker and 3rd party developers. * Live Webinars * Session section which includes all of the speakers, and a feedback section of speaker reviews * Free SMS alerts - attendees can choose to be notified when events and sessions will take place * Free blogging - Courtesy of FMGateway. FMGreeters can create their own hosted blog for free * Private messaging all guest can send private messages to one another * Session news and uploads - presenters can upload notes from their sessions and make them freely available to everyone FMGreet is a free for everyone to use. Our goals are simple, to give everyone a voice, and to provide valuable information to everyone in the FileMaker community. Be sure to check out FMGreet and become a part of this exciting growing community. FMGreet Website: http://www.fmgreet.com FMGreet Hosted By: http://www.fmgateway.com FMGreet was created with: http://www.fmwebschool.com/fmstudio.php FMWebschool is a team of creative developers specializing in innovative PHP and FileMaker web solutions since 1999. FMWebschool focuses on progressive FileMaker integrated turnkey solutions, training, books, hosting and learning resources to facilitate FileMaker web publishing. FMWebschool has a solid track record and reputation for outstanding customer support and has just won the "Mad Dog Award" from FileMaker Inc. ### Stephen Knight Vice President 800-353-7950 info ( -at -) fmwebschool.com *******
  9. news
    Lemke Software updates GraphicConverter to Version 6.1.1 - Published on 07/02/08 Lemke Software is proud to announce the immediate availability of GraphicConverter 6.1.1, their image editing and conversion utility for Mac OS X. GraphicConverter is the ultimate tool for image editing, image browsing, metadata editing, slideshows, image conversion from more than 200 file formats and much more. Version 6.1.1 includes many bug fixes and little enhancements and is a recommended update for all customers. Peine, Germany - Peine, Germany - Lemke Software is proud to announce the immediate availability of GraphicConverter 6.1.1, their image editing and conversion utility for Mac OS X. GraphicConverter is the ultimate tool for image editing, image browsing, metadata editing, slideshows, image conversion from more than 200 file formats and much more. Version 6.1.1 includes many bug fixes and little enhancements and is a recommended update for all customers. New Feature Highlights: * Decoding of all images of mime attachments added (UB) * Set label in operator added (UB) * Sort by label and creation date option added to browser Updated features: * Drawing inside alpha channel added as option * Calliper calibration supports shift for horizontal or vertical mode only * Set rating does no longer rewrite the exif data * Sort folders option added to catalog printing * Saving icns saves the large 512x512 icons (UB) * IPTC window in browser support unicode display (UB) Language support: German, English, French, Danish, Sweden, Italian, Spanish, Chinese (simplified), Chinese (traditional), Czech, Dutch, and Catalan Minimum Requirements: * Mac OS 10.4.4 or later for the Universal Binary version * Mac OS 10.1.5 or later for the X version * Mac OS 8.6 - 9.2.2 for the Classic version * 40 MB Hard Drive space Pricing and Availability: GraphicConverter 6.1.1 is a free update to registered users of GraphicConverter 6.0-6.1. New users may purchase the software for $34.95 USD directly from their website. New users can download a free trial version from their website. Lemke Software website: http://www.lemkesoft.com GraphicConverter: http://www.lemkesoft.com/xd/public/content/index._cGlkPTE5Mw_.html Direct Download Link: http://www.lemkesoft.com/public/content/index._cGlkPTg4_.html Purchase Link: http://www.lemkesoft.com/order.html Lemke Software is a developer and publisher of Macintosh software since 1992. © 2008 Lemke Software, Peine - Germany. ### Thorsten Lemke President +49 5171 72200 lemke ( -at -) lemkesoft.de *******
  10. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: PowerColor AMD TV Wonder 600 PCIe x1 Link: http://www.techpowerup.com/reviews/Powercolor/TV_Wonder_600 Brief: The new TV Wonder 600 PCIe TV tuner card is the PCI-Express x1 entry level model of the new series. This is also the first time that the TV Wonder series is available in Europe with the PAL standard. It can be used for analog or DVB-T signals and manages MPEG encoding by software. The card is built on a fancy purple PCB, comes with an extremely stylish IR receiver along with a remote and PowerCinema 5.
  11. news
    Hello Everyone, While there are quite a few manufacturers building GeForce 8800M equipped notebooks, almost all of them are high-end products that demand top dollar for the pleasure. Gateway's "P-Series FX" line-up of 17" gaming notebooks seems no different at first glance. However, careful inspection of their product specifications reveals that the most junior P-Series FX model weighs in at just $1,349.99, a decidedly mid-range price point for this type of machine. Yet it's still powered by a GeForce 8800M, just like the rest of the otherwise high-end FX notebook line-up. This GPU choice alone potentially makes the junior P-Series FX model one of the best gaming and multimedia machines in the entire mid-range notebook price segment, so we couldn't resist taking a closer look. Come on by the site and check it out... URL: http://www.hothardware.com/Articles/Gateway_P6831FX_Gaming_Notebook Site: http://www.hothardware.com/ As always, a link in your news sections would be much appreciated! If you'd like us to return the favor, please don't hesitate to send your press
  12. news
    Hello, - Live for Speed S2 Alpha Z Demo http://www.gamershell.com/news_54192.html - TAGAP: The Apocalyptic Game About Penguins Free Full Game v1.7 http://www.gamershell.com/news_54190.html Best Regards, GamersHell.com Staff =============================================================================
  13. news
    I spend most of my time reviewing chipsets, motherboards, hard drives, power supply units, and sound cards—the geeky bits inside a modern PC. Every so often, though, I get the chance to tread well off the beaten path. Such was the case a couple of years ago with Sumo's Omni—a bean bag chair of generous proportions, and perhaps the ultimate cradle for console gamers. As expansive and comfortable as it was at the time, I couldn't help but wish the Omni were plusher. And now it is, with a new model ditching the swishy nylon of old in favor of sumptuous microsuede. Dubbed the SumoSac, this latest take on the iconic bean bag chair has also succumbed to the obesity epidemic, swelling generously on a high-carb diet of furniture-grade foam. So the SumoSac is bigger and cushier than the original Omni. But is it too much of a good thing? http://techreport.com/discussions.x/15038 Thanks, Geoff ---- Geoff Gasior The Tech Report http://techreport.com -- To unsubscribe from: TR-News, just follow this link:
  14. news
    Hello, - Rummikub Announced http://www.gamershell.com/news_54186.html - Sho Online Expansion Details/Screens Released http://www.gamershell.com/news_54184.html - Castlevania Judgment Announced http://www.gamershell.com/news_54178.html - Stargate Worlds First Look Tonight on G4TV http://www.gamershell.com/news_54176.html - Izuna 2: The Unemployed Ninja Returns Collectible Mini-Poster Plan Announced http://www.gamershell.com/news_54174.html - Venture Arctic Retail Release Announced and Demo http://www.gamershell.com/news_54166.html - Cronous: Evolution Update Released http://www.gamershell.com/news_54164.html - Elf Online Screens #4 http://www.gamershell.com/news_54162.html - Command & Conquer 3 Tiberium Wars Gone Mobile http://www.gamershell.com/news_54156.html Best Regards, GamersHell.com Staff =============================================================================
  15. news
    Bigbruin.com has new content posted... A mention in your site's news section would be greatly appreciated! Title: Sapphire 1024MB Radeon HD3850 Graphics Card URL: http://www.bigbruin.com/2008/sapphire3850_1 Image URL (150x70 pixels): http://www.bigbruin.com/2008/sapphire3850/logo.gif Quote: By taking the decent features and specifications that the ATI Radeon HD3850 GPU offers on its own and enhancing it with a few tweaks here and there, Sapphire just might be able to deliver on the marketing hype found on the box for this card... "Delivering mayhem to the mainstream". Thank you. Best regards, Jason www.bigbruin.com
  16. news
    Hello, - World in Conflict v1.009 Patch http://www.gamershell.com/news_54182.html - Making History: The Calm & the Storm v2.0.4 Demo http://www.gamershell.com/news_54180.html Best Regards, GamersHell.com Staff =============================================================================
  17. news
    Hello, - Dreamlords: The Reawakening Gameplay Movie http://www.gamershell.com/news_54172.html - City Life Edition 2008 Trailer #4 http://www.gamershell.com/news_54170.html - Warcraft 3 v1.22a Patch http://www.gamershell.com/news_54168.html Best Regards, GamersHell.com Staff =============================================================================
  18. news
    Digit-Life Review: AMD Phenom X4 In Real-Life Applications Excerpt: "This small article touches upon a single problem: how memory performance affects the speed of a computer based on a quad-core AMD Phenom X4 9850 processor. However, it would be reasonable to assume that tendencies discovered in this article will be true for at least all Phenom X4 products." Article: http://www.digit-life.com/articles3/cpu/amd-phenom-x4-9850-ddr2-533-p1.html A post on your website would be appreciated! To exchange news & reviews with Digit-Life, to change subscription address, or to unsubscribe write to cormac ( -at -) ixbt.com. If you post notes about Digit-Life reviews, but don't see me doing the same, please email me as well. Best regards, Artem Pavlenko, www.Digit-Life.com / iXBT.com
  19. news
    Hello Everyone, Lubix UBHS-NC1 Stereo Bluetooth Headset " I have always been a bit weary of doing reviews of things very subjective and a Bluetooth headset is just one of those things. When Lubix offered to send a review sample over, I was hesitant until they insisted. I'm glad they did since the UBHS-NC1 is a great stereo headset. I'm not a headset kind of person, but as standard Bluetooth headphones, they rock. " Link: http://www.aselabs.com/articles.php?id=263 Thumb: http://www.aselabs.com/members/attachments/upload/2008/06/27/2650t.jpg
  20. news
    The Motorola H680 Bluetooth wireless headset was designed to be fashionable, small and comfortable, but it also just happens to be affordable. Available for under $40 the Motorola H680 is sure to be popular for California drivers that are now no longer able to hold their cell phones up to their ears while behind the wheel without getting a ticket. With a first-time offense fine of $20 and a second-time fine of $50, now is the perfect time to pick up a Bluetooth headset. Quote: "Today we look at Motorola’s newest offering to augment their huge Bluetooth stable, the H680. Motorola designed this headset to look stylish and feel elegant. It has a very small footprint and weighs in at a very light 12 grams. Even with its small size, Motorola says the battery can last for 8 hours of talk time with a stand by time of up to 8 days. The slick-looking H680 comes with a charging case that plugs into a “micro” USB to charge up the headset. In an unusual move, Motorola even included a dedicated “on/off” button on the back of the headset..." Article Title: Motorola H680 Bluetooth Headset Review ( -at -) Legit Reviews Article URL: http://legitreviews.com/article/739/1/ --
  21. news
    Cocktail 4.1.3 (Leopard Edition) has been released - Published on 07/02/08 Maintain has announced the release of Cocktail 4.1.3 (Leopard Edition). Cocktail 4.1.3 (Leopard Edition) is the latest maintenance update for Cocktail. It adds Mac OS X 10.5.4 compatibility and fixes other bugs discovered in the previous release. The update is strongly recommended for all users of Cocktail (Leopard Edition). Cocktail is an award winning general purpose utility for Mac OS X. Ekero, Sweden - Maintain has announced the release of Cocktail 4.1.3 (Leopard Edition). Cocktail 4.1.3 (Leopard Edition) is the latest maintenance update for Cocktail (Leopard Edition). It adds Mac OS X 10.5.4 compatibility, fixes a bug in which Firefox 3 bookmarks have been reverted to an outdated version during clearing of the Internet caches, addresses an issue in which Cocktail may stop responding during clearing of the user caches and resolves an issue in which the uninstaller may fail to reset UDP settings to their default values. The update is strongly recommended for all users of Cocktail (Leopard Edition). Cocktail 4.1.3 (Leopard Edition) is distributed as a Universal Binary and runs natively on both PowerPC and Intel Macs. Cocktail 4.1.3 (Leopard Edition) requires Mac OS X / Mac OS X Server 10.5 or later and is tested for compatibility with Mac OS X and Mac OS X Server 10.5.4. Cocktail 4.0.2 (Tiger Edition) for Mac OS X 10.4.x and Cocktail 3.7 (Panther Edition) for Mac OS X 10.3.x are available for download from our website. Cocktail is an award winning general purpose utility for Mac OS X. It is a smooth and powerful digital toolset with a variety of practical features that simplifies the use of advanced UNIX functions and helps hundreds of thousands of Mac users around the world to get the most out of their computers. The application serves up a scrumptious mix of maintenance tools and interface tweaks, all accessible via a comprehensive graphical interface. Most of Cocktail's major features are arranged in five basic categories. In addition, a Pilot lets you clean, repair and optimize your system with one click of the button. Maintain Website: http://www.maintain.se Cocktail Website: http://cocktail.maintain.se Direct Download Link: http://mirror-maintain.com/downloads/CocktailLE.dmg Purchase Link: http://www.maintain.se/cocktail/buy.php Screenshot 1: http://www.maintain.se/cocktail/screenshots/screenshot1.jpg Screenshot 2: http://www.maintain.se/cocktail/screenshots/screenshot2.jpg Maintain develops tailored applications for Mac users. We work towards creating technical solutions which maintain your computer and make it as efficient and easy to use as possible. In addition, we offer comprehensive consultancy and support services which cover everything from operation of existing systems to purchase and implementation of new technical solutions. ### Kristofer Szymanski President 46856035950 info ( -at -) maintain.se *******
  22. news
    The horror gaming market has been craving a quality console title for quite some time. Atari are keen to address this with the release of Alone In The Dark on the X360. A vast, inspiring world full of horrific creatures and mind warping puzzles is a hard goal to achieve; can developer Eden games deliver the goods? http://www.driverheaven.net/gamingreviews.php?reviewid=613 DriverHeaven and GamingHeaven News Mailer
  23. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Application Stack v2.1 security and enhancement update Advisory ID: RHSA-2008:0505-01 Product: Red Hat Application Stack Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0505.html Issue date: 2008-07-02 CVE Names: CVE-2008-2079 CVE-2008-2051 CVE-2007-5898 CVE-2007-5899 CVE-2007-4782 CVE-2008-2107 CVE-2008-2108 CVE-2008-0599 ===================================================================== 1. Summary: Red Hat Application Stack v2.1 is now available. This update fixes various security issues and adds several enhancements. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v2 for Enterprise Linux (v.5) - i386, noarch, x86_64 3. Description: The Red Hat Application Stack is an integrated open source application stack, and includes JBoss Enterprise Application Platform (EAP). Starting with this update, JBoss EAP is no longer provided via the Application Stack channels. Instead, all Application Stack customers are automatically entitled to the JBoss EAP channels. This ensures all users have immediate access to JBoss EAP packages when they are released, ensuring lesser wait for security and critical patches. As a result, you must MANUALLY subscribe to the appropriate JBoss EAP channel, as all further JBoss EAP updates will only go to that channel. This update also entitles all customers to the JBoss EAP 4.3.0 channels. Users receive support for JBoss EAP 4.3.0 if they choose to install it. Important: downgrading from JBoss EAP 4.3.0 to 4.2.0 is unsupported. PHP was updated to version 5.2.6, fixing the following security issues: It was discovered that the PHP escapeshellcmd() function did not properly escape multi-byte characters which are not valid in the locale used by the script. This could allow an attacker to bypass quoting restrictions imposed by escapeshellcmd() and execute arbitrary commands if the PHP script was using certain locales. Scripts using the default UTF-8 locale are not affected by this issue. (CVE-2008-2051) The PHP functions htmlentities() and htmlspecialchars() did not properly recognize partial multi-byte sequences. Certain sequences of bytes could be passed through these functions without being correctly HTML-escaped. Depending on the browser being used, an attacker could use this flaw to conduct cross-site scripting attacks. (CVE-2007-5898) A PHP script which used the transparent session ID configuration option, or which used the output_add_rewrite_var() function, could leak session identifiers to external web sites. If a page included an HTML form with an ACTION attribute referencing a non-local URL, the user's session ID would be included in the form data passed to that URL. (CVE-2007-5899) It was discovered that the PHP fnmatch() function did not restrict the length of the string argument. An attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted input data. (CVE-2007-4782) It was discovered that PHP did not properly seed its pseudo-random number generator used by functions such as rand() and mt_rand(), possibly allowing an attacker to easily predict the generated pseudo-random values. (CVE-2008-2107, CVE-2008-2108) A flaw was found in PHP's CGI server API. If the web server did not set DOCUMENT_ROOT environment variable for PHP (e.g. when running PHP in the FastCGI server mode), an attacker could cause a crash of the PHP child process, causing a temporary denial of service. (CVE-2008-0599) MySQL was updated to version 5.0.50sp1a, fixing the following security issue: MySQL did not correctly check directories used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an authenticated attacker could elevate their access privileges to tables created by other database users. Note: this attack does not work on existing tables. An attacker can only elevate their access to another user's tables as the tables are created. As well, the names of these created tables need to be predicted correctly for this attack to succeed. (CVE-2008-2079) The following packages are updated: * httpd to 2.2.8 * mod_jk to 1.2.26 * mod_perl to 2.0.4 * the MySQL Connector/ODBC to 3.51.24r1071 * the MySQL Connector/J (JDBC driver) to 5.0.8 * perl-DBD-MySQL to 4.006 * perl-DBI to 1.604 * postgresql to 8.2.7 * postgresql-jdbc to 8.2.508 * postgresqlclient81 to 8.1.11 * postgresql-odbc to 8.02.0500 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 285881 - CVE-2007-4782 php crash in glob() and fnmatch() functions 382411 - CVE-2007-5898 php htmlentities/htmlspecialchars multibyte sequences 382431 - CVE-2007-5899 php session ID leakage 445003 - CVE-2008-0599 php: buffer overflow in a CGI path translation 445006 - CVE-2008-2051 PHP multibyte shell escape flaw 445222 - CVE-2008-2079 mysql: privilege escalation via DATA/INDEX DIRECTORY directives 445684 - CVE-2008-2107 PHP 32 bit weak random seed 445685 - CVE-2008-2108 PHP weak 64 bit random seed 6. Package List: Red Hat Application Stack v2 for Enterprise Linux (v.5): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/httpd-2.2.8-1.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/mod_jk-1.2.26-1.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/mod_perl-2.0.4-3.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/mysql-5.0.50sp1a-2.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/mysql-connector-odbc-3.51.24r1071-1.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/mysql-jdbc-5.0.8-1jpp.1.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/perl-DBD-MySQL-4.006-1.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/perl-DBI-1.604-1.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/php-5.2.6-2.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/postgresql-8.2.9-1.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/postgresql-jdbc-8.2.508-1jpp.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/postgresql-odbc-08.02.0500-1.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/postgresqlclient81-8.1.11-1.el5s2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/unixODBC-2.2.12-8.el5s2.src.rpm i386: httpd-2.2.8-1.el5s2.i386.rpm httpd-debuginfo-2.2.8-1.el5s2.i386.rpm httpd-devel-2.2.8-1.el5s2.i386.rpm httpd-manual-2.2.8-1.el5s2.i386.rpm mod_jk-ap20-1.2.26-1.el5s2.i386.rpm mod_jk-debuginfo-1.2.26-1.el5s2.i386.rpm mod_perl-2.0.4-3.el5s2.i386.rpm mod_perl-debuginfo-2.0.4-3.el5s2.i386.rpm mod_perl-devel-2.0.4-3.el5s2.i386.rpm mod_ssl-2.2.8-1.el5s2.i386.rpm mysql-5.0.50sp1a-2.el5s2.i386.rpm mysql-bench-5.0.50sp1a-2.el5s2.i386.rpm mysql-cluster-5.0.50sp1a-2.el5s2.i386.rpm mysql-connector-odbc-3.51.24r1071-1.el5s2.i386.rpm mysql-connector-odbc-debuginfo-3.51.24r1071-1.el5s2.i386.rpm mysql-debuginfo-5.0.50sp1a-2.el5s2.i386.rpm mysql-devel-5.0.50sp1a-2.el5s2.i386.rpm mysql-libs-5.0.50sp1a-2.el5s2.i386.rpm mysql-server-5.0.50sp1a-2.el5s2.i386.rpm mysql-test-5.0.50sp1a-2.el5s2.i386.rpm perl-DBD-MySQL-4.006-1.el5s2.i386.rpm perl-DBD-MySQL-debuginfo-4.006-1.el5s2.i386.rpm perl-DBI-1.604-1.el5s2.i386.rpm perl-DBI-debuginfo-1.604-1.el5s2.i386.rpm php-5.2.6-2.el5s2.i386.rpm php-bcmath-5.2.6-2.el5s2.i386.rpm php-cli-5.2.6-2.el5s2.i386.rpm php-common-5.2.6-2.el5s2.i386.rpm php-dba-5.2.6-2.el5s2.i386.rpm php-debuginfo-5.2.6-2.el5s2.i386.rpm php-devel-5.2.6-2.el5s2.i386.rpm php-gd-5.2.6-2.el5s2.i386.rpm php-imap-5.2.6-2.el5s2.i386.rpm php-ldap-5.2.6-2.el5s2.i386.rpm php-mbstring-5.2.6-2.el5s2.i386.rpm php-mysql-5.2.6-2.el5s2.i386.rpm php-ncurses-5.2.6-2.el5s2.i386.rpm php-odbc-5.2.6-2.el5s2.i386.rpm php-pdo-5.2.6-2.el5s2.i386.rpm php-pgsql-5.2.6-2.el5s2.i386.rpm php-snmp-5.2.6-2.el5s2.i386.rpm php-soap-5.2.6-2.el5s2.i386.rpm php-xml-5.2.6-2.el5s2.i386.rpm php-xmlrpc-5.2.6-2.el5s2.i386.rpm postgresql-8.2.9-1.el5s2.i386.rpm postgresql-contrib-8.2.9-1.el5s2.i386.rpm postgresql-debuginfo-8.2.9-1.el5s2.i386.rpm postgresql-devel-8.2.9-1.el5s2.i386.rpm postgresql-docs-8.2.9-1.el5s2.i386.rpm postgresql-jdbc-8.2.508-1jpp.el5s2.i386.rpm postgresql-jdbc-debuginfo-8.2.508-1jpp.el5s2.i386.rpm postgresql-libs-8.2.9-1.el5s2.i386.rpm postgresql-odbc-08.02.0500-1.el5s2.i386.rpm postgresql-odbc-debuginfo-08.02.0500-1.el5s2.i386.rpm postgresql-plperl-8.2.9-1.el5s2.i386.rpm postgresql-plpython-8.2.9-1.el5s2.i386.rpm postgresql-pltcl-8.2.9-1.el5s2.i386.rpm postgresql-python-8.2.9-1.el5s2.i386.rpm postgresql-server-8.2.9-1.el5s2.i386.rpm postgresql-tcl-8.2.9-1.el5s2.i386.rpm postgresql-test-8.2.9-1.el5s2.i386.rpm postgresqlclient81-8.1.11-1.el5s2.i386.rpm postgresqlclient81-debuginfo-8.1.11-1.el5s2.i386.rpm unixODBC-2.2.12-8.el5s2.i386.rpm unixODBC-debuginfo-2.2.12-8.el5s2.i386.rpm unixODBC-devel-2.2.12-8.el5s2.i386.rpm unixODBC-kde-2.2.12-8.el5s2.i386.rpm noarch: mysql-jdbc-5.0.8-1jpp.1.el5s2.noarch.rpm x86_64: httpd-2.2.8-1.el5s2.x86_64.rpm httpd-debuginfo-2.2.8-1.el5s2.x86_64.rpm httpd-devel-2.2.8-1.el5s2.x86_64.rpm httpd-manual-2.2.8-1.el5s2.x86_64.rpm mod_jk-ap20-1.2.26-1.el5s2.x86_64.rpm mod_jk-debuginfo-1.2.26-1.el5s2.x86_64.rpm mod_perl-2.0.4-3.el5s2.x86_64.rpm mod_perl-debuginfo-2.0.4-3.el5s2.x86_64.rpm mod_perl-devel-2.0.4-3.el5s2.x86_64.rpm mod_ssl-2.2.8-1.el5s2.x86_64.rpm mysql-5.0.50sp1a-2.el5s2.x86_64.rpm mysql-bench-5.0.50sp1a-2.el5s2.x86_64.rpm mysql-cluster-5.0.50sp1a-2.el5s2.x86_64.rpm mysql-connector-odbc-3.51.24r1071-1.el5s2.x86_64.rpm mysql-connector-odbc-debuginfo-3.51.24r1071-1.el5s2.x86_64.rpm mysql-debuginfo-5.0.50sp1a-2.el5s2.x86_64.rpm mysql-devel-5.0.50sp1a-2.el5s2.x86_64.rpm mysql-libs-5.0.50sp1a-2.el5s2.x86_64.rpm mysql-server-5.0.50sp1a-2.el5s2.x86_64.rpm mysql-test-5.0.50sp1a-2.el5s2.x86_64.rpm perl-DBD-MySQL-4.006-1.el5s2.x86_64.rpm perl-DBD-MySQL-debuginfo-4.006-1.el5s2.x86_64.rpm perl-DBI-1.604-1.el5s2.x86_64.rpm perl-DBI-debuginfo-1.604-1.el5s2.x86_64.rpm php-5.2.6-2.el5s2.x86_64.rpm php-bcmath-5.2.6-2.el5s2.x86_64.rpm php-cli-5.2.6-2.el5s2.x86_64.rpm php-common-5.2.6-2.el5s2.x86_64.rpm php-dba-5.2.6-2.el5s2.x86_64.rpm php-debuginfo-5.2.6-2.el5s2.x86_64.rpm php-devel-5.2.6-2.el5s2.x86_64.rpm php-gd-5.2.6-2.el5s2.x86_64.rpm php-imap-5.2.6-2.el5s2.x86_64.rpm php-ldap-5.2.6-2.el5s2.x86_64.rpm php-mbstring-5.2.6-2.el5s2.x86_64.rpm php-mysql-5.2.6-2.el5s2.x86_64.rpm php-ncurses-5.2.6-2.el5s2.x86_64.rpm php-odbc-5.2.6-2.el5s2.x86_64.rpm php-pdo-5.2.6-2.el5s2.x86_64.rpm php-pgsql-5.2.6-2.el5s2.x86_64.rpm php-snmp-5.2.6-2.el5s2.x86_64.rpm php-soap-5.2.6-2.el5s2.x86_64.rpm php-xml-5.2.6-2.el5s2.x86_64.rpm php-xmlrpc-5.2.6-2.el5s2.x86_64.rpm postgresql-8.2.9-1.el5s2.x86_64.rpm postgresql-contrib-8.2.9-1.el5s2.x86_64.rpm postgresql-debuginfo-8.2.9-1.el5s2.x86_64.rpm postgresql-devel-8.2.9-1.el5s2.x86_64.rpm postgresql-docs-8.2.9-1.el5s2.x86_64.rpm postgresql-jdbc-8.2.508-1jpp.el5s2.x86_64.rpm postgresql-jdbc-debuginfo-8.2.508-1jpp.el5s2.x86_64.rpm postgresql-libs-8.2.9-1.el5s2.x86_64.rpm postgresql-odbc-08.02.0500-1.el5s2.x86_64.rpm postgresql-odbc-debuginfo-08.02.0500-1.el5s2.x86_64.rpm postgresql-plperl-8.2.9-1.el5s2.x86_64.rpm postgresql-plpython-8.2.9-1.el5s2.x86_64.rpm postgresql-pltcl-8.2.9-1.el5s2.x86_64.rpm postgresql-python-8.2.9-1.el5s2.x86_64.rpm postgresql-server-8.2.9-1.el5s2.x86_64.rpm postgresql-tcl-8.2.9-1.el5s2.x86_64.rpm postgresql-test-8.2.9-1.el5s2.x86_64.rpm postgresqlclient81-8.1.11-1.el5s2.x86_64.rpm postgresqlclient81-debuginfo-8.1.11-1.el5s2.x86_64.rpm unixODBC-2.2.12-8.el5s2.x86_64.rpm unixODBC-debuginfo-2.2.12-8.el5s2.x86_64.rpm unixODBC-devel-2.2.12-8.el5s2.x86_64.rpm unixODBC-kde-2.2.12-8.el5s2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5898 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5899 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4782 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 http://www.redhat.com/docs/en-US/Red_Hat_Application_Stack/2.1/html-single/Release_Notes/ http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFIa39+XlSAg2UNWIIRAhWAAJ9sMvdJoV3iUoms2ggLAsIS3G2WuACfUID0 a66OVz+Vp0VuKf8vME1+XYo= =qDIz -----END PGP SIGNATURE----- --
  24. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: seamonkey security update Advisory ID: RHSA-2008:0547-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0547.html Issue date: 2008-07-02 CVE Names: CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 ===================================================================== 1. Summary: Updated seamonkey packages that fix a security issues are now available for Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Multiple flaws were found in the processing of malformed JavaScript content. A web page containing such malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2008-2801, CVE-2008-2802, CVE-2008-2803) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2008-2798, CVE-2008-2799, CVE-2008-2811) Several flaws were found in the way malformed web content was displayed. A web page containing specially-crafted content could potentially trick a SeaMonkey user into surrendering sensitive information. (CVE-2008-2800) Two local file disclosure flaws were found in SeaMonkey. A web page containing malicious content could cause SeaMonkey to reveal the contents of a local file to a remote attacker. (CVE-2008-2805, CVE-2008-2810) A flaw was found in the way a malformed .properties file was processed by SeaMonkey. A malicious extension could read uninitialized memory, possibly leaking sensitive data to the extension. (CVE-2008-2807) A flaw was found in the way SeaMonkey escaped a listing of local file names. If a user could be tricked into listing a local directory containing malicious file names, arbitrary JavaScript could be run with the permissions of the user running SeaMonkey. (CVE-2008-2808) A flaw was found in the way SeaMonkey displayed information about self-signed certificates. It was possible for a self-signed certificate to contain multiple alternate name entries, which were not all displayed to the user, allowing them to mistakenly extend trust to an unknown site. (CVE-2008-2809) All SeaMonkey users should upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 452597 - CVE-2008-2798 Firefox malformed web content flaws 452598 - CVE-2008-2799 Firefox javascript arbitrary code execution 452599 - CVE-2008-2800 Firefox XSS attacks 452600 - CVE-2008-2802 Firefox arbitrary JavaScript code execution 452602 - CVE-2008-2803 Firefox javascript arbitrary code execution 452604 - CVE-2008-2805 Firefox arbitrary file disclosure 452605 - CVE-2008-2801 Firefox arbitrary signed JAR code execution 452709 - CVE-2008-2807 Firefox .properties memory leak 452710 - CVE-2008-2808 Firefox file location escaping flaw 452711 - CVE-2008-2809 Firefox self signed certificate flaw 452712 - CVE-2008-2810 Firefox arbitrary file disclosure 453007 - CVE-2008-2811 Firefox block reflow flaw 6. Package List: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 : Source: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/seamonkey-1.0.9-0.17.el2.src.rpm i386: seamonkey-1.0.9-0.17.el2.i386.rpm seamonkey-chat-1.0.9-0.17.el2.i386.rpm seamonkey-devel-1.0.9-0.17.el2.i386.rpm seamonkey-dom-inspector-1.0.9-0.17.el2.i386.rpm seamonkey-js-debugger-1.0.9-0.17.el2.i386.rpm seamonkey-mail-1.0.9-0.17.el2.i386.rpm seamonkey-nspr-1.0.9-0.17.el2.i386.rpm seamonkey-nspr-devel-1.0.9-0.17.el2.i386.rpm seamonkey-nss-1.0.9-0.17.el2.i386.rpm seamonkey-nss-devel-1.0.9-0.17.el2.i386.rpm ia64: seamonkey-1.0.9-0.17.el2.ia64.rpm seamonkey-chat-1.0.9-0.17.el2.ia64.rpm seamonkey-devel-1.0.9-0.17.el2.ia64.rpm seamonkey-dom-inspector-1.0.9-0.17.el2.ia64.rpm seamonkey-js-debugger-1.0.9-0.17.el2.ia64.rpm seamonkey-mail-1.0.9-0.17.el2.ia64.rpm seamonkey-nspr-1.0.9-0.17.el2.ia64.rpm seamonkey-nspr-devel-1.0.9-0.17.el2.ia64.rpm seamonkey-nss-1.0.9-0.17.el2.ia64.rpm seamonkey-nss-devel-1.0.9-0.17.el2.ia64.rpm Red Hat Linux Advanced Workstation 2.1: Source: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/seamonkey-1.0.9-0.17.el2.src.rpm ia64: seamonkey-1.0.9-0.17.el2.ia64.rpm seamonkey-chat-1.0.9-0.17.el2.ia64.rpm seamonkey-devel-1.0.9-0.17.el2.ia64.rpm seamonkey-dom-inspector-1.0.9-0.17.el2.ia64.rpm seamonkey-js-debugger-1.0.9-0.17.el2.ia64.rpm seamonkey-mail-1.0.9-0.17.el2.ia64.rpm seamonkey-nspr-1.0.9-0.17.el2.ia64.rpm seamonkey-nspr-devel-1.0.9-0.17.el2.ia64.rpm seamonkey-nss-1.0.9-0.17.el2.ia64.rpm seamonkey-nss-devel-1.0.9-0.17.el2.ia64.rpm Red Hat Enterprise Linux ES version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/seamonkey-1.0.9-0.17.el2.src.rpm i386: seamonkey-1.0.9-0.17.el2.i386.rpm seamonkey-chat-1.0.9-0.17.el2.i386.rpm seamonkey-devel-1.0.9-0.17.el2.i386.rpm seamonkey-dom-inspector-1.0.9-0.17.el2.i386.rpm seamonkey-js-debugger-1.0.9-0.17.el2.i386.rpm seamonkey-mail-1.0.9-0.17.el2.i386.rpm seamonkey-nspr-1.0.9-0.17.el2.i386.rpm seamonkey-nspr-devel-1.0.9-0.17.el2.i386.rpm seamonkey-nss-1.0.9-0.17.el2.i386.rpm seamonkey-nss-devel-1.0.9-0.17.el2.i386.rpm Red Hat Enterprise Linux WS version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/seamonkey-1.0.9-0.17.el2.src.rpm i386: seamonkey-1.0.9-0.17.el2.i386.rpm seamonkey-chat-1.0.9-0.17.el2.i386.rpm seamonkey-devel-1.0.9-0.17.el2.i386.rpm seamonkey-dom-inspector-1.0.9-0.17.el2.i386.rpm seamonkey-js-debugger-1.0.9-0.17.el2.i386.rpm seamonkey-mail-1.0.9-0.17.el2.i386.rpm seamonkey-nspr-1.0.9-0.17.el2.i386.rpm seamonkey-nspr-devel-1.0.9-0.17.el2.i386.rpm seamonkey-nss-1.0.9-0.17.el2.i386.rpm seamonkey-nss-devel-1.0.9-0.17.el2.i386.rpm Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/seamonkey-1.0.9-0.20.el3.src.rpm i386: seamonkey-1.0.9-0.20.el3.i386.rpm seamonkey-chat-1.0.9-0.20.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.20.el3.i386.rpm seamonkey-devel-1.0.9-0.20.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.20.el3.i386.rpm seamonkey-mail-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.i386.rpm seamonkey-nss-1.0.9-0.20.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.20.el3.i386.rpm ia64: seamonkey-1.0.9-0.20.el3.ia64.rpm seamonkey-chat-1.0.9-0.20.el3.ia64.rpm seamonkey-debuginfo-1.0.9-0.20.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.20.el3.ia64.rpm seamonkey-devel-1.0.9-0.20.el3.ia64.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.ia64.rpm seamonkey-js-debugger-1.0.9-0.20.el3.ia64.rpm seamonkey-mail-1.0.9-0.20.el3.ia64.rpm seamonkey-nspr-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-1.0.9-0.20.el3.ia64.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.ia64.rpm seamonkey-nss-1.0.9-0.20.el3.i386.rpm seamonkey-nss-1.0.9-0.20.el3.ia64.rpm seamonkey-nss-devel-1.0.9-0.20.el3.ia64.rpm ppc: seamonkey-1.0.9-0.20.el3.ppc.rpm seamonkey-chat-1.0.9-0.20.el3.ppc.rpm seamonkey-debuginfo-1.0.9-0.20.el3.ppc.rpm seamonkey-devel-1.0.9-0.20.el3.ppc.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.ppc.rpm seamonkey-js-debugger-1.0.9-0.20.el3.ppc.rpm seamonkey-mail-1.0.9-0.20.el3.ppc.rpm seamonkey-nspr-1.0.9-0.20.el3.ppc.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.ppc.rpm seamonkey-nss-1.0.9-0.20.el3.ppc.rpm seamonkey-nss-devel-1.0.9-0.20.el3.ppc.rpm s390: seamonkey-1.0.9-0.20.el3.s390.rpm seamonkey-chat-1.0.9-0.20.el3.s390.rpm seamonkey-debuginfo-1.0.9-0.20.el3.s390.rpm seamonkey-devel-1.0.9-0.20.el3.s390.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.s390.rpm seamonkey-js-debugger-1.0.9-0.20.el3.s390.rpm seamonkey-mail-1.0.9-0.20.el3.s390.rpm seamonkey-nspr-1.0.9-0.20.el3.s390.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.s390.rpm seamonkey-nss-1.0.9-0.20.el3.s390.rpm seamonkey-nss-devel-1.0.9-0.20.el3.s390.rpm s390x: seamonkey-1.0.9-0.20.el3.s390x.rpm seamonkey-chat-1.0.9-0.20.el3.s390x.rpm seamonkey-debuginfo-1.0.9-0.20.el3.s390.rpm seamonkey-debuginfo-1.0.9-0.20.el3.s390x.rpm seamonkey-devel-1.0.9-0.20.el3.s390x.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.s390x.rpm seamonkey-js-debugger-1.0.9-0.20.el3.s390x.rpm seamonkey-mail-1.0.9-0.20.el3.s390x.rpm seamonkey-nspr-1.0.9-0.20.el3.s390.rpm seamonkey-nspr-1.0.9-0.20.el3.s390x.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.s390x.rpm seamonkey-nss-1.0.9-0.20.el3.s390.rpm seamonkey-nss-1.0.9-0.20.el3.s390x.rpm seamonkey-nss-devel-1.0.9-0.20.el3.s390x.rpm x86_64: seamonkey-1.0.9-0.20.el3.i386.rpm seamonkey-1.0.9-0.20.el3.x86_64.rpm seamonkey-chat-1.0.9-0.20.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.20.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.20.el3.x86_64.rpm seamonkey-devel-1.0.9-0.20.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.20.el3.x86_64.rpm seamonkey-mail-1.0.9-0.20.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-1.0.9-0.20.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.x86_64.rpm seamonkey-nss-1.0.9-0.20.el3.i386.rpm seamonkey-nss-1.0.9-0.20.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.20.el3.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/seamonkey-1.0.9-0.20.el3.src.rpm i386: seamonkey-1.0.9-0.20.el3.i386.rpm seamonkey-chat-1.0.9-0.20.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.20.el3.i386.rpm seamonkey-devel-1.0.9-0.20.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.20.el3.i386.rpm seamonkey-mail-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.i386.rpm seamonkey-nss-1.0.9-0.20.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.20.el3.i386.rpm x86_64: seamonkey-1.0.9-0.20.el3.i386.rpm seamonkey-1.0.9-0.20.el3.x86_64.rpm seamonkey-chat-1.0.9-0.20.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.20.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.20.el3.x86_64.rpm seamonkey-devel-1.0.9-0.20.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.20.el3.x86_64.rpm seamonkey-mail-1.0.9-0.20.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-1.0.9-0.20.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.x86_64.rpm seamonkey-nss-1.0.9-0.20.el3.i386.rpm seamonkey-nss-1.0.9-0.20.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.20.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/seamonkey-1.0.9-0.20.el3.src.rpm i386: seamonkey-1.0.9-0.20.el3.i386.rpm seamonkey-chat-1.0.9-0.20.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.20.el3.i386.rpm seamonkey-devel-1.0.9-0.20.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.20.el3.i386.rpm seamonkey-mail-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.i386.rpm seamonkey-nss-1.0.9-0.20.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.20.el3.i386.rpm ia64: seamonkey-1.0.9-0.20.el3.ia64.rpm seamonkey-chat-1.0.9-0.20.el3.ia64.rpm seamonkey-debuginfo-1.0.9-0.20.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.20.el3.ia64.rpm seamonkey-devel-1.0.9-0.20.el3.ia64.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.ia64.rpm seamonkey-js-debugger-1.0.9-0.20.el3.ia64.rpm seamonkey-mail-1.0.9-0.20.el3.ia64.rpm seamonkey-nspr-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-1.0.9-0.20.el3.ia64.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.ia64.rpm seamonkey-nss-1.0.9-0.20.el3.i386.rpm seamonkey-nss-1.0.9-0.20.el3.ia64.rpm seamonkey-nss-devel-1.0.9-0.20.el3.ia64.rpm x86_64: seamonkey-1.0.9-0.20.el3.i386.rpm seamonkey-1.0.9-0.20.el3.x86_64.rpm seamonkey-chat-1.0.9-0.20.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.20.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.20.el3.x86_64.rpm seamonkey-devel-1.0.9-0.20.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.20.el3.x86_64.rpm seamonkey-mail-1.0.9-0.20.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-1.0.9-0.20.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.x86_64.rpm seamonkey-nss-1.0.9-0.20.el3.i386.rpm seamonkey-nss-1.0.9-0.20.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.20.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/seamonkey-1.0.9-0.20.el3.src.rpm i386: seamonkey-1.0.9-0.20.el3.i386.rpm seamonkey-chat-1.0.9-0.20.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.20.el3.i386.rpm seamonkey-devel-1.0.9-0.20.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.20.el3.i386.rpm seamonkey-mail-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.i386.rpm seamonkey-nss-1.0.9-0.20.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.20.el3.i386.rpm ia64: seamonkey-1.0.9-0.20.el3.ia64.rpm seamonkey-chat-1.0.9-0.20.el3.ia64.rpm seamonkey-debuginfo-1.0.9-0.20.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.20.el3.ia64.rpm seamonkey-devel-1.0.9-0.20.el3.ia64.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.ia64.rpm seamonkey-js-debugger-1.0.9-0.20.el3.ia64.rpm seamonkey-mail-1.0.9-0.20.el3.ia64.rpm seamonkey-nspr-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-1.0.9-0.20.el3.ia64.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.ia64.rpm seamonkey-nss-1.0.9-0.20.el3.i386.rpm seamonkey-nss-1.0.9-0.20.el3.ia64.rpm seamonkey-nss-devel-1.0.9-0.20.el3.ia64.rpm x86_64: seamonkey-1.0.9-0.20.el3.i386.rpm seamonkey-1.0.9-0.20.el3.x86_64.rpm seamonkey-chat-1.0.9-0.20.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.20.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.20.el3.x86_64.rpm seamonkey-devel-1.0.9-0.20.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.20.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.20.el3.x86_64.rpm seamonkey-mail-1.0.9-0.20.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.20.el3.i386.rpm seamonkey-nspr-1.0.9-0.20.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.20.el3.x86_64.rpm seamonkey-nss-1.0.9-0.20.el3.i386.rpm seamonkey-nss-1.0.9-0.20.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.20.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-16.3.el4_6.src.rpm i386: seamonkey-1.0.9-16.3.el4_6.i386.rpm seamonkey-chat-1.0.9-16.3.el4_6.i386.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.i386.rpm seamonkey-devel-1.0.9-16.3.el4_6.i386.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.i386.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.i386.rpm seamonkey-mail-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.i386.rpm ia64: seamonkey-1.0.9-16.3.el4_6.ia64.rpm seamonkey-chat-1.0.9-16.3.el4_6.ia64.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.i386.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.ia64.rpm seamonkey-devel-1.0.9-16.3.el4_6.ia64.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.ia64.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.ia64.rpm seamonkey-mail-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nspr-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nss-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.ia64.rpm ppc: seamonkey-1.0.9-16.3.el4_6.ppc.rpm seamonkey-chat-1.0.9-16.3.el4_6.ppc.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.ppc.rpm seamonkey-devel-1.0.9-16.3.el4_6.ppc.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.ppc.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.ppc.rpm seamonkey-mail-1.0.9-16.3.el4_6.ppc.rpm seamonkey-nspr-1.0.9-16.3.el4_6.ppc.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.ppc.rpm seamonkey-nss-1.0.9-16.3.el4_6.ppc.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.ppc.rpm s390: seamonkey-1.0.9-16.3.el4_6.s390.rpm seamonkey-chat-1.0.9-16.3.el4_6.s390.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.s390.rpm seamonkey-devel-1.0.9-16.3.el4_6.s390.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.s390.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.s390.rpm seamonkey-mail-1.0.9-16.3.el4_6.s390.rpm seamonkey-nspr-1.0.9-16.3.el4_6.s390.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.s390.rpm seamonkey-nss-1.0.9-16.3.el4_6.s390.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.s390.rpm s390x: seamonkey-1.0.9-16.3.el4_6.s390x.rpm seamonkey-chat-1.0.9-16.3.el4_6.s390x.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.s390.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.s390x.rpm seamonkey-devel-1.0.9-16.3.el4_6.s390x.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.s390x.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.s390x.rpm seamonkey-mail-1.0.9-16.3.el4_6.s390x.rpm seamonkey-nspr-1.0.9-16.3.el4_6.s390.rpm seamonkey-nspr-1.0.9-16.3.el4_6.s390x.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.s390x.rpm seamonkey-nss-1.0.9-16.3.el4_6.s390.rpm seamonkey-nss-1.0.9-16.3.el4_6.s390x.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.s390x.rpm x86_64: seamonkey-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-chat-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.i386.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-devel-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-mail-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nspr-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nss-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-16.3.el4_6.src.rpm i386: seamonkey-1.0.9-16.3.el4_6.i386.rpm seamonkey-chat-1.0.9-16.3.el4_6.i386.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.i386.rpm seamonkey-devel-1.0.9-16.3.el4_6.i386.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.i386.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.i386.rpm seamonkey-mail-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.i386.rpm x86_64: seamonkey-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-chat-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.i386.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-devel-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-mail-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nspr-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nss-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-16.3.el4_6.src.rpm i386: seamonkey-1.0.9-16.3.el4_6.i386.rpm seamonkey-chat-1.0.9-16.3.el4_6.i386.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.i386.rpm seamonkey-devel-1.0.9-16.3.el4_6.i386.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.i386.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.i386.rpm seamonkey-mail-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.i386.rpm ia64: seamonkey-1.0.9-16.3.el4_6.ia64.rpm seamonkey-chat-1.0.9-16.3.el4_6.ia64.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.i386.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.ia64.rpm seamonkey-devel-1.0.9-16.3.el4_6.ia64.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.ia64.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.ia64.rpm seamonkey-mail-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nspr-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nss-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.ia64.rpm x86_64: seamonkey-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-chat-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.i386.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-devel-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-mail-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nspr-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nss-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-16.3.el4_6.src.rpm i386: seamonkey-1.0.9-16.3.el4_6.i386.rpm seamonkey-chat-1.0.9-16.3.el4_6.i386.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.i386.rpm seamonkey-devel-1.0.9-16.3.el4_6.i386.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.i386.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.i386.rpm seamonkey-mail-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.i386.rpm ia64: seamonkey-1.0.9-16.3.el4_6.ia64.rpm seamonkey-chat-1.0.9-16.3.el4_6.ia64.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.i386.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.ia64.rpm seamonkey-devel-1.0.9-16.3.el4_6.ia64.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.ia64.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.ia64.rpm seamonkey-mail-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nspr-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nss-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-1.0.9-16.3.el4_6.ia64.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.ia64.rpm x86_64: seamonkey-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-chat-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.i386.rpm seamonkey-debuginfo-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-devel-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-dom-inspector-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-js-debugger-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-mail-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nspr-1.0.9-16.3.el4_6.i386.rpm seamonkey-nspr-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nspr-devel-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nss-1.0.9-16.3.el4_6.i386.rpm seamonkey-nss-1.0.9-16.3.el4_6.x86_64.rpm seamonkey-nss-devel-1.0.9-16.3.el4_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2805 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2808 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2809 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2810 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFIa3wnXlSAg2UNWIIRAibtAJwOdpoKnWhXHWLIx56KCxO1oD3W4gCfTV7y H5oWEzWHvYkstR5vIyyahmI= =v9US -----END PGP SIGNATURE----- --
  25. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2008:0549-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0549.html Issue date: 2008-07-02 CVE Names: CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 ===================================================================== 1. Summary: An updated firefox package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Mozilla Firefox is an open source Web browser. Multiple flaws were found in the processing of malformed JavaScript content. A web page containing such malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-2801, CVE-2008-2802, CVE-2008-2803) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-2798, CVE-2008-2799, CVE-2008-2811) Several flaws were found in the way malformed web content was displayed. A web page containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-2800) Two local file disclosure flaws were found in Firefox. A web page containing malicious content could cause Firefox to reveal the contents of a local file to a remote attacker. (CVE-2008-2805, CVE-2008-2810) A flaw was found in the way a malformed .properties file was processed by Firefox. A malicious extension could read uninitialized memory, possibly leaking sensitive data to the extension. (CVE-2008-2807) A flaw was found in the way Firefox escaped a listing of local file names. If a user could be tricked into listing a local directory containing malicious file names, arbitrary JavaScript could be run with the permissions of the user running Firefox. (CVE-2008-2808) A flaw was found in the way Firefox displayed information about self-signed certificates. It was possible for a self-signed certificate to contain multiple alternate name entries, which were not all displayed to the user, allowing them to mistakenly extend trust to an unknown site. (CVE-2008-2809) All Mozilla Firefox users should upgrade to this updated package, which contains backported patches that correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 452597 - CVE-2008-2798 Firefox malformed web content flaws 452598 - CVE-2008-2799 Firefox javascript arbitrary code execution 452599 - CVE-2008-2800 Firefox XSS attacks 452600 - CVE-2008-2802 Firefox arbitrary JavaScript code execution 452602 - CVE-2008-2803 Firefox javascript arbitrary code execution 452604 - CVE-2008-2805 Firefox arbitrary file disclosure 452605 - CVE-2008-2801 Firefox arbitrary signed JAR code execution 452709 - CVE-2008-2807 Firefox .properties memory leak 452710 - CVE-2008-2808 Firefox file location escaping flaw 452711 - CVE-2008-2809 Firefox self signed certificate flaw 452712 - CVE-2008-2810 Firefox arbitrary file disclosure 453007 - CVE-2008-2811 Firefox block reflow flaw 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-1.5.0.12-0.19.el4.src.rpm i386: firefox-1.5.0.12-0.19.el4.i386.rpm firefox-debuginfo-1.5.0.12-0.19.el4.i386.rpm ia64: firefox-1.5.0.12-0.19.el4.ia64.rpm firefox-debuginfo-1.5.0.12-0.19.el4.ia64.rpm ppc: firefox-1.5.0.12-0.19.el4.ppc.rpm firefox-debuginfo-1.5.0.12-0.19.el4.ppc.rpm s390: firefox-1.5.0.12-0.19.el4.s390.rpm firefox-debuginfo-1.5.0.12-0.19.el4.s390.rpm s390x: firefox-1.5.0.12-0.19.el4.s390x.rpm firefox-debuginfo-1.5.0.12-0.19.el4.s390x.rpm x86_64: firefox-1.5.0.12-0.19.el4.x86_64.rpm firefox-debuginfo-1.5.0.12-0.19.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-1.5.0.12-0.19.el4.src.rpm i386: firefox-1.5.0.12-0.19.el4.i386.rpm firefox-debuginfo-1.5.0.12-0.19.el4.i386.rpm x86_64: firefox-1.5.0.12-0.19.el4.x86_64.rpm firefox-debuginfo-1.5.0.12-0.19.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-1.5.0.12-0.19.el4.src.rpm i386: firefox-1.5.0.12-0.19.el4.i386.rpm firefox-debuginfo-1.5.0.12-0.19.el4.i386.rpm ia64: firefox-1.5.0.12-0.19.el4.ia64.rpm firefox-debuginfo-1.5.0.12-0.19.el4.ia64.rpm x86_64: firefox-1.5.0.12-0.19.el4.x86_64.rpm firefox-debuginfo-1.5.0.12-0.19.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-1.5.0.12-0.19.el4.src.rpm i386: firefox-1.5.0.12-0.19.el4.i386.rpm firefox-debuginfo-1.5.0.12-0.19.el4.i386.rpm ia64: firefox-1.5.0.12-0.19.el4.ia64.rpm firefox-debuginfo-1.5.0.12-0.19.el4.ia64.rpm x86_64: firefox-1.5.0.12-0.19.el4.x86_64.rpm firefox-debuginfo-1.5.0.12-0.19.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2805 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2808 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2809 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2810 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFIa3w6XlSAg2UNWIIRAtfkAJ9E9//fKb6pCnz93elzWJUsMNaDbQCdEByv 9G9/WvETDac5pG/g1rAPuJk= =Qdo6 -----END PGP SIGNATURE----- --
×