news

This is a multi-part message in MIME format... ------------=_1211998873-11275-5334 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Advisory MDVA-2008:073 http://www.mandriva.com/security/ _______________________________________________________________________ Package : hal-info Date : May 28, 2008 Affected: 2008.1 _______________________________________________________________________ Problem Description: This package adds quirks to fix suspend/resume on Airis Kira, Asus EEE PC. It also ensure fake CDROM on Option/Huawei 3G keys are ignored, and fix Delete key not working properly on Acer Extensa 5220. _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: 0fa2a128f2b1e62f0fe7f3690d5e2bc7 2008.1/i586/hal-info-0.0-5.20080317.5.1mdv2008.1.noarch.rpm 45985b0b04af99f98200f27328544998 2008.1/SRPMS/hal-info-0.0-5.20080317.5.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: f54bb9da190ea42c63384f465ffd0e40 2008.1/x86_64/hal-info-0.0-5.20080317.5.1mdv2008.1.noarch.rpm 45985b0b04af99f98200f27328544998 2008.1/SRPMS/hal-info-0.0-5.20080317.5.1mdv2008.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIPXfDmqjQ0CJFipgRAhQMAJ4m9wfbOyxhRNtrE3YxltlcDaOs5wCfVYyx RFZtrlg1qzFqE25Pz15Fr1E= =+DQK -----END PGP SIGNATURE----- ------------=_1211998873-11275-5334 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________ ------------=_1211998873-11275-5334--

This is a multi-part message in MIME format... ------------=_1211998024-11275-5331 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:107 http://www.mandriva.com/security/ _______________________________________________________________________ Package : openssl Date : May 28, 2008 Affected: 2008.1 _______________________________________________________________________ Problem Description: Testing using the Codenomicon TLS test suite discovered a flaw in the handling of server name extension data in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If OpenSSL has been compiled using the non-default TLS server name extensions, a remote attacker could send a carefully crafted packet to a server application using OpenSSL and cause a crash. (CVE-2008-0891) Testing using the Codenomicon TLS test suite discovered a flaw if the 'Server Key exchange message' is omitted from a TLS handshake in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If a client connects to a malicious server with particular cipher suites, the server could cause the client to crash. (CVE-2008-1672) The updated packages have been patched to fix these flaws. Note that any applications using this library must be restarted for the update to take effect. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: c89ce51d88565b5e01984d02f9d52be2 2008.1/i586/libopenssl0.9.8-0.9.8g-4.1mdv2008.1.i586.rpm 1e1855ac131d2f1d7fe185a972d6cf7e 2008.1/i586/libopenssl0.9.8-devel-0.9.8g-4.1mdv2008.1.i586.rpm abda43307f35316915bf8fab630b5aa4 2008.1/i586/libopenssl0.9.8-static-devel-0.9.8g-4.1mdv2008.1.i586.rpm ad370f030884f7e81eee21ad8ea14b9f 2008.1/i586/openssl-0.9.8g-4.1mdv2008.1.i586.rpm 0081f3e2bd9e38ffa4c27e87e8d2c8ba 2008.1/SRPMS/openssl-0.9.8g-4.1mdv2008.0.src.rpm Mandriva Linux 2008.1/X86_64: e647498bde13d7baebff21a595a7235f 2008.1/x86_64/lib64openssl0.9.8-0.9.8g-4.1mdv2008.1.x86_64.rpm 1afca1fc4741b583413ba74b42617414 2008.1/x86_64/lib64openssl0.9.8-devel-0.9.8g-4.1mdv2008.1.x86_64.rpm 2a9eb1a4d9785234ab7ea71f74835009 2008.1/x86_64/lib64openssl0.9.8-static-devel-0.9.8g-4.1mdv2008.1.x86_64.rpm d9d185ea96fcfa64b11b5318fbdff0e2 2008.1/x86_64/openssl-0.9.8g-4.1mdv2008.1.x86_64.rpm 0081f3e2bd9e38ffa4c27e87e8d2c8ba 2008.1/SRPMS/openssl-0.9.8g-4.1mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIPXOFmqjQ0CJFipgRAvQRAJ0aMdxKc+WzCaar5aXcNPif+VMBAwCggx93 MUhEXWV3Mg6NEX0jj/qg7gg= =1WTI -----END PGP SIGNATURE----- ------------=_1211998024-11275-5331 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________ ------------=_1211998024-11275-5331--

Hi, It's Kristofer from DragonSteelMods, and I have a new review today that I think your readers might find interesting. Title: 32-in-1 Mobilephone Repairing Precision Screwdriver Set ( -at -) DragonSteelMods Review Link: http://www.dragonsteelmods.com/index.php?option=com_content&task=view&id=7735&Itemid=38 Review Snipit: "The product I have for review today is from our friends at USBFever and the name is kind of misleading, but it's the name that they gave it, it is more of an electrical or computer type tool kit, at least that's my impressions of it. It's called a 32-in-1 Mobilephone Repairing Precision Screwdriver Set, and in it you'll find 30 tiny precision bits that are fairly hard to come by, or at least you can't walk into the local home warehouse store and get one, but those types of bits are the kinds that DIYers need and use most often. In addition to the bits you'll get a nice carrying case, rubberized handle for the bits and a pair of needle nosed tweezers, I for one really like this kit and have found many uses for it already. If you're like me and like tools, or if you're someone who likes to take things apart then you just might want to grab one of these kits, at $29.99 it's well worth it... " Review Picture(200x150): http://www.dragonsteelmods.com/Images/reviews2/usbfever-toolkit/tool3.jpg Main site link: http://www.dragonsteelmods.com A post in your news would be greatly appreciated. Any and all news sent to me will be posted! If you would like to be added to our 'News Feeds' page please feel free to send me your http link to the feed and I will gladly add it ASAP. If you'd like to swap links for affiliation, I'd be happy to, just drop me a message...

Hi there, We’ve just posted our latest review and would love it if you linked it. TIA! “The PocketJet 3 is pricey and prints only on special paper, but it’s more convenient than a portable inkjet if you need to print black text in out-of-the-way places. If you need a portable greyscale printer to carry on a business trip, or find yourself increasingly wanting to print documents face to face with customers (such as invoices, purchase orders and so on), the Pentax PocketJet 3 Plus may fit the bill. But with its £499 price tag and no paper feeder for letter-size sheets, you’re paying a premium for portability.” http://www.biosmagazine.co.uk/rev.php?id=749 _____ Christian Harris Editor/Publisher BIOS (http://www.biosmagazine.co.uk) _____

Hi News Posters, I have completed the review for the Cooler Master M850 Power Supply. Title: Cooler Master M850 Power Supply ( -at -) Tech-Reviews.co.uk Briefing: Computers over the past few years have gotten very power hungry. With SLI and Quad Cores now being used in many computer systems, the increasing need for more power is apparent. However, the need for need for more power isn't the only reason us hardware enthusiasts are buying bigger and better PSU's. The need for a silent system has really hit off over the years and many enthusiasts are replacing their box standard powers supply with one that is marketed as 'Silent'. One new power supply out on the battlefield is the Cooler Master M850- labelled as Ultra Silent and of High Efficiency. Well, let's just see shall we. Link to Review: http://www.tech-reviews.co.uk/reviews/coolermaster-m850-power-supply/ Thumbnail: http://www.tech-reviews.co.uk/images/reviews/hardware/m850/thumb.jpg You may quote from the briefing above and use the provided thumbnail.

Hello fellow editors! Tech ARP ( http://www.techarp.com/ <http://www.techarp.com/>'>http://www.techarp.com/> ) has just posted An Interview With Palit. Quote - Recently, Vjeran Mandic had the opportunity to speak with David Makin, Palit Multimedia's Consumer Marketing Manager. The idea was to get a better idea of Palit, the hitherto little known manufacturer of graphics cards. They may not be as well-known as ASUS or Gigabyte but they are certainly more than just another manufacturer of reference-design graphics cards. We also wanted to know what they are doing to put their products ahead of their competitors and of course, their plans for the future. Here's a quote from the interview :- "I think we're differentiating ourselves on both the hardware design side as well as the marketing side. Sometimes I just sit back and laugh at what's going on. We launch a 1GB version, then the other guys do the same thing. We add three-phase power and some of them do the same thing." Direct URL - http://www.techarp.com/showarticle.aspx?artno=547 Logo URL - http://www.techarp.com/article/Palit/Interview_08/icon_big.png We would appreciate your help in getting the word out. Rest assured that we will reciprocate and post your news with all due haste. If you have any news, please feel free to send it to our news mailbox at news ( -at -) techarp.com. Thanks! Tech ARP http://www.techarp.com/ <http://www.techarp.com/>

TechwareLabs has published a review of the QNAP Turbo TS-409 NAS. Here's a clip from the review: Quote: Jason reviews the QNAP Turbo TS-409 network access storage device. The TS-409 is a SFF device designed to hold a lot of storage and fill a lot of needs. Find out if Jason liked the Turbo TS-409 and how easy or difficult the setup is. LINK: http://www.techwarelabs.com/reviews/storage/TS-409/ Title: QNAP Turbo TS-409 NAS Review ( -at -) TechwareLabs Image: http://www.techwarelabs.com/reviews/storage/TS-409/images/TS-409.jpg A news post would be greatly appreciated!

Hello All, Thermaltake M9 Case " Thermaltake makes an entire range of PC supplies including cases, cooling, hardware and much more. The last Thermaltake product I reviewed was the excellent Armor full tower case. Thermaltake is known for making great cases and the M9 looks like a mid tower case with ventilation as its prime agenda. Should the Antec Nine Hundred be worried? Perhaps... " Link: http://www.aselabs.com/articles.php?id=259 Thumb: http://www.aselabs.com/members/attachments/upload/2008/05/18/2603t.jpg By the way, website owners... want to win a Xbox 360 and make money in the process? http://www.ase.cc/articles.php?id=8 Thanks for the news post. -Aron GP: 34

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Glacialtech Altair A380 HTPC Case Link: http://www.techpowerup.com/reviews/Glacialtech/Altair_A380 Brief: The Altair A380 is an affordable slim HTPC case, with a very clean look coupled with a very durable construction. The included power supply is 80 Plus certified and can easily power today's mATX boards with multi core CPUs. Also included is an infrared remote control which is compatible with Windows Vista.

Hello, - Dragon Ball Z: Burst Limit Goku Video Trailer http://www.gamershell.com/news_51512.html - X-Blades Landscapes Details http://www.gamershell.com/news_51510.html - Tiger Woods PGA Tour 09 Screens http://www.gamershell.com/news_51508.html - Spore Creature Stage Unveiled and Screens #5 http://www.gamershell.com/news_51504.html - Pro Cycling Manager - Tour de France 2008 Screens #4 and Trailer http://www.gamershell.com/news_51506.html - My Baby Boy/Girl Trailer and Screens http://www.gamershell.com/news_51502.html - Lost Planet: Extreme Condition Colonies Edition in Stores http://www.gamershell.com/news_51500.html Best Regards, GamersHell.com Staff =============================================================================

Hello, - Theatre of War Available for Digital Purchase on Direct2Drive http://www.gamershell.com/news_51498.html - Snood Deluxe Ships and Screens #2 http://www.gamershell.com/news_51496.html - Family Table Tennis Released for WiiWare http://www.gamershell.com/news_51492.html - Combat Mission Shock Force - Marines Announced and Screens http://www.gamershell.com/news_51494.html - Super Dodgeball Brawlers Goes Retail and Screens #2 http://www.gamershell.com/news_51488.html - Race Driver: GRID UK Release Date and Damage Flashback Trailer http://www.gamershell.com/news_51490.html - Street Fighter IV Confirmed for PS3, Xbox 360 and PC http://www.gamershell.com/news_51486.html Best Regards, GamersHell.com Staff =============================================================================

Hi there, We've just posted our latest review and would love it if you linked it. TIA! "The Audiobyte certainly qualifies as both hi-fi and luxurious. The speakers are compact and well built, and they sound great. The major criticism is that the multi-box affair means you'll have to make a lot of space for the amplifier and the sub. Plus, the amplifier is only designed to power the speakers, so you can't connect external devices such as a videogames console or portable digital audio player. If these aren't issues and you're simply looking for a high-end speaker system for playing audio and games, the Audiobyte is a very satisfying and extremely honest sounding system. It may cost more than many competitors but it manages to deliver remarkably clean, neutral, high resolution sound in a very flexible and attractive package." http://www.biosmagazine.co.uk/rev.php?id=748 _____ Christian Harris Editor/Publisher BIOS (http://www.biosmagazine.co.uk) _____

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: samba security update Advisory ID: RHSA-2008:0288-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0288.html Issue date: 2008-05-28 CVE Names: CVE-2008-1105 ===================================================================== 1. Summary: Updated samba packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3, and Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Samba is a suite of programs used by machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the way Samba clients handle over-sized packets. If a client connected to a malicious Samba server, it was possible to execute arbitrary code as the Samba client user. It was also possible for a remote user to send a specially crafted print request to a Samba server that could result in the server executing the vulnerable client code, resulting in arbitrary code execution with the permissions of the Samba server. (CVE-2008-1105) Red Hat would like to thank Alin Rad Pop of Secunia Research for responsibly disclosing this issue. Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 446724 - CVE-2008-1105 Samba client buffer overflow 6. Package List: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 : Source: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/samba-2.2.12-1.21as.9.3.src.rpm i386: samba-2.2.12-1.21as.9.3.i386.rpm samba-client-2.2.12-1.21as.9.3.i386.rpm samba-common-2.2.12-1.21as.9.3.i386.rpm samba-swat-2.2.12-1.21as.9.3.i386.rpm ia64: samba-2.2.12-1.21as.9.3.ia64.rpm samba-client-2.2.12-1.21as.9.3.ia64.rpm samba-common-2.2.12-1.21as.9.3.ia64.rpm samba-swat-2.2.12-1.21as.9.3.ia64.rpm Red Hat Linux Advanced Workstation 2.1: Source: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/samba-2.2.12-1.21as.9.3.src.rpm ia64: samba-2.2.12-1.21as.9.3.ia64.rpm samba-client-2.2.12-1.21as.9.3.ia64.rpm samba-common-2.2.12-1.21as.9.3.ia64.rpm samba-swat-2.2.12-1.21as.9.3.ia64.rpm Red Hat Enterprise Linux ES version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/samba-2.2.12-1.21as.9.3.src.rpm i386: samba-2.2.12-1.21as.9.3.i386.rpm samba-client-2.2.12-1.21as.9.3.i386.rpm samba-common-2.2.12-1.21as.9.3.i386.rpm samba-swat-2.2.12-1.21as.9.3.i386.rpm Red Hat Enterprise Linux WS version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/samba-2.2.12-1.21as.9.3.src.rpm i386: samba-2.2.12-1.21as.9.3.i386.rpm samba-client-2.2.12-1.21as.9.3.i386.rpm samba-common-2.2.12-1.21as.9.3.i386.rpm samba-swat-2.2.12-1.21as.9.3.i386.rpm Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/samba-3.0.9-1.3E.15.src.rpm i386: samba-3.0.9-1.3E.15.i386.rpm samba-client-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-swat-3.0.9-1.3E.15.i386.rpm ia64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.ia64.rpm samba-client-3.0.9-1.3E.15.ia64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.ia64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.ia64.rpm samba-swat-3.0.9-1.3E.15.ia64.rpm ppc: samba-3.0.9-1.3E.15.ppc.rpm samba-3.0.9-1.3E.15.ppc64.rpm samba-client-3.0.9-1.3E.15.ppc.rpm samba-common-3.0.9-1.3E.15.ppc.rpm samba-common-3.0.9-1.3E.15.ppc64.rpm samba-debuginfo-3.0.9-1.3E.15.ppc.rpm samba-debuginfo-3.0.9-1.3E.15.ppc64.rpm samba-swat-3.0.9-1.3E.15.ppc.rpm s390: samba-3.0.9-1.3E.15.s390.rpm samba-client-3.0.9-1.3E.15.s390.rpm samba-common-3.0.9-1.3E.15.s390.rpm samba-debuginfo-3.0.9-1.3E.15.s390.rpm samba-swat-3.0.9-1.3E.15.s390.rpm s390x: samba-3.0.9-1.3E.15.s390.rpm samba-3.0.9-1.3E.15.s390x.rpm samba-client-3.0.9-1.3E.15.s390x.rpm samba-common-3.0.9-1.3E.15.s390.rpm samba-common-3.0.9-1.3E.15.s390x.rpm samba-debuginfo-3.0.9-1.3E.15.s390.rpm samba-debuginfo-3.0.9-1.3E.15.s390x.rpm samba-swat-3.0.9-1.3E.15.s390x.rpm x86_64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.x86_64.rpm samba-client-3.0.9-1.3E.15.x86_64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.x86_64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.x86_64.rpm samba-swat-3.0.9-1.3E.15.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/samba-3.0.9-1.3E.15.src.rpm i386: samba-3.0.9-1.3E.15.i386.rpm samba-client-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-swat-3.0.9-1.3E.15.i386.rpm x86_64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.x86_64.rpm samba-client-3.0.9-1.3E.15.x86_64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.x86_64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.x86_64.rpm samba-swat-3.0.9-1.3E.15.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/samba-3.0.9-1.3E.15.src.rpm i386: samba-3.0.9-1.3E.15.i386.rpm samba-client-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-swat-3.0.9-1.3E.15.i386.rpm ia64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.ia64.rpm samba-client-3.0.9-1.3E.15.ia64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.ia64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.ia64.rpm samba-swat-3.0.9-1.3E.15.ia64.rpm x86_64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.x86_64.rpm samba-client-3.0.9-1.3E.15.x86_64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.x86_64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.x86_64.rpm samba-swat-3.0.9-1.3E.15.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/samba-3.0.9-1.3E.15.src.rpm i386: samba-3.0.9-1.3E.15.i386.rpm samba-client-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-swat-3.0.9-1.3E.15.i386.rpm ia64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.ia64.rpm samba-client-3.0.9-1.3E.15.ia64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.ia64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.ia64.rpm samba-swat-3.0.9-1.3E.15.ia64.rpm x86_64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.x86_64.rpm samba-client-3.0.9-1.3E.15.x86_64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.x86_64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.x86_64.rpm samba-swat-3.0.9-1.3E.15.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.25b-1.el4_6.5.src.rpm i386: samba-3.0.25b-1.el4_6.5.i386.rpm samba-client-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-swat-3.0.25b-1.el4_6.5.i386.rpm ia64: samba-3.0.25b-1.el4_6.5.ia64.rpm samba-client-3.0.25b-1.el4_6.5.ia64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.ia64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.ia64.rpm samba-swat-3.0.25b-1.el4_6.5.ia64.rpm ppc: samba-3.0.25b-1.el4_6.5.ppc.rpm samba-client-3.0.25b-1.el4_6.5.ppc.rpm samba-common-3.0.25b-1.el4_6.5.ppc.rpm samba-common-3.0.25b-1.el4_6.5.ppc64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.ppc.rpm samba-debuginfo-3.0.25b-1.el4_6.5.ppc64.rpm samba-swat-3.0.25b-1.el4_6.5.ppc.rpm s390: samba-3.0.25b-1.el4_6.5.s390.rpm samba-client-3.0.25b-1.el4_6.5.s390.rpm samba-common-3.0.25b-1.el4_6.5.s390.rpm samba-debuginfo-3.0.25b-1.el4_6.5.s390.rpm samba-swat-3.0.25b-1.el4_6.5.s390.rpm s390x: samba-3.0.25b-1.el4_6.5.s390x.rpm samba-client-3.0.25b-1.el4_6.5.s390x.rpm samba-common-3.0.25b-1.el4_6.5.s390.rpm samba-common-3.0.25b-1.el4_6.5.s390x.rpm samba-debuginfo-3.0.25b-1.el4_6.5.s390.rpm samba-debuginfo-3.0.25b-1.el4_6.5.s390x.rpm samba-swat-3.0.25b-1.el4_6.5.s390x.rpm x86_64: samba-3.0.25b-1.el4_6.5.x86_64.rpm samba-client-3.0.25b-1.el4_6.5.x86_64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.x86_64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.x86_64.rpm samba-swat-3.0.25b-1.el4_6.5.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.25b-1.el4_6.5.src.rpm i386: samba-3.0.25b-1.el4_6.5.i386.rpm samba-client-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-swat-3.0.25b-1.el4_6.5.i386.rpm x86_64: samba-3.0.25b-1.el4_6.5.x86_64.rpm samba-client-3.0.25b-1.el4_6.5.x86_64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.x86_64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.x86_64.rpm samba-swat-3.0.25b-1.el4_6.5.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.25b-1.el4_6.5.src.rpm i386: samba-3.0.25b-1.el4_6.5.i386.rpm samba-client-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-swat-3.0.25b-1.el4_6.5.i386.rpm ia64: samba-3.0.25b-1.el4_6.5.ia64.rpm samba-client-3.0.25b-1.el4_6.5.ia64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.ia64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.ia64.rpm samba-swat-3.0.25b-1.el4_6.5.ia64.rpm x86_64: samba-3.0.25b-1.el4_6.5.x86_64.rpm samba-client-3.0.25b-1.el4_6.5.x86_64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.x86_64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.x86_64.rpm samba-swat-3.0.25b-1.el4_6.5.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.25b-1.el4_6.5.src.rpm i386: samba-3.0.25b-1.el4_6.5.i386.rpm samba-client-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-swat-3.0.25b-1.el4_6.5.i386.rpm ia64: samba-3.0.25b-1.el4_6.5.ia64.rpm samba-client-3.0.25b-1.el4_6.5.ia64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.ia64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.ia64.rpm samba-swat-3.0.25b-1.el4_6.5.ia64.rpm x86_64: samba-3.0.25b-1.el4_6.5.x86_64.rpm samba-client-3.0.25b-1.el4_6.5.x86_64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.x86_64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.x86_64.rpm samba-swat-3.0.25b-1.el4_6.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFIPTyzXlSAg2UNWIIRAu3pAJ9Dv0aumYX9Cj3fEVeYEmG7EhDPsACePUUg /bz+nxUKpfRlI7/Cut90x3c= =qOCo -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: samba security update Advisory ID: RHSA-2008:0288-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0288.html Issue date: 2008-05-28 CVE Names: CVE-2008-1105 ===================================================================== 1. Summary: Updated samba packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3, and Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Samba is a suite of programs used by machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the way Samba clients handle over-sized packets. If a client connected to a malicious Samba server, it was possible to execute arbitrary code as the Samba client user. It was also possible for a remote user to send a specially crafted print request to a Samba server that could result in the server executing the vulnerable client code, resulting in arbitrary code execution with the permissions of the Samba server. (CVE-2008-1105) Red Hat would like to thank Alin Rad Pop of Secunia Research for responsibly disclosing this issue. Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 446724 - CVE-2008-1105 Samba client buffer overflow 6. Package List: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 : Source: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/samba-2.2.12-1.21as.9.3.src.rpm i386: samba-2.2.12-1.21as.9.3.i386.rpm samba-client-2.2.12-1.21as.9.3.i386.rpm samba-common-2.2.12-1.21as.9.3.i386.rpm samba-swat-2.2.12-1.21as.9.3.i386.rpm ia64: samba-2.2.12-1.21as.9.3.ia64.rpm samba-client-2.2.12-1.21as.9.3.ia64.rpm samba-common-2.2.12-1.21as.9.3.ia64.rpm samba-swat-2.2.12-1.21as.9.3.ia64.rpm Red Hat Linux Advanced Workstation 2.1: Source: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/samba-2.2.12-1.21as.9.3.src.rpm ia64: samba-2.2.12-1.21as.9.3.ia64.rpm samba-client-2.2.12-1.21as.9.3.ia64.rpm samba-common-2.2.12-1.21as.9.3.ia64.rpm samba-swat-2.2.12-1.21as.9.3.ia64.rpm Red Hat Enterprise Linux ES version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/samba-2.2.12-1.21as.9.3.src.rpm i386: samba-2.2.12-1.21as.9.3.i386.rpm samba-client-2.2.12-1.21as.9.3.i386.rpm samba-common-2.2.12-1.21as.9.3.i386.rpm samba-swat-2.2.12-1.21as.9.3.i386.rpm Red Hat Enterprise Linux WS version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/samba-2.2.12-1.21as.9.3.src.rpm i386: samba-2.2.12-1.21as.9.3.i386.rpm samba-client-2.2.12-1.21as.9.3.i386.rpm samba-common-2.2.12-1.21as.9.3.i386.rpm samba-swat-2.2.12-1.21as.9.3.i386.rpm Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/samba-3.0.9-1.3E.15.src.rpm i386: samba-3.0.9-1.3E.15.i386.rpm samba-client-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-swat-3.0.9-1.3E.15.i386.rpm ia64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.ia64.rpm samba-client-3.0.9-1.3E.15.ia64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.ia64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.ia64.rpm samba-swat-3.0.9-1.3E.15.ia64.rpm ppc: samba-3.0.9-1.3E.15.ppc.rpm samba-3.0.9-1.3E.15.ppc64.rpm samba-client-3.0.9-1.3E.15.ppc.rpm samba-common-3.0.9-1.3E.15.ppc.rpm samba-common-3.0.9-1.3E.15.ppc64.rpm samba-debuginfo-3.0.9-1.3E.15.ppc.rpm samba-debuginfo-3.0.9-1.3E.15.ppc64.rpm samba-swat-3.0.9-1.3E.15.ppc.rpm s390: samba-3.0.9-1.3E.15.s390.rpm samba-client-3.0.9-1.3E.15.s390.rpm samba-common-3.0.9-1.3E.15.s390.rpm samba-debuginfo-3.0.9-1.3E.15.s390.rpm samba-swat-3.0.9-1.3E.15.s390.rpm s390x: samba-3.0.9-1.3E.15.s390.rpm samba-3.0.9-1.3E.15.s390x.rpm samba-client-3.0.9-1.3E.15.s390x.rpm samba-common-3.0.9-1.3E.15.s390.rpm samba-common-3.0.9-1.3E.15.s390x.rpm samba-debuginfo-3.0.9-1.3E.15.s390.rpm samba-debuginfo-3.0.9-1.3E.15.s390x.rpm samba-swat-3.0.9-1.3E.15.s390x.rpm x86_64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.x86_64.rpm samba-client-3.0.9-1.3E.15.x86_64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.x86_64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.x86_64.rpm samba-swat-3.0.9-1.3E.15.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/samba-3.0.9-1.3E.15.src.rpm i386: samba-3.0.9-1.3E.15.i386.rpm samba-client-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-swat-3.0.9-1.3E.15.i386.rpm x86_64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.x86_64.rpm samba-client-3.0.9-1.3E.15.x86_64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.x86_64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.x86_64.rpm samba-swat-3.0.9-1.3E.15.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/samba-3.0.9-1.3E.15.src.rpm i386: samba-3.0.9-1.3E.15.i386.rpm samba-client-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-swat-3.0.9-1.3E.15.i386.rpm ia64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.ia64.rpm samba-client-3.0.9-1.3E.15.ia64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.ia64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.ia64.rpm samba-swat-3.0.9-1.3E.15.ia64.rpm x86_64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.x86_64.rpm samba-client-3.0.9-1.3E.15.x86_64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.x86_64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.x86_64.rpm samba-swat-3.0.9-1.3E.15.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/samba-3.0.9-1.3E.15.src.rpm i386: samba-3.0.9-1.3E.15.i386.rpm samba-client-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-swat-3.0.9-1.3E.15.i386.rpm ia64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.ia64.rpm samba-client-3.0.9-1.3E.15.ia64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.ia64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.ia64.rpm samba-swat-3.0.9-1.3E.15.ia64.rpm x86_64: samba-3.0.9-1.3E.15.i386.rpm samba-3.0.9-1.3E.15.x86_64.rpm samba-client-3.0.9-1.3E.15.x86_64.rpm samba-common-3.0.9-1.3E.15.i386.rpm samba-common-3.0.9-1.3E.15.x86_64.rpm samba-debuginfo-3.0.9-1.3E.15.i386.rpm samba-debuginfo-3.0.9-1.3E.15.x86_64.rpm samba-swat-3.0.9-1.3E.15.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.25b-1.el4_6.5.src.rpm i386: samba-3.0.25b-1.el4_6.5.i386.rpm samba-client-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-swat-3.0.25b-1.el4_6.5.i386.rpm ia64: samba-3.0.25b-1.el4_6.5.ia64.rpm samba-client-3.0.25b-1.el4_6.5.ia64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.ia64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.ia64.rpm samba-swat-3.0.25b-1.el4_6.5.ia64.rpm ppc: samba-3.0.25b-1.el4_6.5.ppc.rpm samba-client-3.0.25b-1.el4_6.5.ppc.rpm samba-common-3.0.25b-1.el4_6.5.ppc.rpm samba-common-3.0.25b-1.el4_6.5.ppc64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.ppc.rpm samba-debuginfo-3.0.25b-1.el4_6.5.ppc64.rpm samba-swat-3.0.25b-1.el4_6.5.ppc.rpm s390: samba-3.0.25b-1.el4_6.5.s390.rpm samba-client-3.0.25b-1.el4_6.5.s390.rpm samba-common-3.0.25b-1.el4_6.5.s390.rpm samba-debuginfo-3.0.25b-1.el4_6.5.s390.rpm samba-swat-3.0.25b-1.el4_6.5.s390.rpm s390x: samba-3.0.25b-1.el4_6.5.s390x.rpm samba-client-3.0.25b-1.el4_6.5.s390x.rpm samba-common-3.0.25b-1.el4_6.5.s390.rpm samba-common-3.0.25b-1.el4_6.5.s390x.rpm samba-debuginfo-3.0.25b-1.el4_6.5.s390.rpm samba-debuginfo-3.0.25b-1.el4_6.5.s390x.rpm samba-swat-3.0.25b-1.el4_6.5.s390x.rpm x86_64: samba-3.0.25b-1.el4_6.5.x86_64.rpm samba-client-3.0.25b-1.el4_6.5.x86_64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.x86_64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.x86_64.rpm samba-swat-3.0.25b-1.el4_6.5.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.25b-1.el4_6.5.src.rpm i386: samba-3.0.25b-1.el4_6.5.i386.rpm samba-client-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-swat-3.0.25b-1.el4_6.5.i386.rpm x86_64: samba-3.0.25b-1.el4_6.5.x86_64.rpm samba-client-3.0.25b-1.el4_6.5.x86_64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.x86_64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.x86_64.rpm samba-swat-3.0.25b-1.el4_6.5.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.25b-1.el4_6.5.src.rpm i386: samba-3.0.25b-1.el4_6.5.i386.rpm samba-client-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-swat-3.0.25b-1.el4_6.5.i386.rpm ia64: samba-3.0.25b-1.el4_6.5.ia64.rpm samba-client-3.0.25b-1.el4_6.5.ia64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.ia64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.ia64.rpm samba-swat-3.0.25b-1.el4_6.5.ia64.rpm x86_64: samba-3.0.25b-1.el4_6.5.x86_64.rpm samba-client-3.0.25b-1.el4_6.5.x86_64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.x86_64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.x86_64.rpm samba-swat-3.0.25b-1.el4_6.5.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.25b-1.el4_6.5.src.rpm i386: samba-3.0.25b-1.el4_6.5.i386.rpm samba-client-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-swat-3.0.25b-1.el4_6.5.i386.rpm ia64: samba-3.0.25b-1.el4_6.5.ia64.rpm samba-client-3.0.25b-1.el4_6.5.ia64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.ia64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.ia64.rpm samba-swat-3.0.25b-1.el4_6.5.ia64.rpm x86_64: samba-3.0.25b-1.el4_6.5.x86_64.rpm samba-client-3.0.25b-1.el4_6.5.x86_64.rpm samba-common-3.0.25b-1.el4_6.5.i386.rpm samba-common-3.0.25b-1.el4_6.5.x86_64.rpm samba-debuginfo-3.0.25b-1.el4_6.5.i386.rpm samba-debuginfo-3.0.25b-1.el4_6.5.x86_64.rpm samba-swat-3.0.25b-1.el4_6.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFIPTyzXlSAg2UNWIIRAu3pAJ9Dv0aumYX9Cj3fEVeYEmG7EhDPsACePUUg /bz+nxUKpfRlI7/Cut90x3c= =qOCo -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: samba security update Advisory ID: RHSA-2008:0289-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0289.html Issue date: 2008-05-28 CVE Names: CVE-2008-1105 ===================================================================== 1. Summary: Updated samba packages that fix a security issue are now available for Red Hat Enterprise Linux 4.5 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4.5.z - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 4.5.z - i386, ia64, x86_64 3. Description: Samba is a suite of programs used by machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the way Samba clients handle over-sized packets. If a client connected to a malicious Samba server, it was possible to execute arbitrary code as the Samba client user. It was also possible for a remote user to send a specially crafted print request to a Samba server that could result in the server executing the vulnerable client code, resulting in arbitrary code execution with the permissions of the Samba server. (CVE-2008-1105) Red Hat would like to thank Alin Rad Pop of Secunia Research for responsibly disclosing this issue. Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 446724 - CVE-2008-1105 Samba client buffer overflow 6. Package List: Red Hat Enterprise Linux AS version 4.5.z: Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/4AS-4.5.z/en/os/SRPMS/samba-3.0.10-2.el4_5.3.src.rpm i386: samba-3.0.10-2.el4_5.3.i386.rpm samba-client-3.0.10-2.el4_5.3.i386.rpm samba-common-3.0.10-2.el4_5.3.i386.rpm samba-debuginfo-3.0.10-2.el4_5.3.i386.rpm samba-swat-3.0.10-2.el4_5.3.i386.rpm ia64: samba-3.0.10-2.el4_5.3.ia64.rpm samba-client-3.0.10-2.el4_5.3.ia64.rpm samba-common-3.0.10-2.el4_5.3.i386.rpm samba-common-3.0.10-2.el4_5.3.ia64.rpm samba-debuginfo-3.0.10-2.el4_5.3.i386.rpm samba-debuginfo-3.0.10-2.el4_5.3.ia64.rpm samba-swat-3.0.10-2.el4_5.3.ia64.rpm ppc: samba-3.0.10-2.el4_5.3.ppc.rpm samba-client-3.0.10-2.el4_5.3.ppc.rpm samba-common-3.0.10-2.el4_5.3.ppc.rpm samba-common-3.0.10-2.el4_5.3.ppc64.rpm samba-debuginfo-3.0.10-2.el4_5.3.ppc.rpm samba-debuginfo-3.0.10-2.el4_5.3.ppc64.rpm samba-swat-3.0.10-2.el4_5.3.ppc.rpm s390: samba-3.0.10-2.el4_5.3.s390.rpm samba-client-3.0.10-2.el4_5.3.s390.rpm samba-common-3.0.10-2.el4_5.3.s390.rpm samba-debuginfo-3.0.10-2.el4_5.3.s390.rpm samba-swat-3.0.10-2.el4_5.3.s390.rpm s390x: samba-3.0.10-2.el4_5.3.s390x.rpm samba-client-3.0.10-2.el4_5.3.s390x.rpm samba-common-3.0.10-2.el4_5.3.s390.rpm samba-common-3.0.10-2.el4_5.3.s390x.rpm samba-debuginfo-3.0.10-2.el4_5.3.s390.rpm samba-debuginfo-3.0.10-2.el4_5.3.s390x.rpm samba-swat-3.0.10-2.el4_5.3.s390x.rpm x86_64: samba-3.0.10-2.el4_5.3.x86_64.rpm samba-client-3.0.10-2.el4_5.3.x86_64.rpm samba-common-3.0.10-2.el4_5.3.i386.rpm samba-common-3.0.10-2.el4_5.3.x86_64.rpm samba-debuginfo-3.0.10-2.el4_5.3.i386.rpm samba-debuginfo-3.0.10-2.el4_5.3.x86_64.rpm samba-swat-3.0.10-2.el4_5.3.x86_64.rpm Red Hat Enterprise Linux ES version 4.5.z: Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/4ES-4.5.z/en/os/SRPMS/samba-3.0.10-2.el4_5.3.src.rpm i386: samba-3.0.10-2.el4_5.3.i386.rpm samba-client-3.0.10-2.el4_5.3.i386.rpm samba-common-3.0.10-2.el4_5.3.i386.rpm samba-debuginfo-3.0.10-2.el4_5.3.i386.rpm samba-swat-3.0.10-2.el4_5.3.i386.rpm ia64: samba-3.0.10-2.el4_5.3.ia64.rpm samba-client-3.0.10-2.el4_5.3.ia64.rpm samba-common-3.0.10-2.el4_5.3.i386.rpm samba-common-3.0.10-2.el4_5.3.ia64.rpm samba-debuginfo-3.0.10-2.el4_5.3.i386.rpm samba-debuginfo-3.0.10-2.el4_5.3.ia64.rpm samba-swat-3.0.10-2.el4_5.3.ia64.rpm x86_64: samba-3.0.10-2.el4_5.3.x86_64.rpm samba-client-3.0.10-2.el4_5.3.x86_64.rpm samba-common-3.0.10-2.el4_5.3.i386.rpm samba-common-3.0.10-2.el4_5.3.x86_64.rpm samba-debuginfo-3.0.10-2.el4_5.3.i386.rpm samba-debuginfo-3.0.10-2.el4_5.3.x86_64.rpm samba-swat-3.0.10-2.el4_5.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFIPT3VXlSAg2UNWIIRAtsZAJ0cVISthJMXoiZuLOelKm3N/hHYiACfVQzJ pvZ3dbagE61N2RKJ0MCHpIw= =xsKf -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: samba security and bug fix update Advisory ID: RHSA-2008:0290-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0290.html Issue date: 2008-05-28 CVE Names: CVE-2008-1105 ===================================================================== 1. Summary: Updated samba packages that fix a security issue and two bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: Samba is a suite of programs used by machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the way Samba clients handle over-sized packets. If a client connected to a malicious Samba server, it was possible to execute arbitrary code as the Samba client user. It was also possible for a remote user to send a specially crafted print request to a Samba server that could result in the server executing the vulnerable client code, resulting in arbitrary code execution with the permissions of the Samba server. (CVE-2008-1105) Red Hat would like to thank Alin Rad Pop of Secunia Research for responsibly disclosing this issue. This update also addresses two issues which prevented Samba from joining certain Windows domains with tightened security policies, and prevented certain signed SMB content from working as expected: * when some Windows® 2000-based domain controllers were set to use mandatory signing, Samba clients would drop the connection because of an error when generating signatures. This presented as a "Server packet had invalid SMB signature" error to the Samba client. This update corrects the signature generation error. * Samba servers using the "net ads join" command to connect to a Windows Server® 2003-based domain would fail with "failed to get schannel session key from server" and "NT_STATUS_ACCESS_DENIED" errors. This update correctly binds to the NETLOGON share, allowing Samba servers to connect to the domain properly. Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 444637 - Join fails with stricter w2k3 security options set 446724 - CVE-2008-1105 Samba client buffer overflow 447380 - Signing issue: "Server packet had invalid SMB signature" with some Win2K servers 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba-3.0.28-1.el5_2.1.src.rpm i386: samba-3.0.28-1.el5_2.1.i386.rpm samba-client-3.0.28-1.el5_2.1.i386.rpm samba-common-3.0.28-1.el5_2.1.i386.rpm samba-debuginfo-3.0.28-1.el5_2.1.i386.rpm samba-swat-3.0.28-1.el5_2.1.i386.rpm x86_64: samba-3.0.28-1.el5_2.1.x86_64.rpm samba-client-3.0.28-1.el5_2.1.x86_64.rpm samba-common-3.0.28-1.el5_2.1.i386.rpm samba-common-3.0.28-1.el5_2.1.x86_64.rpm samba-debuginfo-3.0.28-1.el5_2.1.i386.rpm samba-debuginfo-3.0.28-1.el5_2.1.x86_64.rpm samba-swat-3.0.28-1.el5_2.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/samba-3.0.28-1.el5_2.1.src.rpm i386: samba-3.0.28-1.el5_2.1.i386.rpm samba-client-3.0.28-1.el5_2.1.i386.rpm samba-common-3.0.28-1.el5_2.1.i386.rpm samba-debuginfo-3.0.28-1.el5_2.1.i386.rpm samba-swat-3.0.28-1.el5_2.1.i386.rpm ia64: samba-3.0.28-1.el5_2.1.ia64.rpm samba-client-3.0.28-1.el5_2.1.ia64.rpm samba-common-3.0.28-1.el5_2.1.ia64.rpm samba-debuginfo-3.0.28-1.el5_2.1.ia64.rpm samba-swat-3.0.28-1.el5_2.1.ia64.rpm ppc: samba-3.0.28-1.el5_2.1.ppc.rpm samba-client-3.0.28-1.el5_2.1.ppc.rpm samba-common-3.0.28-1.el5_2.1.ppc.rpm samba-common-3.0.28-1.el5_2.1.ppc64.rpm samba-debuginfo-3.0.28-1.el5_2.1.ppc.rpm samba-debuginfo-3.0.28-1.el5_2.1.ppc64.rpm samba-swat-3.0.28-1.el5_2.1.ppc.rpm s390x: samba-3.0.28-1.el5_2.1.s390x.rpm samba-client-3.0.28-1.el5_2.1.s390x.rpm samba-common-3.0.28-1.el5_2.1.s390.rpm samba-common-3.0.28-1.el5_2.1.s390x.rpm samba-debuginfo-3.0.28-1.el5_2.1.s390.rpm samba-debuginfo-3.0.28-1.el5_2.1.s390x.rpm samba-swat-3.0.28-1.el5_2.1.s390x.rpm x86_64: samba-3.0.28-1.el5_2.1.x86_64.rpm samba-client-3.0.28-1.el5_2.1.x86_64.rpm samba-common-3.0.28-1.el5_2.1.i386.rpm samba-common-3.0.28-1.el5_2.1.x86_64.rpm samba-debuginfo-3.0.28-1.el5_2.1.i386.rpm samba-debuginfo-3.0.28-1.el5_2.1.x86_64.rpm samba-swat-3.0.28-1.el5_2.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFIPUI3XlSAg2UNWIIRAhGDAJ4lNlcEJ3xZtcEpKJduiWJlPxzM/wCdHMMI AEiyDpvcbh+9UshgeD/Mkxc= =P29O -----END PGP SIGNATURE----- --

Hello, - World in Conflict v1.008 Patch http://www.gamershell.com/news_51484.html - Guns of August v1.23 Patch http://www.gamershell.com/news_51482.html Best Regards, GamersHell.com Staff =============================================================================

Today we look at the ASUS PQ5 Deluxe P45 Eaglelake Motherboard. SNIP: The Intel® P45 boards will sport a die shrink of the onboard components to 65nm as opposed to the previous 90nm standard. This die shrink would lead us to expect less power consumption as well as improved power efficiency. The P45 also offers official support for PCIe 2.0 with more adaptable lanes to help better support the use of multiple GPUs based on the CrossFire™ architecture. The P45 based boards will feature the new ICH10 series southbridge, which is extremely close in its feature set to its ICH9 brethren, but the primary difference between the two is the ICH10 series has removed LPT and legacy PATA support entirely. While not officially offering support for the new 1600 MHz FSB processors we have it on good authority that most of the P45 boards will support these chips. Armed with this information and a yearning to be one of the first to review this new and extremely tempting product we prevailed upon our friends at ASUS. They were kind enough to send us one of their P5Q Deluxe editions of this board. The P5Q Deluxe is one of ASUS's top of the line P45 based boards, and like the majority of these boards being released, utilizes DDR2 in lieu of the newer DDR3. We can only surmise this is to spare the consumer the substantial cost of the newer memory while still maintaining above average performance. It is our plan to directly test this board against its X48 counterpart; either fuelling the fires for compelling arguments or helping to extinguish them. http://www.bjorn3d.com/read.php?cID=1282 A post on your site would be great if you can. Thanks Scott -----------------------------------------

Hi all, We have just published a review of the *Asus P5Q Deluxe* motherboard, based on Intel's P45 Express chipset. If you could post a link on your site that would be very much appreciated. *Link:* http://www.bit-tech.net/hardware/2008/05/28/asus-p5q-deluxe-intel-p45-has-arrived/1 *Picture:* http://images.bit-tech.net/content_images/2008/05/asus-p5q-deluxe-intel-p45-has-arrived/fp_img.jpg *Quote: */"Asus has appealed to the budget conscious, feature loving, overclocking enthusiast very well indeed even though some of these features are mutually exclusive in use. It's not perfect but it's evidently a clear that this is a thorough evolution over previous Asus products, even previous P35 boards as a whole. It's raised the bar //massively for what mainstream should be compared to the previous generation, yet in almost every area it's still left us wanting more. Its hardware features are innovative and daring, but we find ourselves rhetorically questioning //"would I actually use it though?" If yes, then jump on it like it was made of gold. Asus has proved that its P45 P5Q Deluxe is a step up from P35, and almost emulates X48 but for far less money: it has our vote for this reason alone." /* *Cheers guys! Tim Smalley www.bit-tech.net

Hi News Posters, I have completed the review for the Razer Lycosa Gaming Keyboard. Title: Razer Lycosa Gaming Keyboard ( -at -) Tech-Reviews.co.uk Briefing: One of Razers' latest products is the Razer Lycosa and it is a more slim and compacted version of its big brother - the Razer Tarantula. However the Lycosa also brings some new features to the table such as a touch panel for media keys and the ability to transform any key into a macro button with the software provided. Link to Review: http://www.tech-reviews.co.uk/reviews/razer-lycosa-gaming-keyboard/ Thumbnail: http://www.tech-reviews.co.uk/images/reviews/hardware/lycosa/thumb.jpg You may quote from the briefing above and use the provided thumbnail.

I am pleased to announce the belated arrival of gnome-applets 2.22.2. This is the latest release in the stable 2.22 series. The reason for the tardiness of this release is alluded to in the codename. It can be found at: http://download.gnome.org/sources/gnome-applets/2.22/ The ChangeLog follows. - Callum Changes in GNOME-Applets 2.22.2 =============================== Codename: "Anya Made Me Do It" Changes since 2.22.1: - Fix the launching of the gnome-keyboard-properties dialog from the access applet. Documentation: - pt_BR translation of the stickynotes and multiload docs. - fi translation of the stickynotes, multiload, trashapplet, mixer and gweather docs. Translation updates: bg, hu _______________________________________________

Hello Again, Futurelooks tells you about COMPUTEX and why you should care... COMPUTEX Taipei 2008 - What Is It and Why You Should Care Trade shows represent an awesome venue for computer and electronics makers to show off their latest wares, getting all sorts of press attention for their newest innovations. At the same time, these computer expos also provide an excellent opportunity for people interested in the industry to visit with all of the major players in one convenient location. After taking on the largest consumer electronics show in the world known as CES, it’s time for the Futurelooks crew to head overseas to Taipei, Taiwan for the second largest computer show in the world known as COMPUTEX! Direct Link: http://www.futurelooks.com/computex-taipei-2008-what-is-it-and-why-you-should-care/ A post to your news would be most appreciated! Regards, -The Futurelooks Team- www.futurelooks.com

Hello Webmasters and News Posters, NEW CONTENT (Casing & Cooling) - Bgears b-Envi HTPC Enclosure QUOTE: "Bgears is a relatively new company that is creating some cool items that are being aimed at spe[censored]t areas of the PC market. An example of this is the HTPC enclosure being looked at today, the b-Envi. We plan on seeing if Bgears can come up with something that is different from the crowd, but at the same time we will check out the feature set to see if it is worthy of our hard-earned dollars. The first thing you notice about the b-Envi is the small stature. While this isn't uncommon in an HTPC case, most manufacturers have gone the route of making the box look like a piece of stereo equipment. Bgears has turned a different direction and have opted for an appearance like the old SFF cases, which actually had enough room inside to do something with." For more information, please visit - http://www.tweaktown.com/reviews/1438/bgears_b_envi_htpc_enclosure/index.html Best Regards, The TweakTown Team http://www.tweaktown.com

Hello Webmasters and News Posters, NEW CONTENT (Casing & Cooling) - Bgears b-Envi HTPC Enclosure QUOTE: "Bgears is a relatively new company that is creating some cool items that are being aimed at spe[censored]t areas of the PC market. An example of this is the HTPC enclosure being looked at today, the b-Envi. We plan on seeing if Bgears can come up with something that is different from the crowd, but at the same time we will check out the feature set to see if it is worthy of our hard-earned dollars. The first thing you notice about the b-Envi is the small stature. While this isn't uncommon in an HTPC case, most manufacturers have gone the route of making the box look like a piece of stereo equipment. Bgears has turned a different direction and have opted for an appearance like the old SFF cases, which actually had enough room inside to do something with." For more information, please visit - http://www.tweaktown.com/reviews/1438/bgears_b_envi_htpc_enclosure/index.html Best Regards, The TweakTown Team http://www.tweaktown.com

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] rdesktop (SSA:2008-148-01) New rdesktop packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix a security issue caused by using rdesktop to connect to a malicious or compromised RDP server. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801 Here are the details from the Slackware 12.1 ChangeLog: +--------------------------+ patches/packages/rdesktop-1.6.0-i486-1_slack12.1.tgz: Upgraded to rdesktop-1.6.0. According to the rdesktop ChangeLog, this contains a: "* Fix for potential vulnerability against compromised/malicious servers (reported by iDefense)" For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com. Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating additional FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/rdesktop-1.6.0-i486-1_slack11.0.tgz Updated package for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/rdesktop-1.6.0-i486-1_slack12.0.tgz Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/rdesktop-1.6.0-i486-1_slack12.1.tgz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/rdesktop-1.6.0-i486-1.tgz MD5 signatures: +-------------+ Slackware 11.0 package: e451e7af91e89791ef17d7254eafa16e rdesktop-1.6.0-i486-1_slack11.0.tgz Slackware 12.0 package: d63a47606886d8d3f00ae67e8f8cde5f rdesktop-1.6.0-i486-1_slack12.0.tgz Slackware 12.1 package: cd4c708a373d84bd559b6bf9f637ff73 rdesktop-1.6.0-i486-1_slack12.1.tgz Slackware -current package: ae267363051c7d0af749e4e95b69f862 rdesktop-1.6.0-i486-1.tgz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg rdesktop-1.6.0-i486-1_slack12.1.tgz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+