Fixlet Site - PatchesforRedHatEnterpriseLinux
Current Version: 188	Published: Tue, 24 Apr 2007 00:20:39  GMT
***************************************************************
Title: RHBA-2007:0020 - Flash-Plugin Bug Fix Update - Red Hat Enterprise 3.0
Severity: <N/A>
Fixlet ID: 200702001
Fixlet Link: https://rhn.redhat.com/errata/RHBA-2007-0020.html

Fixlet Description: An updated flash-plugin package is now available which fix a number of bugs and adds support for Flash 9 web content. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0066 - Wireshark Security Update - Red Hat Enterprise 4.0 (x86_64)
Severity: Low
Fixlet ID: 200706604
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0066.html

Fixlet Description: New Wireshark packages that fix various security vulnerabilities are now available. Several denial of service bugs were found in Wireshark's LLT, IEEE 802.11, http, and tcp protocol dissectors. Please see patch page for more detailed information

***************************************************************
Title: RHSA-2007:0066 - Dependencies Needed - Red Hat Enterprise 4.0 (x86_64)
Severity: Low
Fixlet ID: 200706607
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0066.html

Fixlet Description: New Wireshark packages that fix various security vulnerabilities are now available. However, this update requires that the "x86-64"package "net-snmp" be installed and at least version "5.1.2-11".

***************************************************************
Title: RHSA-2007:0095 - Krb5 Security Update - Red Hat Enterprise 3.0 (x86_64)
Severity: Critical
Fixlet ID: 200709502
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0095.html

Fixlet Description: Updated krb5 packages that fix a number of issues are now available. A flaw was found in the username handling of the MIT krb5 telnet daemon (telnetd). A remote attacker who can access the telnet port of a target machine could log in as root without requiring a password. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0095 - Krb5 Security Update - Red Hat Enterprise 4.0 (x86_64)
Severity: Critical
Fixlet ID: 200709504
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0095.html

Fixlet Description: Updated krb5 packages that fix a number of issues are now available. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0123 - CUPS Security Update - Red Hat Enterprise 3.0
Severity: Moderate
Fixlet ID: 200712301
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0123.html

Fixlet Description: Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux. A bug was found in the way CUPS handled SSL negotiation. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0123 - CUPS Security Update - Red Hat Enterprise 4.0
Severity: Moderate
Fixlet ID: 200712303
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0123.html

Fixlet Description: Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. A bug was found in the way CUPS handled SSL negotiation.  A remote user capable of connecting to the CUPS daemon could cause a denial of service to other CUPS users.  (CVE-2007-0720) All users of CUPS should upgrade to these updated packages, which contain a backported patch introducing a timeout, which prevents connections being kept open for an arbitrarily long time.

***************************************************************
Title: RHSA-2007:0123 - CUPS Security Update - Red Hat Enterprise 4.0 (x86_64)
Severity: Moderate
Fixlet ID: 200712304
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0123.html

Fixlet Description: Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux. A bug was found in the way CUPS handled SSL negotiation. A remote user capable of connecting to the CUPS daemon could cause a denial of service to other CUPS users. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0125 - Xfree86 Security Update - Red Hat Enterprise 3.0 (x86_64)
Severity: Important
Fixlet ID: 200712502
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0125.html

Fixlet Description: Updated XFree86 packages that fix a number of security issues are now available for Red Hat Enterprise Linux 2.1 and 3. iDefense reported an integer overflow flaw in the XFree86 XC-MISC extension. A malicious authorized client could exploit this issue to cause a denial of service (crash) or potentially execute arbitrary code with root privileges on the XFree86 server. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0126 - Xorg-X11 Security Update - Red Hat Enterprise 4.0 (x86_64)
Severity: Important
Fixlet ID: 200712602
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0126.html

Fixlet Description: Updated X. org packages that fix several security issues are now available for Red Hat Enterprise Linux. iDefense reported an integer overflow flaw in the X. org XC-MISC extension. A malicious authorized client could exploit this issue to cause a denial of service (crash) or potentially execute arbitrary code with the privileges of the X. org server. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0150 - Freetype Security Update - Red Hat Enterprise 3.0
Severity: Moderate
Fixlet ID: 200715001
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0150.html

Fixlet Description: Updated freetype packages that fix a security flaw are now available for Red Hat Enterprise Linux. An integer overflow flaw was found in the way the FreeType font engine processed BDF font files. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0150 - Freetype Security Update - Red Hat Enterprise 4.0
Severity: Moderate
Fixlet ID: 200715003
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0150.html

Fixlet Description: Updated freetype packages that fix a security flaw are now available for Red Hat Enterprise Linux. An integer overflow flaw was found in the way the FreeType font engine processed BDF font files. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0150 - Freetype Security Update - Red Hat Enterprise 4.0 (x86_64)
Severity: Moderate
Fixlet ID: 200715004
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0150.html

Fixlet Description: Updated freetype packages that fix a security flaw are now available for Red Hat Enterprise Linux. An integer overflow flaw was found in the way the FreeType font engine processed BDF font files. If a user loaded a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or execute arbitrary code. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0152 - MySQL Security Update - Red Hat Enterprise 4.0 (x86_64)
Severity: Moderate
Fixlet ID: 200715202
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0152.html

Fixlet Description: Updated mysql packages that fix a security flaw are now available for Red Hat Enterprise Linux. A flaw was found in the way MySQL handled case sensitive database names. A user with the ability to create databases could gain unauthorized access to other databases hosted by the MySQL server. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0155 - PHP Security Update - Red Hat Enterprise 3.0
Severity: Important
Fixlet ID: 200715501
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0155.html

Fixlet Description: Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0155 - PHP Security Update - Red Hat Enterprise 4.0
Severity: Important
Fixlet ID: 200715503
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0155.html

Fixlet Description: Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0155 - PHP Security Update - Red Hat Enterprise 4.0 (x86_64)
Severity: Important
Fixlet ID: 200715504
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0155.html

Fixlet Description: Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux. A denial of service flaw was found in the way PHP processed a deeply nested array. A remote attacker could cause the PHP interpreter to crash by submitting an input variable with a deeply nested array. Please see patch page for more detailed information.

***************************************************************
Title: RHSA-2007:0155 - Dependencies Needed - Red Hat Enterprise 4.0 (x86_64)
Severity: Important
Fixlet ID: 200715505

Fixlet Description: Updated PHP packages that fix several security issues are now available. However, this update requires that the package 'mysql' be installed and at least version "4.1.20-2" if you have the package "php-mysql" installed.

***************************************************************
Title: RHSA-2007:0155 - Dependencies Needed - Red Hat Enterprise 4.0
Severity: Important
Fixlet ID: 200715506
Fixlet Link: https://rhn.redhat.com/errata/RHSA-2007-0155.html

Fixlet Description: Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux. However, this update requires that the package "mysql" be installed and at least version "4.1.20-2" when the package "php-mysql" is installed on the affected system.