[RedHat] Mehrere Schwachstellen in Seamonkey – RHSA-2009:1432-01

[RedHat] Mehrere Schwachstellen in Seamonkey - RHSA-2009:1432-01

Von

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Liebe Kolleginnen und Kollegen,

soeben erreichte uns nachfolgendes RedHat Security Advisory. Wir geben
diese Informationen unveraendert an Sie weiter.

CVE-2009-2654 / MFSA 2009-44 – Spoofing des Location Bar Inhalts via window.open() Aufruf

In Firefox vor Version 3.5.2 bzw. 3.0.13 ist es moeglich, ueber einen
Aufruf von window.open() mit einer URL die ein ungueltiges Zeichen
enthaelt, ein Fenster zu oeffnen, bei dem der Inhalt der Location Bar
dem angegeben URL entspricht, jedoch Inhalte enthaelt, die aus einem
Aufruf von document.write() stammen (das Laden der Fehlerseite wird
rechtzeitig mit der stop Methode unterdrueckt). Falls der
document.write() Aufruf aus einer Seite mit einem gueltigen
SSL-Zertifikat kam, werden die Indikatoren bzgl. der Gueltigkeit des
Zertifikats aus dieser Seite uebernommen. Ein entfernter Angreifer
kann damit dem Benutzer vortaeuschen, dass die angezeigten Inhalte von
einer anderen URL stammen, als dies tatsaechlich der Fall ist. Dies
kann, speziell im Zusammenhang mit dem SSL Indikatoren fuer Phishing
Angriffe ausgenutzt werden.

CVE-2009-3077 / MFSA 2009-49 – Fehler bei der Verwaltung von Pointern in Mozilla TreeColumns XUL Elementen

Ein Fehler bei der Neudarstellung (Redraw) von TreeColumns aus XUL
Elementen fuehrt dazu, das einer der Pointer auf den Speicherbereich
eines bereits freigegebenen Objekts verweist. Dieser Bereich kann Code
enthalten, den ein entfernter Angreifer dort abgelegt hat, was ihm
ermoeglicht, diesen mit den Rechten des Benutzers auszufuehren.

CVE-2009-2408 – Fehler bei der Auswertung von Zertifikaten mit NULL Bytes in der NSS Bibliothek

Die Netscape Security Services Bibliothek (NSS) akzeptiert NULL
Zeichen im Domain Namen des CN-Felds eines Zertifikats. Ein Angreifer
kann diese Schwachstelle dazu ausnutzen, ein Zertifkat mit NULL
Zeichen zu konstruieren und damit vorgeben, das sein Zertifikat zu
einer anderen Site gehoert. Allerdings muss er dazu sein Zertifikat
von einer vertrauenswuerdigen CA signieren lassen. Auf diese Weise
kann er Man-in-the-Middle Angriffe durchfuehren und an vertrauliche
Daten des Benutzers gelangen.

CVE-2009-2409 – Verwendung des MD2 Algorithmus in der NSS Bibliothek

Die Netscape Security Services Bibliothek erlaubt die Verwendung
Zertifikaten, bei denen fuer Pruefsummen-Hash MD2 verwendet wird. Da
MD2 nicht mehr als sicherer Algorithmus gilt, koennte dies Angreifern
erleichtern, Zertifikate zu faelschen und so an vertrauliche
Informationen zu gelangen.

CVE-2009-3076 / MFSA 2009-48 – Fehlende Dialoge beim Hinzufuegen und Entfernen von PKCS11 Modulen

Die von Mozilla bei der Ausfuehrung der Operationen
pkcs11.deletemodule() und pkcs11.addmodule() angezeigten Dialoge
informieren den Benutzer nicht ausreichend. Diese Schwachstelle kann
es einem entfernten Angreifer erleichtern, ein PKCS11 Modul zu
entfernen oder ein neues hinzuzufuegen, wodurch die Sicherheit der
dort abgelegten Schluessel nicht gewaehrleistet ist.

Betroffen sind die folgenden Software Pakete und Plattformen:

Paket seamonkey

Red Hat Enterprise Linux AS version 3 – i386, ia64, ppc, s390, s390x,
x86_64
Red Hat Desktop version 3 – i386, x86_64
Red Hat Enterprise Linux ES version 3 – i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 – i386, ia64, x86_64

Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.

Hersteller Advisory:
https://rhn.redhat.com/errata/RHSA-2009-1432.html

(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.

Mit freundlichen Gruessen,
Klaus Moeller, DFN-CERT

– —
Dipl. Inform. Klaus Moeller (Incident Response Team)
Phone: +49 40 808077-555, Fax: +49 40 808077-556

DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrase 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

=====================================================================
Red Hat Security Advisory

Synopsis: Critical: seamonkey security update
Advisory ID: RHSA-2009:1432-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1432.html
Issue date: 2009-09-09
CVE Names: CVE-2009-2408 CVE-2009-2409 CVE-2009-2654
CVE-2009-3072 CVE-2009-3075 CVE-2009-3076
CVE-2009-3077
=====================================================================

1. Summary:

Updated seamonkey packages that fix several security issues are now
available for Red Hat Enterprise Linux 3.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 – i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 – i386, x86_64
Red Hat Enterprise Linux ES version 3 – i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 – i386, ia64, x86_64

3. Description:

SeaMonkey is an open source Web browser, email and newsgroup client, IRC
chat client, and HTML editor.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2009-3072, CVE-2009-3075)

A use-after-free flaw was found in SeaMonkey. An attacker could use this
flaw to crash SeaMonkey or, potentially, execute arbitrary code with the
privileges of the user running SeaMonkey. (CVE-2009-3077)

Dan Kaminsky discovered flaws in the way browsers such as SeaMonkey handle
NULL characters in a certificate. If an attacker is able to get a
carefully-crafted certificate signed by a Certificate Authority trusted by
SeaMonkey, the attacker could use the certificate during a
man-in-the-middle attack and potentially confuse SeaMonkey into accepting
it by mistake. (CVE-2009-2408)

Descriptions in the dialogs when adding and removing PKCS #11 modules were
not informative. An attacker able to trick a user into installing a
malicious PKCS #11 module could use this flaw to install their own
Certificate Authority certificates on a user’s machine, making it possible
to trick the user into believing they are viewing a trusted site or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2009-3076)

A flaw was found in the way SeaMonkey displays the address bar when
window.open() is called in a certain way. An attacker could use this flaw
to conceal a malicious URL, possibly tricking a user into believing they
are viewing a trusted site. (CVE-2009-2654)

Dan Kaminsky found that browsers still accept certificates with MD2 hash
signatures, even though MD2 is no longer considered a cryptographically
strong algorithm. This could make it easier for an attacker to create a
malicious certificate that would be treated as trusted by a browser. NSS
(provided by SeaMonkey) now disables the use of MD2 and MD4 algorithms
inside signatures by default. (CVE-2009-2409)

All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

510197 – CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky)
510251 – CVE-2009-2408 firefox/nss: doesn’t handle NULL in Common Name properly
521311 – CVE-2009-2654 firefox: URL bar spoofing vulnerability
521688 – CVE-2009-3072 Firefox 3.5.3 3.0.14 browser engine crashes
521691 – CVE-2009-3075 Firefox 3.5.2 3.0.14 JavaScript engine crashes
521692 – CVE-2009-3076 Firefox 3.0.14 Insufficient warning for PKCS11 module installation and removal
521693 – CVE-2009-3077 Firefox 3.5.3 3.0.14 TreeColumns dangling pointer vulnerability

6. Package List:

Red Hat Enterprise Linux AS version 3:

Source:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/seamonkey-1.0.9-0.45.el3.src.rpm

i386:
seamonkey-1.0.9-0.45.el3.i386.rpm
seamonkey-chat-1.0.9-0.45.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.i386.rpm
seamonkey-devel-1.0.9-0.45.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.i386.rpm
seamonkey-mail-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.i386.rpm

ia64:
seamonkey-1.0.9-0.45.el3.ia64.rpm
seamonkey-chat-1.0.9-0.45.el3.ia64.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.ia64.rpm
seamonkey-devel-1.0.9-0.45.el3.ia64.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.ia64.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.ia64.rpm
seamonkey-mail-1.0.9-0.45.el3.ia64.rpm
seamonkey-nspr-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-1.0.9-0.45.el3.ia64.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.ia64.rpm
seamonkey-nss-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-1.0.9-0.45.el3.ia64.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.ia64.rpm

ppc:
seamonkey-1.0.9-0.45.el3.ppc.rpm
seamonkey-chat-1.0.9-0.45.el3.ppc.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.ppc.rpm
seamonkey-devel-1.0.9-0.45.el3.ppc.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.ppc.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.ppc.rpm
seamonkey-mail-1.0.9-0.45.el3.ppc.rpm
seamonkey-nspr-1.0.9-0.45.el3.ppc.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.ppc.rpm
seamonkey-nss-1.0.9-0.45.el3.ppc.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.ppc.rpm

s390:
seamonkey-1.0.9-0.45.el3.s390.rpm
seamonkey-chat-1.0.9-0.45.el3.s390.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.s390.rpm
seamonkey-devel-1.0.9-0.45.el3.s390.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.s390.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.s390.rpm
seamonkey-mail-1.0.9-0.45.el3.s390.rpm
seamonkey-nspr-1.0.9-0.45.el3.s390.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.s390.rpm
seamonkey-nss-1.0.9-0.45.el3.s390.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.s390.rpm

s390x:
seamonkey-1.0.9-0.45.el3.s390x.rpm
seamonkey-chat-1.0.9-0.45.el3.s390x.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.s390.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.s390x.rpm
seamonkey-devel-1.0.9-0.45.el3.s390x.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.s390x.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.s390x.rpm
seamonkey-mail-1.0.9-0.45.el3.s390x.rpm
seamonkey-nspr-1.0.9-0.45.el3.s390.rpm
seamonkey-nspr-1.0.9-0.45.el3.s390x.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.s390x.rpm
seamonkey-nss-1.0.9-0.45.el3.s390.rpm
seamonkey-nss-1.0.9-0.45.el3.s390x.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.s390x.rpm

x86_64:
seamonkey-1.0.9-0.45.el3.i386.rpm
seamonkey-1.0.9-0.45.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.45.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.45.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.x86_64.rpm

Red Hat Desktop version 3:

Source:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/seamonkey-1.0.9-0.45.el3.src.rpm

i386:
seamonkey-1.0.9-0.45.el3.i386.rpm
seamonkey-chat-1.0.9-0.45.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.i386.rpm
seamonkey-devel-1.0.9-0.45.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.i386.rpm
seamonkey-mail-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.i386.rpm

x86_64:
seamonkey-1.0.9-0.45.el3.i386.rpm
seamonkey-1.0.9-0.45.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.45.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.45.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

Source:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/seamonkey-1.0.9-0.45.el3.src.rpm

i386:
seamonkey-1.0.9-0.45.el3.i386.rpm
seamonkey-chat-1.0.9-0.45.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.i386.rpm
seamonkey-devel-1.0.9-0.45.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.i386.rpm
seamonkey-mail-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.i386.rpm

ia64:
seamonkey-1.0.9-0.45.el3.ia64.rpm
seamonkey-chat-1.0.9-0.45.el3.ia64.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.ia64.rpm
seamonkey-devel-1.0.9-0.45.el3.ia64.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.ia64.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.ia64.rpm
seamonkey-mail-1.0.9-0.45.el3.ia64.rpm
seamonkey-nspr-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-1.0.9-0.45.el3.ia64.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.ia64.rpm
seamonkey-nss-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-1.0.9-0.45.el3.ia64.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.ia64.rpm

x86_64:
seamonkey-1.0.9-0.45.el3.i386.rpm
seamonkey-1.0.9-0.45.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.45.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.45.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

Source:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/seamonkey-1.0.9-0.45.el3.src.rpm

i386:
seamonkey-1.0.9-0.45.el3.i386.rpm
seamonkey-chat-1.0.9-0.45.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.i386.rpm
seamonkey-devel-1.0.9-0.45.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.i386.rpm
seamonkey-mail-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.i386.rpm

ia64:
seamonkey-1.0.9-0.45.el3.ia64.rpm
seamonkey-chat-1.0.9-0.45.el3.ia64.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.ia64.rpm
seamonkey-devel-1.0.9-0.45.el3.ia64.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.ia64.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.ia64.rpm
seamonkey-mail-1.0.9-0.45.el3.ia64.rpm
seamonkey-nspr-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-1.0.9-0.45.el3.ia64.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.ia64.rpm
seamonkey-nss-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-1.0.9-0.45.el3.ia64.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.ia64.rpm

x86_64:
seamonkey-1.0.9-0.45.el3.i386.rpm
seamonkey-1.0.9-0.45.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.45.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.45.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.45.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.45.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.45.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.45.el3.i386.rpm
seamonkey-nspr-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.45.el3.i386.rpm
seamonkey-nss-1.0.9-0.45.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.45.el3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2654
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3077
http://www.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
– —–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFKqD/UXlSAg2UNWIIRAiQCAKCuO5lkbfrBndvIqK3wEoxrRYxqigCfYp/3
Iynb/XHKIiazTq0NHRYvPS8=
=tVnm
– —–END PGP SIGNATURE—–
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFKqm4Sk0kIxZMiiQ8RAqHGAKCOsFtQw8LSEO2eOnXOv9abgR2KewCgonXL
AVd96Fm9K/kKDyVW/rIt6zA=
=euJz
—–END PGP SIGNATURE—–

© COMPUTEC MEDIA GmbH
Nach oben