[SECURITY] Fedora Core 3 Update: ethereal-0.10.13-1.FC3.1
by Radek Vokal
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1008
2005-10-20
---------------------------------------------------------------------
Product : Fedora Core 3
Name : ethereal
Version : 0.10.13
Release : 1.FC3.1
Summary : Network traffic analyzer
Description :
Ethereal is a network traffic analyzer for Unix-ish operating systems.
This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for ethereal. A graphical user interface is packaged
separately to GTK+ package.
---------------------------------------------------------------------
Update Information:
Ethereal 0.10.13 is scheduled to be released, which fixes
the following issues:
The ISAKMP dissector could exhaust system memory.
(CAN-2005-3241)
Fixed in: r15163
Bug IDs: none
Versions affected: 0.10.11 to 0.10.12.
The FC-FCS dissector could exhaust system memory.
(CAN-2005-3241)
Fixed in: r15204
Bug IDs: 312
Versions affected: 0.9.0 to 0.10.12.
The RSVP dissector could exhaust system memory.
(CAN-2005-3241)
Fixed in: r15206, r15600
Bug IDs: 311, 314, 382
Versions affected: 0.9.4 to 0.10.12.
The ISIS LSP dissector could exhaust system memory.
(CAN-2005-3241)
Fixed in: r15245
Bug IDs: 320, 326
Versions affected: 0.8.18 to 0.10.12.
The IrDA dissector could crash. (CAN-2005-3242)
Fixed in: r15265, r15267
Bug IDs: 328, 329, 330, 334, 335, 336
Versions affected: 0.10.0 to 0.10.12.
The SLIMP3 dissector could overflow a buffer. (CAN-2005-3243)
Fixed in: r15279
Bug IDs: 327
Versions affected: 0.9.1 to 0.10.12.
The BER dissector was susceptible to an infinite loop.
(CAN-2005-3244)
Fixed in: r15292
Bug IDs: none
Versions affected: 0.10.3 to 0.10.12.
The SCSI dissector could dereference a null pointer and
crash. (CAN-2005-3246)
Fixed in: r15289
Bug IDs: none
Versions affected: 0.10.3 to 0.10.12.
If the "Dissect unknown RPC program numbers" option was
enabled,
the ONC RPC dissector might be able to exhaust system memory.
This option is disabled by default. (CAN-2005-3245)
Fixed in: r15290
Bug IDs: none
Versions affected: 0.7.7 to 0.10.12.
The sFlow dissector could dereference a null pointer and
crash (CAN-2005-3246)
Fixed in: r15375
Bug IDs: 356
Versions affected: 0.9.14 to 0.10.12.
The RTnet dissector could dereference a null pointer and
crash (CAN-2005-3246)
Fixed in: r15673
Bug IDs: none
Versions affected: 0.10.8 to 0.10.12.
The SigComp UDVM could go into an infinite loop or crash.
(CAN-2005-3247)
Fixed in: r15715, r15901, r15919
Bug IDs: none
Versions affected: 0.10.12.
If SMB transaction payload reassembly is enabled the SMB
dissector could crash. This preference is disabled by
default. (CAN-2005-3242)
Fixed in: r15789
Bug IDs: 421
Versions affected: 0.9.7 to 0.10.12.
The X11 dissector could attempt to divide by zero.
(CAN-2005-3248)
Fixed in: r15927
Bug IDs: none
Versions affected: 0.10.1 to 0.10.12.
The AgentX dissector could overflow a buffer. (CAN-2005-3243)
Fixed in: r16003
Bug IDs: none
Versions affected: 0.10.10 to 0.10.12.
The WSP dissector could free an invalid pointer.
(CAN-2005-3249)
Fixed in: r16220
Bug IDs: none
Versions affected: 0.10.1 to 0.10.12.
iDEFENSE found a buffer overflow in the SRVLOC dissector.
(CAN-2005-3184)
Fixed in: r16206
Bug IDs: none
Versions affected: 0.10.0 to 0.10.12.
---------------------------------------------------------------------
* Thu Oct 20 2005 Radek Vokal <rvokal(a)redhat.com> 0.10.13-1.FC3.1
- upgrade to 0.10.13
- CAN-2005-3241 Multiple ethereal issues fixed (#171063)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
a48b54c05b43bac981d78c992ea76641 SRPMS/ethereal-0.10.13-1.FC3.1.src.rpm
a252cae35dcb8e250a4a8c7669ddc030 x86_64/ethereal-0.10.13-1.FC3.1.x86_64.rpm
385a3d9c59228e4f9bbe4a04f8204959 x86_64/ethereal-gnome-0.10.13-1.FC3.1.x86_64.rpm
7906202c0c483919a7f58097e0d173de x86_64/debug/ethereal-debuginfo-0.10.13-1.FC3.1.x86_64.rpm
2766dbd98a42cf92ec6e2aa0d7bc22ef i386/ethereal-0.10.13-1.FC3.1.i386.rpm
9dcca59c62f74348d72ffd6fa9239c1e i386/ethereal-gnome-0.10.13-1.FC3.1.i386.rpm
320f27a1a0c393d9e21b3c2a7ca65a1b i386/debug/ethereal-debuginfo-0.10.13-1.FC3.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 6 months
[SECURITY] Fedora Core 3 Update: kernel-2.6.12-1.1380_FC3
by Dave Jones
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1007
2005-10-20
---------------------------------------------------------------------
Product : Fedora Core 3
Name : kernel
Version : 2.6.12
Release : 1.1380_FC3
Summary : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.
---------------------------------------------------------------------
Update Information:
This update fixes the outstanding kernel security issues for
FC3, and fixes a number of regressions in the previous
update kernel.
---------------------------------------------------------------------
* Wed Oct 19 2005 Dave Jones <davej(a)redhat.com> [2.6.12-1.1380_FC3]
- CAN-2005-2973 (ipv6 infinite loop)
- CAN-2005-3179 (world writable drm sysfs file)
- CAN-2005-3180 (orinoco driver information leakage)
- CAN-2005-3181 (names_cache memory leak)
- Stop IDE claiming SATA ports in combined mode.
* Thu Oct 6 2005 Dave Jones <davej(a)redhat.com>
- Fix information leak in orinoco driver.
* Sun Oct 2 2005 Dave Jones <davej(a)redhat.com>
- Readd /proc/acpi/sleep
* Fri Sep 30 2005 Dave Jones <davej(a)redhat.com>
- fix no blue/fuzzy video on ibmcam (#148832)
* Fri Sep 30 2005 Dave Jones <davej(a)redhat.com>
- cut down stack usage in md layer. (#167173)
* Mon Sep 26 2005 Dave Jones <davej(a)redhat.com> [2.6.12-1.1379_FC3]
- Fix asm-x86_64 dependancy on asm-i386. (#150266)
* Sat Sep 24 2005 Dave Jones <davej(a)redhat.com>
- Remove bogus BUG_ON() in fs/exec.c (#160121)
- Power up pwc cameras by default. (#140258)
* Fri Sep 23 2005 Dave Jones <davej(a)redhat.com>
- Fix problem with toshiba_acpi. (#167218)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
b318d73186fd0fd67d766ed99a94cec4 SRPMS/kernel-2.6.12-1.1380_FC3.src.rpm
ff038e4704db0ee2db693d050099be8f x86_64/kernel-2.6.12-1.1380_FC3.x86_64.rpm
09286bbbde2549cd1900c457a2e3d660 x86_64/kernel-smp-2.6.12-1.1380_FC3.x86_64.rpm
523374734813254de7467001ee674466 x86_64/debug/kernel-debuginfo-2.6.12-1.1380_FC3.x86_64.rpm
445848618621530b6cc7baad2ef26d19 x86_64/kernel-doc-2.6.12-1.1380_FC3.noarch.rpm
d4a8de75b9266120516aa5b98c6e487d i386/kernel-2.6.12-1.1380_FC3.i586.rpm
3d73f07924f5bbfde019a125973d6629 i386/kernel-smp-2.6.12-1.1380_FC3.i586.rpm
3184729a9389d73853b45821a7f4e7c1 i386/debug/kernel-debuginfo-2.6.12-1.1380_FC3.i586.rpm
033ec1afcf74a67ef3bd0406683fc94d i386/kernel-2.6.12-1.1380_FC3.i686.rpm
ad156d8dd242346a518319402cde0025 i386/kernel-smp-2.6.12-1.1380_FC3.i686.rpm
8e1448a177888193f6db238f842acb92 i386/debug/kernel-debuginfo-2.6.12-1.1380_FC3.i686.rpm
445848618621530b6cc7baad2ef26d19 i386/kernel-doc-2.6.12-1.1380_FC3.noarch.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 6 months
[SECURITY] Fedora Core 3 Update: curl-7.12.3-4.fc3
by Ivana Varekova
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1000
2005-10-18
---------------------------------------------------------------------
Product : Fedora Core 3
Name : curl
Version : 7.12.3
Release : 4.fc3
Summary : A utility for getting files from remote servers (FTP, HTTP, and others).
Description :
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and
Dict servers, using any of the supported protocols. cURL is designed
to work without user interaction or any kind of interactivity. cURL
offers many useful capabilities, like proxy support, user
authentication, FTP upload, HTTP post, and file transfer resume.
---------------------------------------------------------------------
Update Information:
This package fixes a buffer overflow bug in NTLM
authentication code of curl (CAN-2005-3185).
---------------------------------------------------------------------
* Tue Oct 18 2005 Ivana Varekova <varekova(a)redhat.com> 7.12.3.4.fc3
- fix bug 170682 CAN-2005-3185 NTLM buffer overflow
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
cfe56d0b45d31bafe71f166360931eb8 SRPMS/curl-7.12.3-4.fc3.src.rpm
0cbeb4c1f65e1cf21992cdda8cd78134 x86_64/curl-7.12.3-4.fc3.x86_64.rpm
39e0ff077a453a7a7869f0027286f988 x86_64/curl-devel-7.12.3-4.fc3.x86_64.rpm
9c31f946e0821befba9c2e52fbf4868d x86_64/debug/curl-debuginfo-7.12.3-4.fc3.x86_64.rpm
723a4786b312c859cf627c7a64f1035e x86_64/curl-7.12.3-4.fc3.i386.rpm
723a4786b312c859cf627c7a64f1035e i386/curl-7.12.3-4.fc3.i386.rpm
a235e0390394f3647649e3aa821ea0d0 i386/curl-devel-7.12.3-4.fc3.i386.rpm
a0601fce1eea8b5fcf0702985b86eda8 i386/debug/curl-debuginfo-7.12.3-4.fc3.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 6 months
Fedora Core 4 Update: dhcp-3.0.2-24.FC4
by Jason Vas Dias
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-997
2005-10-17
---------------------------------------------------------------------
Product : Fedora Core 4
Name : dhcp
Version : 3.0.2
Release : 24.FC4
Summary : A DHCP (Dynamic Host Configuration Protocol) server and relay agent.
Description :
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network
configuration information (IP address, subnetmask, broadcast address,
etc.) from a DHCP server. The overall purpose of DHCP is to make it
easier to administer a large network. The dhcp package includes the
ISC DHCP service and relay agent.
To use DHCP on your network, install a DHCP service (or relay agent),
and on clients run a DHCP client daemon. The dhcp package provides
the ISC DHCP service and relay agent.
---------------------------------------------------------------------
* Mon Oct 17 2005 Jason Vas Dias <jvdias(a)redhat.com> - 11:3.0.2-24
- further fix for bug 160655 / ISC bug 15293 - upstream patch:
do NOT always strip trailing nulls in the dhcpd server
- handle static-routes option properly in dhclient-script
- fix bug 163367: supply default configuration file for dhcpd
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
20b4788ff2f86bce01eb4f72898d753e SRPMS/dhcp-3.0.2-24.FC4.src.rpm
a904341d5e9a95658d2f1a3265c1bdfa ppc/dhcp-3.0.2-24.FC4.ppc.rpm
23db3d35ec269cc03431fa8f0aa4ad64 ppc/dhclient-3.0.2-24.FC4.ppc.rpm
40c09e1b5df29f7b0752be6e2114cae5 ppc/dhcp-devel-3.0.2-24.FC4.ppc.rpm
1223dd52d0fdc3b095824adf8d523bf5 ppc/debug/dhcp-debuginfo-3.0.2-24.FC4.ppc.rpm
3963e8825f0ec9074bab7927d40212f0 x86_64/dhcp-3.0.2-24.FC4.x86_64.rpm
aa055fa8b7d32a16237508fb8a6fa93c x86_64/dhclient-3.0.2-24.FC4.x86_64.rpm
db7af5a8ccff0a0462d115a4eebacd3c x86_64/dhcp-devel-3.0.2-24.FC4.x86_64.rpm
74f613ed320d905d5e8b0c70fd77842a x86_64/debug/dhcp-debuginfo-3.0.2-24.FC4.x86_64.rpm
1bba4b26ba23a03726f9e4db1e5e63d6 i386/dhcp-3.0.2-24.FC4.i386.rpm
92bbe69fce57ba58ca1dfacf7e291bfc i386/dhclient-3.0.2-24.FC4.i386.rpm
e45c9ab7d2db96060269b2d1481c5b25 i386/dhcp-devel-3.0.2-24.FC4.i386.rpm
acb2c9595cd6c66cb85aab87d79b45d1 i386/debug/dhcp-debuginfo-3.0.2-24.FC4.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 6 months
Fedora Core 4 Update: selinux-policy-strict-1.27.1-2.6
by Daniel J Walsh
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-987
2005-10-17
---------------------------------------------------------------------
Product : Fedora Core 4
Name : selinux-policy-strict
Version : 1.27.1
Release : 2.6
Summary : SELinux strict policy configuration
Description :
Security-enhanced Linux is a patch of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.
This package contains the SELinux example policy configuration along
with the Flask configuration information and the application
configuration files.
---------------------------------------------------------------------
* Wed Oct 12 2005 Dan Walsh <dwalsh(a)redhat.com> 1.27.1-2.6
- Fixes for bluetooth and hal
* Tue Oct 11 2005 Dan Walsh <dwalsh(a)redhat.com> 1.27.1-2.5
- Update Amanda, pegusus, ftpd, apache to match upstream version
- Update Bluetooth, rsync
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
3af901b80fc7f3616a69965ae92e2b49 SRPMS/selinux-policy-strict-1.27.1-2.6.src.rpm
db0a82a8e9b5357cf65cc9ee8bd82221 x86_64/selinux-policy-strict-1.27.1-2.6.noarch.rpm
5e2c6f9dc9ce72858242ebab9ddc936b x86_64/selinux-policy-strict-sources-1.27.1-2.6.noarch.rpm
db0a82a8e9b5357cf65cc9ee8bd82221 i386/selinux-policy-strict-1.27.1-2.6.noarch.rpm
5e2c6f9dc9ce72858242ebab9ddc936b i386/selinux-policy-strict-sources-1.27.1-2.6.noarch.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 6 months
Fedora Core 4 Update: selinux-policy-targeted-1.27.1-2.6
by Daniel J Walsh
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-987
2005-10-17
---------------------------------------------------------------------
Product : Fedora Core 4
Name : selinux-policy-targeted
Version : 1.27.1
Release : 2.6
Summary : SELinux targeted policy configuration
Description :
Security-enhanced Linux is a patch of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.
This package contains the SELinux example policy configuration along
with the Flask configuration information and the application
configuration files.
---------------------------------------------------------------------
* Wed Oct 12 2005 Dan Walsh <dwalsh(a)redhat.com> 1.27.1-2.6
- Fixes for bluetooth and hal
* Tue Oct 11 2005 Dan Walsh <dwalsh(a)redhat.com> 1.27.1-2.5
- Update Amanda, pegusus, ftpd, apache to match upstream version
- Update Bluetooth, rsync
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
0ce91863c35dd30fea90a8cd2d259fa3 SRPMS/selinux-policy-targeted-1.27.1-2.6.src.rpm
d3e25b2eebf9aac124a0011bc2eacf74 x86_64/selinux-policy-targeted-1.27.1-2.6.noarch.rpm
561f732d67e8457261d66df8fa5c26a5 x86_64/selinux-policy-targeted-sources-1.27.1-2.6.noarch.rpm
d3e25b2eebf9aac124a0011bc2eacf74 i386/selinux-policy-targeted-1.27.1-2.6.noarch.rpm
561f732d67e8457261d66df8fa5c26a5 i386/selinux-policy-targeted-sources-1.27.1-2.6.noarch.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 6 months
[SECURITY] Fedora Core 3 Update: wget-1.10.2-0.fc3
by Karsten Hopp
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-996
2005-10-17
---------------------------------------------------------------------
Product : Fedora Core 3
Name : wget
Version : 1.10.2
Release : 0.fc3
Summary : A utility for retrieving files using the HTTP or FTP protocols.
Description :
GNU Wget is a file retrieval utility which can use either the HTTP or
FTP protocols. Wget features include the ability to work in the
background while you are logged out, recursive retrieval of
directories, file name wildcard matching, remote file timestamp
storage and comparison, use of Rest with FTP servers and Range with
HTTP servers to retrieve files over slow or unstable connections,
support for Proxy servers, and configurability.
---------------------------------------------------------------------
Update Information:
This package fixes a buffer overflow bug in the NTLM
authentication code of wget (CAN-2005-3185).
---------------------------------------------------------------------
* Mon Oct 17 2005 Karsten Hopp <karsten(a)redhat.de> 1.10.2-0.fc3
- update to 1.10.2
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
661fa23091aaef489317c4f854daf7ad SRPMS/wget-1.10.2-0.fc3.src.rpm
7b325efc3362fb5865d2d697612cffd9 x86_64/wget-1.10.2-0.fc3.x86_64.rpm
3a2349f1bb3e20f6e085f6cf9481b7dd x86_64/debug/wget-debuginfo-1.10.2-0.fc3.x86_64.rpm
1a77b2601aa6587b14dc8aca9a864a28 i386/wget-1.10.2-0.fc3.i386.rpm
f511fda5923e62ddfdbdfd8d5f09c005 i386/debug/wget-debuginfo-1.10.2-0.fc3.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 6 months
Fedora Core 4 Update: wget-1.10.2-0.fc4
by Karsten Hopp
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-995
2005-10-17
---------------------------------------------------------------------
Product : Fedora Core 4
Name : wget
Version : 1.10.2
Release : 0.fc4
Summary : A utility for retrieving files using the HTTP or FTP protocols.
Description :
GNU Wget is a file retrieval utility which can use either the HTTP or
FTP protocols. Wget features include the ability to work in the
background while you are logged out, recursive retrieval of
directories, file name wildcard matching, remote file timestamp
storage and comparison, use of Rest with FTP servers and Range with
HTTP servers to retrieve files over slow or unstable connections,
support for Proxy servers, and configurability.
---------------------------------------------------------------------
Update Information:
A buffer overflow bug has been found in the NTLM
authentication code of wget.
Wget-1.10.1-4.fc4 from Fedora Core 4 was compiled
using -D_FORTIFY_SOURCE=2 which catches and blocks this
issue. Therefore on Fedora Core 4 this can only result in
the program being aborted and isn't a security issue.
---------------------------------------------------------------------
* Mon Oct 17 2005 Karsten Hopp <karsten(a)redhat.de> 1.10.2-0.fc4
- update to 1.10.2
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
6ce9577d76ea0c88267c34fd7d1d1aad SRPMS/wget-1.10.2-0.fc4.src.rpm
db78cb22f1eb415e32d34569ad4f81cb ppc/wget-1.10.2-0.fc4.ppc.rpm
ea284450578ac9a153a18730835527f2 ppc/debug/wget-debuginfo-1.10.2-0.fc4.ppc.rpm
88080c53fd86f5b7a0334a9f6484ac8a x86_64/wget-1.10.2-0.fc4.x86_64.rpm
488a92421dafff74cb8e3cc89106ed14 x86_64/debug/wget-debuginfo-1.10.2-0.fc4.x86_64.rpm
9bbdc2015a49d125bbe78710b60b1836 i386/wget-1.10.2-0.fc4.i386.rpm
a0363875188d8502d5499b1ca54b4c0d i386/debug/wget-debuginfo-1.10.2-0.fc4.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 6 months
[SECURITY] Fedora Core 4 Update: lynx-2.8.5-23.1
by Tim Waugh
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-994
2005-10-17
---------------------------------------------------------------------
Product : Fedora Core 4
Name : lynx
Version : 2.8.5
Release : 23.1
Summary : A text-based Web browser.
Description :
Lynx is a text-based Web browser. Lynx does not display any images,
but it does support frames, tables, and most other HTML tags. One
advantage Lynx has over graphical browsers is speed; Lynx starts and
exits quickly and swiftly displays webpages.
---------------------------------------------------------------------
Update Information:
This package fixes a security bug (CAN-2005-3120) when
handling connections to NNTP (news) servers.
---------------------------------------------------------------------
* Tue Oct 11 2005 Tim Waugh <twaugh(a)redhat.com> 2.8.5-23.1
- Apply patch to fix CAN-2005-3120 (bug #170253).
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
0aff3f237d549faf4761df85fa7b5292 SRPMS/lynx-2.8.5-23.1.src.rpm
f35975eed95b9d3f54c04acbbc3ccde8 ppc/lynx-2.8.5-23.1.ppc.rpm
efdd58234b1ad7d5aa4cc74b92b3cd19 ppc/debug/lynx-debuginfo-2.8.5-23.1.ppc.rpm
491d61c1e642df2d97eeb68089875521 x86_64/lynx-2.8.5-23.1.x86_64.rpm
d5430134a3f81dd79c58467385f0ab1d x86_64/debug/lynx-debuginfo-2.8.5-23.1.x86_64.rpm
00b31da69c3edb8fe480f0017013386d i386/lynx-2.8.5-23.1.i386.rpm
d89bc8b6a3f3f8d74416b57a08d214f5 i386/debug/lynx-debuginfo-2.8.5-23.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 6 months
[SECURITY] Fedora Core 3 Update: lynx-2.8.5-18.0.1
by Tim Waugh
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-993
2005-10-17
---------------------------------------------------------------------
Product : Fedora Core 3
Name : lynx
Version : 2.8.5
Release : 18.0.1
Summary : A text-based Web browser.
Description :
Lynx is a text-based Web browser. Lynx does not display any images,
but it does support frames, tables, and most other HTML tags. One
advantage Lynx has over graphical browsers is speed; Lynx starts and
exits quickly and swiftly displays webpages.
---------------------------------------------------------------------
Update Information:
This package fixes a security bug (CAN-2005-3120) when
handling connections to NNTP (news) servers.
---------------------------------------------------------------------
* Tue Oct 11 2005 Tim Waugh <twaugh(a)redhat.com> 2.8.5-18.0.1
- Apply patch to fix CAN-2005-3120 (bug #170253).
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
fdbaaff433cb649b3885b831cfe9d538 SRPMS/lynx-2.8.5-18.0.1.src.rpm
2335e89d1ed378a38a12dcb9402f3cec x86_64/lynx-2.8.5-18.0.1.x86_64.rpm
5b7385421cadb7094250ea302a08ab24 x86_64/debug/lynx-debuginfo-2.8.5-18.0.1.x86_64.rpm
632c6928877f4e7c1922d06c79a3444f i386/lynx-2.8.5-18.0.1.i386.rpm
4d1d7a88b9782979c697e95dd4fc8386 i386/debug/lynx-debuginfo-2.8.5-18.0.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 6 months