[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[RHSA-2004:110-01] Updated Mozilla packages fix security issues



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated Mozilla packages fix security issues
Advisory ID:       RHSA-2004:110-01
Issue date:        2004-03-29
Updated on:        2004-03-29
Product:           Red Hat Enterprise Linux
Keywords:          nss mozilla
Cross references:  
Obsoletes:         
CVE Names:         CAN-2003-0564 CAN-2003-0594 CAN-2004-0191
- ---------------------------------------------------------------------

1. Topic:

Updated Mozilla packages that fix vulnerabilities in S/MIME parsing as well
as other issues and bugs are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 3 - i386
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Mozilla is a Web browser and mail reader, designed for standards
compliance, performance and portability.  Network Security Services (NSS)
is a set of libraries designed to support cross-platform development of
security-enabled server applications. 

NISCC testing of implementations of the S/MIME protocol uncovered a number
of bugs in NSS versions prior to 3.9.   The parsing of unexpected ASN.1
constructs within S/MIME data could cause Mozilla to crash or consume large
amounts of memory.  A remote attacker could potentially trigger these bugs
by sending a carefully-crafted S/MIME message to a victim.  The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0564 to this issue. 

Andreas Sandblad discovered a cross-site scripting issue that affects
various versions of Mozilla.  When linking to a new page it is still
possible to interact with the old page before the new page has been
successfully loaded. Any Javascript events will be invoked in the context
of the new page, making cross-site scripting possible if the different
pages belong to different domains.  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0191 to
this issue. 

Flaws have been found in the cookie path handling between a number of Web
browsers and servers. The HTTP cookie standard allows a Web server
supplying a cookie to a client to specify a subset of URLs on the origin
server to which the cookie applies. Web servers such as Apache do not
filter returned cookies and assume that the client will only send back
cookies for requests that fall within the server-supplied subset of URLs.
However, by supplying URLs that use path traversal (/../) and character
encoding, it is possible to fool many browsers into sending a cookie to a
path outside of the originally-specified subset.  The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0594 to this issue. 

Users of Mozilla are advised to upgrade to these updated packages, which
contain Mozilla version 1.4.2 and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/galeon-1.2.13-0.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mozilla-1.4.2-2.1.0.src.rpm

i386:
Available from Red Hat Network: galeon-1.2.13-0.2.1.i386.rpm
Available from Red Hat Network: mozilla-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-devel-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nss-devel-1.4.2-2.1.0.i386.rpm

ia64:
Available from Red Hat Network: mozilla-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-devel-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-nss-devel-1.4.2-2.1.0.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mozilla-1.4.2-2.1.0.src.rpm

ia64:
Available from Red Hat Network: mozilla-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-devel-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-2.1.0.ia64.rpm
Available from Red Hat Network: mozilla-nss-devel-1.4.2-2.1.0.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/galeon-1.2.13-0.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mozilla-1.4.2-2.1.0.src.rpm

i386:
Available from Red Hat Network: galeon-1.2.13-0.2.1.i386.rpm
Available from Red Hat Network: mozilla-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-devel-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nss-devel-1.4.2-2.1.0.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/galeon-1.2.13-0.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mozilla-1.4.2-2.1.0.src.rpm

i386:
Available from Red Hat Network: galeon-1.2.13-0.2.1.i386.rpm
Available from Red Hat Network: mozilla-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-devel-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-2.1.0.i386.rpm
Available from Red Hat Network: mozilla-nss-devel-1.4.2-2.1.0.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mozilla-1.4.2-3.0.2.src.rpm

i386:
Available from Red Hat Network: mozilla-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-3.0.2.i386.rpm

ia64:
Available from Red Hat Network: mozilla-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-3.0.2.ia64.rpm

ppc:
Available from Red Hat Network: mozilla-1.4.2-3.0.2.ppc.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-3.0.2.ppc.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-3.0.2.ppc.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-3.0.2.ppc.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-3.0.2.ppc.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.ppc.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-3.0.2.ppc.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-3.0.2.ppc.rpm

s390:
Available from Red Hat Network: mozilla-1.4.2-3.0.2.s390.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-3.0.2.s390.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-3.0.2.s390.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-3.0.2.s390.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-3.0.2.s390.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.s390.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-3.0.2.s390.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-3.0.2.s390.rpm

s390x:
Available from Red Hat Network: mozilla-1.4.2-3.0.2.s390x.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-3.0.2.s390x.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-3.0.2.s390x.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-3.0.2.s390x.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-3.0.2.s390x.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.s390x.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-3.0.2.s390x.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-3.0.2.s390x.rpm

x86_64:
Available from Red Hat Network: mozilla-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-3.0.2.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mozilla-1.4.2-3.0.2.src.rpm

i386:
Available from Red Hat Network: mozilla-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-3.0.2.i386.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mozilla-1.4.2-3.0.2.src.rpm

i386:
Available from Red Hat Network: mozilla-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-3.0.2.i386.rpm

ia64:
Available from Red Hat Network: mozilla-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-3.0.2.ia64.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-3.0.2.ia64.rpm

x86_64:
Available from Red Hat Network: mozilla-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-chat-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-dom-inspector-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-js-debugger-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-mail-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-nspr-1.4.2-3.0.2.i386.rpm
Available from Red Hat Network: mozilla-nspr-devel-1.4.2-3.0.2.x86_64.rpm
Available from Red Hat Network: mozilla-nss-1.4.2-3.0.2.x86_64.rpm



6. Verificationx:

MD5 sum                          Package Name
- --------------------------------------------------------------------------

7d28fc4babe83428c967290b8f74df5b 2.1AS/en/os/SRPMS/galeon-1.2.13-0.2.1.src.rpm
ada04b3382db22fefd63ef19749b9211 2.1AS/en/os/SRPMS/mozilla-1.4.2-2.1.0.src.rpm
9439c7d90720ccb6d996fe7d7e5e2540 2.1AS/en/os/i386/galeon-1.2.13-0.2.1.i386.rpm
31ba37651d74eed24267f2bab1fc9ce9 2.1AS/en/os/i386/mozilla-1.4.2-2.1.0.i386.rpm
e4158e950da4bf9a4e036b9a798e64aa 2.1AS/en/os/i386/mozilla-chat-1.4.2-2.1.0.i386.rpm
6cfb98a853f2ab16248ad6547adaff61 2.1AS/en/os/i386/mozilla-devel-1.4.2-2.1.0.i386.rpm
f2fa380c982c8d47faee435a558b52c0 2.1AS/en/os/i386/mozilla-dom-inspector-1.4.2-2.1.0.i386.rpm
c32e24e8bad91a26a97728338d76d63b 2.1AS/en/os/i386/mozilla-js-debugger-1.4.2-2.1.0.i386.rpm
daa119296314c6736ea5b53b24293d05 2.1AS/en/os/i386/mozilla-mail-1.4.2-2.1.0.i386.rpm
916ad1dcb078afef3ff907783140c9d8 2.1AS/en/os/i386/mozilla-nspr-1.4.2-2.1.0.i386.rpm
263a14e170c905f3d35947458fb6ac7b 2.1AS/en/os/i386/mozilla-nspr-devel-1.4.2-2.1.0.i386.rpm
bdf43d83213c9e07801ebd08c29b1ff0 2.1AS/en/os/i386/mozilla-nss-1.4.2-2.1.0.i386.rpm
4644ee58ef5211c6137bbe145de985cc 2.1AS/en/os/i386/mozilla-nss-devel-1.4.2-2.1.0.i386.rpm
4370089151d468783f6df9be11927bcc 2.1AS/en/os/ia64/mozilla-1.4.2-2.1.0.ia64.rpm
a629156c382ac9891e328448c8529f0f 2.1AS/en/os/ia64/mozilla-chat-1.4.2-2.1.0.ia64.rpm
a47741097830cb54dce7562c89d0c0e1 2.1AS/en/os/ia64/mozilla-devel-1.4.2-2.1.0.ia64.rpm
06a511c6d6a2c9f287a146400add52dc 2.1AS/en/os/ia64/mozilla-dom-inspector-1.4.2-2.1.0.ia64.rpm
51b47afdd5af75d8b38ea44bcfca51a1 2.1AS/en/os/ia64/mozilla-js-debugger-1.4.2-2.1.0.ia64.rpm
8c22e3f4442b666d0824b7930004e02e 2.1AS/en/os/ia64/mozilla-mail-1.4.2-2.1.0.ia64.rpm
04ede83d74c06aa102cb1d13a968db00 2.1AS/en/os/ia64/mozilla-nspr-1.4.2-2.1.0.ia64.rpm
6e65624e79f8afe557b82867d830a243 2.1AS/en/os/ia64/mozilla-nspr-devel-1.4.2-2.1.0.ia64.rpm
d9825a6d6ed91aa5c64ade4997bb9142 2.1AS/en/os/ia64/mozilla-nss-1.4.2-2.1.0.ia64.rpm
15d8355f0d83436cd6969f8fc3835f96 2.1AS/en/os/ia64/mozilla-nss-devel-1.4.2-2.1.0.ia64.rpm
ada04b3382db22fefd63ef19749b9211 2.1AW/en/os/SRPMS/mozilla-1.4.2-2.1.0.src.rpm
4370089151d468783f6df9be11927bcc 2.1AW/en/os/ia64/mozilla-1.4.2-2.1.0.ia64.rpm
a629156c382ac9891e328448c8529f0f 2.1AW/en/os/ia64/mozilla-chat-1.4.2-2.1.0.ia64.rpm
a47741097830cb54dce7562c89d0c0e1 2.1AW/en/os/ia64/mozilla-devel-1.4.2-2.1.0.ia64.rpm
06a511c6d6a2c9f287a146400add52dc 2.1AW/en/os/ia64/mozilla-dom-inspector-1.4.2-2.1.0.ia64.rpm
51b47afdd5af75d8b38ea44bcfca51a1 2.1AW/en/os/ia64/mozilla-js-debugger-1.4.2-2.1.0.ia64.rpm
8c22e3f4442b666d0824b7930004e02e 2.1AW/en/os/ia64/mozilla-mail-1.4.2-2.1.0.ia64.rpm
04ede83d74c06aa102cb1d13a968db00 2.1AW/en/os/ia64/mozilla-nspr-1.4.2-2.1.0.ia64.rpm
6e65624e79f8afe557b82867d830a243 2.1AW/en/os/ia64/mozilla-nspr-devel-1.4.2-2.1.0.ia64.rpm
d9825a6d6ed91aa5c64ade4997bb9142 2.1AW/en/os/ia64/mozilla-nss-1.4.2-2.1.0.ia64.rpm
15d8355f0d83436cd6969f8fc3835f96 2.1AW/en/os/ia64/mozilla-nss-devel-1.4.2-2.1.0.ia64.rpm
7d28fc4babe83428c967290b8f74df5b 2.1ES/en/os/SRPMS/galeon-1.2.13-0.2.1.src.rpm
ada04b3382db22fefd63ef19749b9211 2.1ES/en/os/SRPMS/mozilla-1.4.2-2.1.0.src.rpm
9439c7d90720ccb6d996fe7d7e5e2540 2.1ES/en/os/i386/galeon-1.2.13-0.2.1.i386.rpm
31ba37651d74eed24267f2bab1fc9ce9 2.1ES/en/os/i386/mozilla-1.4.2-2.1.0.i386.rpm
e4158e950da4bf9a4e036b9a798e64aa 2.1ES/en/os/i386/mozilla-chat-1.4.2-2.1.0.i386.rpm
6cfb98a853f2ab16248ad6547adaff61 2.1ES/en/os/i386/mozilla-devel-1.4.2-2.1.0.i386.rpm
f2fa380c982c8d47faee435a558b52c0 2.1ES/en/os/i386/mozilla-dom-inspector-1.4.2-2.1.0.i386.rpm
c32e24e8bad91a26a97728338d76d63b 2.1ES/en/os/i386/mozilla-js-debugger-1.4.2-2.1.0.i386.rpm
daa119296314c6736ea5b53b24293d05 2.1ES/en/os/i386/mozilla-mail-1.4.2-2.1.0.i386.rpm
916ad1dcb078afef3ff907783140c9d8 2.1ES/en/os/i386/mozilla-nspr-1.4.2-2.1.0.i386.rpm
263a14e170c905f3d35947458fb6ac7b 2.1ES/en/os/i386/mozilla-nspr-devel-1.4.2-2.1.0.i386.rpm
bdf43d83213c9e07801ebd08c29b1ff0 2.1ES/en/os/i386/mozilla-nss-1.4.2-2.1.0.i386.rpm
4644ee58ef5211c6137bbe145de985cc 2.1ES/en/os/i386/mozilla-nss-devel-1.4.2-2.1.0.i386.rpm
7d28fc4babe83428c967290b8f74df5b 2.1WS/en/os/SRPMS/galeon-1.2.13-0.2.1.src.rpm
ada04b3382db22fefd63ef19749b9211 2.1WS/en/os/SRPMS/mozilla-1.4.2-2.1.0.src.rpm
9439c7d90720ccb6d996fe7d7e5e2540 2.1WS/en/os/i386/galeon-1.2.13-0.2.1.i386.rpm
31ba37651d74eed24267f2bab1fc9ce9 2.1WS/en/os/i386/mozilla-1.4.2-2.1.0.i386.rpm
e4158e950da4bf9a4e036b9a798e64aa 2.1WS/en/os/i386/mozilla-chat-1.4.2-2.1.0.i386.rpm
6cfb98a853f2ab16248ad6547adaff61 2.1WS/en/os/i386/mozilla-devel-1.4.2-2.1.0.i386.rpm
f2fa380c982c8d47faee435a558b52c0 2.1WS/en/os/i386/mozilla-dom-inspector-1.4.2-2.1.0.i386.rpm
c32e24e8bad91a26a97728338d76d63b 2.1WS/en/os/i386/mozilla-js-debugger-1.4.2-2.1.0.i386.rpm
daa119296314c6736ea5b53b24293d05 2.1WS/en/os/i386/mozilla-mail-1.4.2-2.1.0.i386.rpm
916ad1dcb078afef3ff907783140c9d8 2.1WS/en/os/i386/mozilla-nspr-1.4.2-2.1.0.i386.rpm
263a14e170c905f3d35947458fb6ac7b 2.1WS/en/os/i386/mozilla-nspr-devel-1.4.2-2.1.0.i386.rpm
bdf43d83213c9e07801ebd08c29b1ff0 2.1WS/en/os/i386/mozilla-nss-1.4.2-2.1.0.i386.rpm
4644ee58ef5211c6137bbe145de985cc 2.1WS/en/os/i386/mozilla-nss-devel-1.4.2-2.1.0.i386.rpm
584c53dd1d0525352aaad91073a1a84e 3AS/en/os/SRPMS/mozilla-1.4.2-3.0.2.src.rpm
6ff9ad30690221501a73f2267f8dea6a 3AS/en/os/i386/mozilla-1.4.2-3.0.2.i386.rpm
48c9e4e8c0ddf1898226cb55e0685af4 3AS/en/os/i386/mozilla-chat-1.4.2-3.0.2.i386.rpm
685b5b34d137fe48ca8d70e0e0c2e404 3AS/en/os/i386/mozilla-dom-inspector-1.4.2-3.0.2.i386.rpm
55a3a69d6767ddef22f19165fdc72c1d 3AS/en/os/i386/mozilla-js-debugger-1.4.2-3.0.2.i386.rpm
477522a19af3a3ff313ba2afe82de9c3 3AS/en/os/i386/mozilla-mail-1.4.2-3.0.2.i386.rpm
1d17e5fec4fc09d1df737827dedba425 3AS/en/os/i386/mozilla-nspr-1.4.2-3.0.2.i386.rpm
da8bdb98434603ff2f1acc4e16064fad 3AS/en/os/i386/mozilla-nspr-devel-1.4.2-3.0.2.i386.rpm
537ead97bd1552b4d52530afb944dd31 3AS/en/os/i386/mozilla-nss-1.4.2-3.0.2.i386.rpm
cc476f9f87073677377e14f60a0c29db 3AS/en/os/ia64/mozilla-1.4.2-3.0.2.ia64.rpm
b9e60bc45953c4d90aded3f861082f5c 3AS/en/os/ia64/mozilla-chat-1.4.2-3.0.2.ia64.rpm
c685f448ae4ffa10e7e172e7356542b0 3AS/en/os/ia64/mozilla-dom-inspector-1.4.2-3.0.2.ia64.rpm
d5db631ecabb733d44a69cb2505b1213 3AS/en/os/ia64/mozilla-js-debugger-1.4.2-3.0.2.ia64.rpm
29298a049262904924528b724559ed35 3AS/en/os/ia64/mozilla-mail-1.4.2-3.0.2.ia64.rpm
c28e0499451bbccb00b182e5ddb6b150 3AS/en/os/ia64/mozilla-nspr-1.4.2-3.0.2.ia64.rpm
dce026ea8f95ff0e83c7005489c9588e 3AS/en/os/ia64/mozilla-nspr-devel-1.4.2-3.0.2.ia64.rpm
e6d7e963920c7a3596ce7a933f33890a 3AS/en/os/ia64/mozilla-nss-1.4.2-3.0.2.ia64.rpm
534f98c582b63b3e36abf6191e0a1cde 3AS/en/os/ppc/mozilla-1.4.2-3.0.2.ppc.rpm
c39c07efef2419eebf623fbaad249158 3AS/en/os/ppc/mozilla-chat-1.4.2-3.0.2.ppc.rpm
915dfb2901864c1f567e59befdb1d4d0 3AS/en/os/ppc/mozilla-dom-inspector-1.4.2-3.0.2.ppc.rpm
61a399fff77855575dd869325bdd97c9 3AS/en/os/ppc/mozilla-js-debugger-1.4.2-3.0.2.ppc.rpm
e144a6760f87f7729466c7992d026069 3AS/en/os/ppc/mozilla-mail-1.4.2-3.0.2.ppc.rpm
b0d09b1ee56304951deedc82124c0b5a 3AS/en/os/ppc/mozilla-nspr-1.4.2-3.0.2.ppc.rpm
cb5feac6ccf79c037a20f483e796a3c6 3AS/en/os/ppc/mozilla-nspr-devel-1.4.2-3.0.2.ppc.rpm
4d79158c401c09d9bb6bc9ba57e8702b 3AS/en/os/ppc/mozilla-nss-1.4.2-3.0.2.ppc.rpm
be0bd0a77e18b9a1a5709099d8aace9a 3AS/en/os/s390/mozilla-1.4.2-3.0.2.s390.rpm
e9fbc4e953e4f842ae857cd7dd8e3ab9 3AS/en/os/s390/mozilla-chat-1.4.2-3.0.2.s390.rpm
cc1984d8f9192b70a20196be8a0d08f1 3AS/en/os/s390/mozilla-dom-inspector-1.4.2-3.0.2.s390.rpm
da442e6dafec45d68400786f9d7a76b9 3AS/en/os/s390/mozilla-js-debugger-1.4.2-3.0.2.s390.rpm
81cf560b0829c1109f0b07271d3823f3 3AS/en/os/s390/mozilla-mail-1.4.2-3.0.2.s390.rpm
b244e3899a58fff434840e3baa3c6715 3AS/en/os/s390/mozilla-nspr-1.4.2-3.0.2.s390.rpm
655d1f60e8d0ddd91d4b60b3efd5ec1e 3AS/en/os/s390/mozilla-nspr-devel-1.4.2-3.0.2.s390.rpm
0b9aebe113c32dbcd8841075ba4b2757 3AS/en/os/s390/mozilla-nss-1.4.2-3.0.2.s390.rpm
88348489f2407364d7aa0fd4d89740f7 3AS/en/os/s390x/mozilla-1.4.2-3.0.2.s390x.rpm
48b997aca0384d320c3fe717fcbb2b2e 3AS/en/os/s390x/mozilla-chat-1.4.2-3.0.2.s390x.rpm
c24641a374b089369b959fb064d8b5c5 3AS/en/os/s390x/mozilla-dom-inspector-1.4.2-3.0.2.s390x.rpm
0151412f6bbe49485cb2bcf62b97c13d 3AS/en/os/s390x/mozilla-js-debugger-1.4.2-3.0.2.s390x.rpm
30bfb48840007e5bbcbd78ef4a932a93 3AS/en/os/s390x/mozilla-mail-1.4.2-3.0.2.s390x.rpm
7e3458545b467d6841a2dc0c19ee7ee6 3AS/en/os/s390x/mozilla-nspr-1.4.2-3.0.2.s390x.rpm
3d978a1554d7afa5f89de33fb65ad2c0 3AS/en/os/s390x/mozilla-nspr-devel-1.4.2-3.0.2.s390x.rpm
8e9cc0a1271f46a797ba91253f07fee6 3AS/en/os/s390x/mozilla-nss-1.4.2-3.0.2.s390x.rpm
f1c0a0af6bdfcd6db0cc321801ba88a7 3AS/en/os/x86_64/mozilla-1.4.2-3.0.2.x86_64.rpm
6ba426342729bc4307f459bb569ecb0b 3AS/en/os/x86_64/mozilla-chat-1.4.2-3.0.2.x86_64.rpm
adb6dc8227d32318cfa44fed0976369e 3AS/en/os/x86_64/mozilla-dom-inspector-1.4.2-3.0.2.x86_64.rpm
f79ca6eef4d1675e2fc4397f0873b9d8 3AS/en/os/x86_64/mozilla-js-debugger-1.4.2-3.0.2.x86_64.rpm
d4750ca13d9775c1a15c069472fec9c5 3AS/en/os/x86_64/mozilla-mail-1.4.2-3.0.2.x86_64.rpm
7a301b1c8407a416d5f7b6e7dda2504d 3AS/en/os/x86_64/mozilla-nspr-1.4.2-3.0.2.x86_64.rpm
1d17e5fec4fc09d1df737827dedba425 3AS/en/os/x86_64/mozilla-nspr-1.4.2-3.0.2.i386.rpm
de6eb396b3ad93e6eed4e1c503a6be0f 3AS/en/os/x86_64/mozilla-nspr-devel-1.4.2-3.0.2.x86_64.rpm
64f97fd07b6a5b32b748eeb43c5165b3 3AS/en/os/x86_64/mozilla-nss-1.4.2-3.0.2.x86_64.rpm
584c53dd1d0525352aaad91073a1a84e 3ES/en/os/SRPMS/mozilla-1.4.2-3.0.2.src.rpm
6ff9ad30690221501a73f2267f8dea6a 3ES/en/os/i386/mozilla-1.4.2-3.0.2.i386.rpm
48c9e4e8c0ddf1898226cb55e0685af4 3ES/en/os/i386/mozilla-chat-1.4.2-3.0.2.i386.rpm
685b5b34d137fe48ca8d70e0e0c2e404 3ES/en/os/i386/mozilla-dom-inspector-1.4.2-3.0.2.i386.rpm
55a3a69d6767ddef22f19165fdc72c1d 3ES/en/os/i386/mozilla-js-debugger-1.4.2-3.0.2.i386.rpm
477522a19af3a3ff313ba2afe82de9c3 3ES/en/os/i386/mozilla-mail-1.4.2-3.0.2.i386.rpm
1d17e5fec4fc09d1df737827dedba425 3ES/en/os/i386/mozilla-nspr-1.4.2-3.0.2.i386.rpm
da8bdb98434603ff2f1acc4e16064fad 3ES/en/os/i386/mozilla-nspr-devel-1.4.2-3.0.2.i386.rpm
537ead97bd1552b4d52530afb944dd31 3ES/en/os/i386/mozilla-nss-1.4.2-3.0.2.i386.rpm
584c53dd1d0525352aaad91073a1a84e 3WS/en/os/SRPMS/mozilla-1.4.2-3.0.2.src.rpm
6ff9ad30690221501a73f2267f8dea6a 3WS/en/os/i386/mozilla-1.4.2-3.0.2.i386.rpm
48c9e4e8c0ddf1898226cb55e0685af4 3WS/en/os/i386/mozilla-chat-1.4.2-3.0.2.i386.rpm
685b5b34d137fe48ca8d70e0e0c2e404 3WS/en/os/i386/mozilla-dom-inspector-1.4.2-3.0.2.i386.rpm
55a3a69d6767ddef22f19165fdc72c1d 3WS/en/os/i386/mozilla-js-debugger-1.4.2-3.0.2.i386.rpm
477522a19af3a3ff313ba2afe82de9c3 3WS/en/os/i386/mozilla-mail-1.4.2-3.0.2.i386.rpm
1d17e5fec4fc09d1df737827dedba425 3WS/en/os/i386/mozilla-nspr-1.4.2-3.0.2.i386.rpm
da8bdb98434603ff2f1acc4e16064fad 3WS/en/os/i386/mozilla-nspr-devel-1.4.2-3.0.2.i386.rpm
537ead97bd1552b4d52530afb944dd31 3WS/en/os/i386/mozilla-nss-1.4.2-3.0.2.i386.rpm
cc476f9f87073677377e14f60a0c29db 3WS/en/os/ia64/mozilla-1.4.2-3.0.2.ia64.rpm
b9e60bc45953c4d90aded3f861082f5c 3WS/en/os/ia64/mozilla-chat-1.4.2-3.0.2.ia64.rpm
c685f448ae4ffa10e7e172e7356542b0 3WS/en/os/ia64/mozilla-dom-inspector-1.4.2-3.0.2.ia64.rpm
d5db631ecabb733d44a69cb2505b1213 3WS/en/os/ia64/mozilla-js-debugger-1.4.2-3.0.2.ia64.rpm
29298a049262904924528b724559ed35 3WS/en/os/ia64/mozilla-mail-1.4.2-3.0.2.ia64.rpm
c28e0499451bbccb00b182e5ddb6b150 3WS/en/os/ia64/mozilla-nspr-1.4.2-3.0.2.ia64.rpm
dce026ea8f95ff0e83c7005489c9588e 3WS/en/os/ia64/mozilla-nspr-devel-1.4.2-3.0.2.ia64.rpm
e6d7e963920c7a3596ce7a933f33890a 3WS/en/os/ia64/mozilla-nss-1.4.2-3.0.2.ia64.rpm
f1c0a0af6bdfcd6db0cc321801ba88a7 3WS/en/os/x86_64/mozilla-1.4.2-3.0.2.x86_64.rpm
6ba426342729bc4307f459bb569ecb0b 3WS/en/os/x86_64/mozilla-chat-1.4.2-3.0.2.x86_64.rpm
adb6dc8227d32318cfa44fed0976369e 3WS/en/os/x86_64/mozilla-dom-inspector-1.4.2-3.0.2.x86_64.rpm
f79ca6eef4d1675e2fc4397f0873b9d8 3WS/en/os/x86_64/mozilla-js-debugger-1.4.2-3.0.2.x86_64.rpm
d4750ca13d9775c1a15c069472fec9c5 3WS/en/os/x86_64/mozilla-mail-1.4.2-3.0.2.x86_64.rpm
7a301b1c8407a416d5f7b6e7dda2504d 3WS/en/os/x86_64/mozilla-nspr-1.4.2-3.0.2.x86_64.rpm
1d17e5fec4fc09d1df737827dedba425 3WS/en/os/x86_64/mozilla-nspr-1.4.2-3.0.2.i386.rpm
de6eb396b3ad93e6eed4e1c503a6be0f 3WS/en/os/x86_64/mozilla-nspr-devel-1.4.2-3.0.2.x86_64.rpm
64f97fd07b6a5b32b748eeb43c5165b3 3WS/en/os/x86_64/mozilla-nss-1.4.2-3.0.2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key is
available from https://www.redhat.com/security/keys.html

You can verify each package with the following command:
    
    rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum <filename>


7. References:

http://www.mozilla.org/projects/security/pki/nss/#NSS_39
http://bugzilla.mozilla.org/show_bug.cgi?id=227417
http://www.niscc.gov.uk/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0564
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0191

8. Contact:

The Red Hat security contact is <secalert redhat com>.  More contact
details at https://www.redhat.com/solutions/security/news/contact.html

Copyright 2003 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFAaGg3XlSAg2UNWIIRAnczAJ0ZCUWVawe5cTYXlWnYPHR9RT9kjwCgjrJt
0KUkPEL760Okp1l0YY0t4dA=
=/NIs
-----END PGP SIGNATURE-----



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]