[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[RHSA-2004:429-01] Netscape 4.8 contains security flaws



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Netscape 4.8 contains security flaws
Advisory ID:       RHSA-2004:429-01
Issue date:        2004-08-18
Updated on:        2004-08-18
Product:           Red Hat Enterprise Linux
CVE Names:         CAN-2004-0597 CAN-2004-0598 CAN-2004-0599
- ---------------------------------------------------------------------

1. Summary:

Netscape Navigator and Netscape Communicator 4.8 as distributed with Red
Hat Enterprise Linux 2.1 contain security flaws and should not be used.

2. Problem description:

Netscape Navigator and Netscape Communicator have been removed from the Red
Hat Enterprise Linux 2.1 CD-ROM distribution as part of Update 5. These
packages were based on Netscape 4.8, which is known to be vulnerable to
recent critical security issues, such as CAN-2004-0597, CAN-2004-0598, and
CAN-2004-0599. 

Netscape 7.2 contains fixes for these issues and is available from
http://www.netscape.com/.  Netscape 4.8 packages will also remain available
via Red Hat Network for those who choose to use them despite their known
security vulnerabilities.
                               
Users of Netscape 4.8 are advised to switch to Mozilla, which is included
and supported in Red Hat Enterprise Linux 2.1, and offers comparable
functionality.

3. Solution:

Red Hat Enterprise 2.1 users who do not need the functionality of Netscape 
4.8 should uninstall the netscape packages.

4. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599

5. Contact:

The Red Hat security contact is <secalert redhat com>.  More contact
details at https://www.redhat.com/security/team/contact.html

Copyright 2004 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBI3hCXlSAg2UNWIIRAiL5AKCUnrKuVqngBE/e0EFiALh6bgNOFQCcDYan
Su5PyPkP0gtCB+wT2whAFMw=
=uMrU
-----END PGP SIGNATURE-----



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]