` 

---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated apache, httpd, and mod_ssl packages available
Advisory ID:       RHSA-2002:222-21
Issue date:        2002-12-12
Updated on:        2002-11-25
Product:           Red Hat Linux
Keywords:          apache ab mod_ssl xss scoreboard
Cross references:  
Obsoletes:         RHSA-2002:103
CVE Names:         CAN-2002-0839 CAN-2002-0840 CAN-2002-0843 CAN-2002-1157
---------------------------------------------------------------------

1. Topic:

Updated apache and httpd packages which fix a number of security issues are
now available for Red Hat Linux 6.2, 7, 7.1, 7.2, 7.3, and 8.0.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - alpha, i386, sparc
Red Hat Linux 7.0 - alpha, i386
Red Hat Linux 7.1 - alpha, i386, ia64
Red Hat Linux 7.2 - i386, ia64
Red Hat Linux 7.3 - i386
Red Hat Linux 8.0 - i386

3. Problem description:

The Apache HTTP Web Server is a secure, efficient, and extensible web
server that provides HTTP services.

Buffer overflows in the ApacheBench support program (ab.c) in Apache
versions prior to 1.3.27, and Apache versions 2.x prior to 2.0.43, allow a
malicious Web server to cause a denial of service (DoS) and possibly
execute arbitrary code via a long response.  The Common Vulnerabilities and
Exposures project has assigned the name CAN-2002-0843 to this issue.
Two cross-site scripting (XSS) vulnerabilities are present in the error
pages for the default "404 Not Found" error and for the error response
when a plain HTTP request is received on an SSL port. Both of these issues
are only exploitable if the "UseCanonicalName" setting has been changed to
"Off", and wildcard DNS is in use.  These issues could allow remote
attackers to execute scripts as other webpage visitors, for instance, to
steal cookies. These issues affect versions of Apache 1.3 before 1.3.26,
versions of Apache 2.0 before 2.0.43, and versions of mod_ssl before
2.8.12. (CAN-2002-0840, CAN-2002-1157)

The shared memory scoreboard in the HTTP daemon for Apache 1.3, prior to
version 1.3.27, allows a user running as the "apache" UID to send a
SIGUSR1 signal to any process as root, resulting in a denial of service
(process kill) or other such behavior that would not normally be allowed. 
(CAN-2002-0839).  Note that this issue does not affect Red Hat
Linux 8.0.

All users of the Apache HTTP Web Server are advised to upgrade to the
applicable errata packages.  For Red Hat Linux 6.2, 7, 7.1, 7.2, and 7.3,
these packages include Apache version 1.3.27 which is not vulnerable to
these issues.  For Red Hat Linux 8.0, the fixes have been back-ported and
applied to Apache version 2.0.40.

Note that the instructions in the "Solution" section of this errata contain
additional steps required to complete the upgrade process.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains
the desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.  

After the errata packages are installed, restart the Web service by running
the following command:

/sbin/service httpd restart

5. Bug IDs fixed  (  for more info):

74882 - XSS vulnerabilities
76327 - Apache 1.3.27 released fixing multiple security issues

6. RPMs required:

Red Hat Linux 6.2:

SRPMS: 
 

alpha: 
  
  
 

i386: 
  
  
 

sparc: 
  
  
 

Red Hat Linux 7.0:

SRPMS: 
  
 

alpha: 
  
  
  
 

i386: 
  
  
  
 

Red Hat Linux 7.1:

SRPMS: 
  
 

alpha: 
  
  
  
 

i386: 
  
  
  
 

ia64: 
  
  
  
 

Red Hat Linux 7.2:

SRPMS: 
  
 

i386: 
  
  
  
 

ia64: 
  
  
  
 

Red Hat Linux 7.3:

SRPMS: 
  
 

i386: 
  
  
  
 

Red Hat Linux 8.0:

SRPMS: 
 

i386: 
  
  
  
 



7. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
941bd10cf20ffb98e05b6b62eb868ac6 6.2/en/os/SRPMS/apache-1.3.27-1.6.2.src.rpm
2a13bd7501151a73bf307f5d5501ed9e 6.2/en/os/alpha/apache-1.3.27-1.6.2.alpha.rpm
21673918d3e0ab20ff2d2c214d3512d7 6.2/en/os/alpha/apache-devel-1.3.27-1.6.2.alpha.rpm
a0179b768549d18cb3247942846a7e83 6.2/en/os/alpha/apache-manual-1.3.27-1.6.2.alpha.rpm
1e3b0db6a15b806d73ae068374be7059 6.2/en/os/i386/apache-1.3.27-1.6.2.i386.rpm
62bfe25eacbccab63c7c1ec7823b1a0c 6.2/en/os/i386/apache-devel-1.3.27-1.6.2.i386.rpm
7de68537d0bfdd3c5276c7a26c10fb86 6.2/en/os/i386/apache-manual-1.3.27-1.6.2.i386.rpm
bf83e969b350c3bde5d5c637f6d97d4e 6.2/en/os/sparc/apache-1.3.27-1.6.2.sparc.rpm
1845941d496068449d918ab125481994 6.2/en/os/sparc/apache-devel-1.3.27-1.6.2.sparc.rpm
0218ec56fda57c6518236915edad8fe3 6.2/en/os/sparc/apache-manual-1.3.27-1.6.2.sparc.rpm
a450f8cee1c9916d6c4662dd01791360 7.0/en/os/SRPMS/apache-1.3.27-1.7.1.src.rpm
cfb81a125517bc44e8382d249db1d7a9 7.0/en/os/SRPMS/mod_ssl-2.8.12-1.7.src.rpm
c7fc8714af3bde967998c0f39506ebf4 7.0/en/os/alpha/apache-1.3.27-1.7.1.alpha.rpm
c080c8c829aa670575612b1377951118 7.0/en/os/alpha/apache-devel-1.3.27-1.7.1.alpha.rpm
7d1d023e3981c3336e1225827bef138c 7.0/en/os/alpha/apache-manual-1.3.27-1.7.1.alpha.rpm
ffb847c9445946d5b7ad6c6226a7c559 7.0/en/os/alpha/mod_ssl-2.8.12-1.7.alpha.rpm
be954ca5a23c7a929a9cf53fa9901f8d 7.0/en/os/i386/apache-1.3.27-1.7.1.i386.rpm
cc14aa8ad1ad26fb870bf8d61a32d144 7.0/en/os/i386/apache-devel-1.3.27-1.7.1.i386.rpm
6136b6d40563a8df1b18fbd725caaf9e 7.0/en/os/i386/apache-manual-1.3.27-1.7.1.i386.rpm
994ae80126430f7c1c32fdc37856665c 7.0/en/os/i386/mod_ssl-2.8.12-1.7.i386.rpm
a450f8cee1c9916d6c4662dd01791360 7.1/en/os/SRPMS/apache-1.3.27-1.7.1.src.rpm
cfb81a125517bc44e8382d249db1d7a9 7.1/en/os/SRPMS/mod_ssl-2.8.12-1.7.src.rpm
c7fc8714af3bde967998c0f39506ebf4 7.1/en/os/alpha/apache-1.3.27-1.7.1.alpha.rpm
c080c8c829aa670575612b1377951118 7.1/en/os/alpha/apache-devel-1.3.27-1.7.1.alpha.rpm
7d1d023e3981c3336e1225827bef138c 7.1/en/os/alpha/apache-manual-1.3.27-1.7.1.alpha.rpm
ffb847c9445946d5b7ad6c6226a7c559 7.1/en/os/alpha/mod_ssl-2.8.12-1.7.alpha.rpm
be954ca5a23c7a929a9cf53fa9901f8d 7.1/en/os/i386/apache-1.3.27-1.7.1.i386.rpm
cc14aa8ad1ad26fb870bf8d61a32d144 7.1/en/os/i386/apache-devel-1.3.27-1.7.1.i386.rpm
6136b6d40563a8df1b18fbd725caaf9e 7.1/en/os/i386/apache-manual-1.3.27-1.7.1.i386.rpm
994ae80126430f7c1c32fdc37856665c 7.1/en/os/i386/mod_ssl-2.8.12-1.7.i386.rpm
f839f3628c96dd69598199c1f8ec5c20 7.1/en/os/ia64/apache-1.3.27-1.7.1.ia64.rpm
dfbb2a56685059e50facb5e214f0db89 7.1/en/os/ia64/apache-devel-1.3.27-1.7.1.ia64.rpm
db0cf12c6d9c4c79c874efe165a043f9 7.1/en/os/ia64/apache-manual-1.3.27-1.7.1.ia64.rpm
baabf87a3644eba5c9ed35c5f0d380b9 7.1/en/os/ia64/mod_ssl-2.8.12-1.7.ia64.rpm
fb310f9f6bdbef9015813c927f7a3aed 7.2/en/os/SRPMS/apache-1.3.27-1.7.2.src.rpm
cae24f57f879b6a61818ac8f10e853f0 7.2/en/os/SRPMS/mod_ssl-2.8.12-2.src.rpm
937277dd20dc1378abcd94f3f3aea90d 7.2/en/os/i386/apache-1.3.27-1.7.2.i386.rpm
616a8185b386c4e2fc2c302f80267437 7.2/en/os/i386/apache-devel-1.3.27-1.7.2.i386.rpm
1bdcb4382d32ccf8184b16bdebd11093 7.2/en/os/i386/apache-manual-1.3.27-1.7.2.i386.rpm
e83635604fb16d3d8bc5dd37b0afa0f4 7.2/en/os/i386/mod_ssl-2.8.12-2.i386.rpm
055f5ad5af3b1459c7ad327c37137f69 7.2/en/os/ia64/apache-1.3.27-1.7.2.ia64.rpm
6c35060e59e833f1bc4a760ca90d0654 7.2/en/os/ia64/apache-devel-1.3.27-1.7.2.ia64.rpm
c918d22e8a736f2bf59125b67297d140 7.2/en/os/ia64/apache-manual-1.3.27-1.7.2.ia64.rpm
11bfa3ba16c8cb8e2a9af4655284584a 7.2/en/os/ia64/mod_ssl-2.8.12-2.ia64.rpm
7ba20ebb306ecdd655ad8d5ce37af121 7.3/en/os/SRPMS/apache-1.3.27-2.src.rpm
cae24f57f879b6a61818ac8f10e853f0 7.3/en/os/SRPMS/mod_ssl-2.8.12-2.src.rpm
6eb4e656c5310116e0cccc4e09002d2c 7.3/en/os/i386/apache-1.3.27-2.i386.rpm
7990f8d8ed4846704e468c9390618731 7.3/en/os/i386/apache-devel-1.3.27-2.i386.rpm
c91ec30aaede3d3ed691dc83c6869a99 7.3/en/os/i386/apache-manual-1.3.27-2.i386.rpm
e83635604fb16d3d8bc5dd37b0afa0f4 7.3/en/os/i386/mod_ssl-2.8.12-2.i386.rpm
33769c1c143f43c234015fcacc06b3c0 8.0/en/os/SRPMS/httpd-2.0.40-11.src.rpm
f2e8238119ae05619a1647e51584a42c 8.0/en/os/i386/httpd-2.0.40-11.i386.rpm
61c76135fbe88268244920b130eb03af 8.0/en/os/i386/httpd-devel-2.0.40-11.i386.rpm
d2146865eb81e380d848d458b254e661 8.0/en/os/i386/httpd-manual-2.0.40-11.i386.rpm
8f2aab8716f5d28f7e49f145bd78cc12 8.0/en/os/i386/mod_ssl-2.0.40-11.i386.rpm


These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at  About

You can verify each package with the following command:
    
    rpm --checksig -v 

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum 


8. References:
 
Apache Week. Security issues force release of 1.3.27, 2.0.43 
CVE -CVE-2002-0839 
CVE -CVE-2002-0840 
CVE -CVE-2002-0843 
CVE -CVE-2002-1157

9. Contact:

The Red Hat security contact is <security@RedHat.com>.  More contact
details at  All Red Hat products

Copyright(c) 2000, 2001, 2002 Red Hat, Inc.
`

RedHat: apache security updates

Updated apache and httpd packages which fix a number of security issues are now available for Red Hat Linux 6.2, 7, 7.1, 7.2, 7.3, and 8.0.

Summary



Summary

The Apache HTTP Web Server is a secure, efficient, and extensible webserver that provides HTTP services.Buffer overflows in the ApacheBench support program (ab.c) in Apacheversions prior to 1.3.27, and Apache versions 2.x prior to 2.0.43, allow amalicious Web server to cause a denial of service (DoS) and possiblyexecute arbitrary code via a long response. The Common Vulnerabilities andExposures project has assigned the name CAN-2002-0843 to this issue.Two cross-site scripting (XSS) vulnerabilities are present in the errorpages for the default "404 Not Found" error and for the error responsewhen a plain HTTP request is received on an SSL port. Both of these issuesare only exploitable if the "UseCanonicalName" setting has been changed to"Off", and wildcard DNS is in use. These issues could allow remoteattackers to execute scripts as other webpage visitors, for instance, tosteal cookies. These issues affect versions of Apache 1.3 before 1.3.26,versions of Apache 2.0 before 2.0.43, and versions of mod_ssl before2.8.12. (CAN-2002-0840, CAN-2002-1157)The shared memory scoreboard in the HTTP daemon for Apache 1.3, prior toversion 1.3.27, allows a user running as the "apache" UID to send aSIGUSR1 signal to any process as root, resulting in a denial of service(process kill) or other such behavior that would not normally be allowed. (CAN-2002-0839). Note that this issue does not affect Red HatLinux 8.0.All users of the Apache HTTP Web Server are advised to upgrade to theapplicable errata packages. For Red Hat Linux 6.2, 7, 7.1, 7.2, and 7.3,these packages include Apache version 1.3.27 which is not vulnerable tothese issues. For Red Hat Linux 8.0, the fixes have been back-ported andapplied to Apache version 2.0.40.Note that the instructions in the "Solution" section of this errata containadditional steps required to complete the upgrade process.


Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.
Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.
After the errata packages are installed, restart the Web service by running the following command:
/sbin/service httpd restart
5. Bug IDs fixed ( for more info):
74882 - XSS vulnerabilities 76327 - Apache 1.3.27 released fixing multiple security issues
6. RPMs required:
Red Hat Linux 6.2:
SRPMS:

alpha:



i386:



sparc:



Red Hat Linux 7.0:
SRPMS:


alpha:




i386:




Red Hat Linux 7.1:
SRPMS:


alpha:




i386:




ia64:




Red Hat Linux 7.2:
SRPMS:


i386:




ia64:




Red Hat Linux 7.3:
SRPMS:


i386:




Red Hat Linux 8.0:
SRPMS:

i386:






7. Verification:
MD5 sum Package Name 941bd10cf20ffb98e05b6b62eb868ac6 6.2/en/os/SRPMS/apache-1.3.27-1.6.2.src.rpm 2a13bd7501151a73bf307f5d5501ed9e 6.2/en/os/alpha/apache-1.3.27-1.6.2.alpha.rpm 21673918d3e0ab20ff2d2c214d3512d7 6.2/en/os/alpha/apache-devel-1.3.27-1.6.2.alpha.rpm a0179b768549d18cb3247942846a7e83 6.2/en/os/alpha/apache-manual-1.3.27-1.6.2.alpha.rpm 1e3b0db6a15b806d73ae068374be7059 6.2/en/os/i386/apache-1.3.27-1.6.2.i386.rpm 62bfe25eacbccab63c7c1ec7823b1a0c 6.2/en/os/i386/apache-devel-1.3.27-1.6.2.i386.rpm 7de68537d0bfdd3c5276c7a26c10fb86 6.2/en/os/i386/apache-manual-1.3.27-1.6.2.i386.rpm bf83e969b350c3bde5d5c637f6d97d4e 6.2/en/os/sparc/apache-1.3.27-1.6.2.sparc.rpm 1845941d496068449d918ab125481994 6.2/en/os/sparc/apache-devel-1.3.27-1.6.2.sparc.rpm 0218ec56fda57c6518236915edad8fe3 6.2/en/os/sparc/apache-manual-1.3.27-1.6.2.sparc.rpm a450f8cee1c9916d6c4662dd01791360 7.0/en/os/SRPMS/apache-1.3.27-1.7.1.src.rpm cfb81a125517bc44e8382d249db1d7a9 7.0/en/os/SRPMS/mod_ssl-2.8.12-1.7.src.rpm c7fc8714af3bde967998c0f39506ebf4 7.0/en/os/alpha/apache-1.3.27-1.7.1.alpha.rpm c080c8c829aa670575612b1377951118 7.0/en/os/alpha/apache-devel-1.3.27-1.7.1.alpha.rpm 7d1d023e3981c3336e1225827bef138c 7.0/en/os/alpha/apache-manual-1.3.27-1.7.1.alpha.rpm ffb847c9445946d5b7ad6c6226a7c559 7.0/en/os/alpha/mod_ssl-2.8.12-1.7.alpha.rpm be954ca5a23c7a929a9cf53fa9901f8d 7.0/en/os/i386/apache-1.3.27-1.7.1.i386.rpm cc14aa8ad1ad26fb870bf8d61a32d144 7.0/en/os/i386/apache-devel-1.3.27-1.7.1.i386.rpm 6136b6d40563a8df1b18fbd725caaf9e 7.0/en/os/i386/apache-manual-1.3.27-1.7.1.i386.rpm 994ae80126430f7c1c32fdc37856665c 7.0/en/os/i386/mod_ssl-2.8.12-1.7.i386.rpm a450f8cee1c9916d6c4662dd01791360 7.1/en/os/SRPMS/apache-1.3.27-1.7.1.src.rpm cfb81a125517bc44e8382d249db1d7a9 7.1/en/os/SRPMS/mod_ssl-2.8.12-1.7.src.rpm c7fc8714af3bde967998c0f39506ebf4 7.1/en/os/alpha/apache-1.3.27-1.7.1.alpha.rpm c080c8c829aa670575612b1377951118 7.1/en/os/alpha/apache-devel-1.3.27-1.7.1.alpha.rpm 7d1d023e3981c3336e1225827bef138c 7.1/en/os/alpha/apache-manual-1.3.27-1.7.1.alpha.rpm ffb847c9445946d5b7ad6c6226a7c559 7.1/en/os/alpha/mod_ssl-2.8.12-1.7.alpha.rpm be954ca5a23c7a929a9cf53fa9901f8d 7.1/en/os/i386/apache-1.3.27-1.7.1.i386.rpm cc14aa8ad1ad26fb870bf8d61a32d144 7.1/en/os/i386/apache-devel-1.3.27-1.7.1.i386.rpm 6136b6d40563a8df1b18fbd725caaf9e 7.1/en/os/i386/apache-manual-1.3.27-1.7.1.i386.rpm 994ae80126430f7c1c32fdc37856665c 7.1/en/os/i386/mod_ssl-2.8.12-1.7.i386.rpm f839f3628c96dd69598199c1f8ec5c20 7.1/en/os/ia64/apache-1.3.27-1.7.1.ia64.rpm dfbb2a56685059e50facb5e214f0db89 7.1/en/os/ia64/apache-devel-1.3.27-1.7.1.ia64.rpm db0cf12c6d9c4c79c874efe165a043f9 7.1/en/os/ia64/apache-manual-1.3.27-1.7.1.ia64.rpm baabf87a3644eba5c9ed35c5f0d380b9 7.1/en/os/ia64/mod_ssl-2.8.12-1.7.ia64.rpm fb310f9f6bdbef9015813c927f7a3aed 7.2/en/os/SRPMS/apache-1.3.27-1.7.2.src.rpm cae24f57f879b6a61818ac8f10e853f0 7.2/en/os/SRPMS/mod_ssl-2.8.12-2.src.rpm 937277dd20dc1378abcd94f3f3aea90d 7.2/en/os/i386/apache-1.3.27-1.7.2.i386.rpm 616a8185b386c4e2fc2c302f80267437 7.2/en/os/i386/apache-devel-1.3.27-1.7.2.i386.rpm 1bdcb4382d32ccf8184b16bdebd11093 7.2/en/os/i386/apache-manual-1.3.27-1.7.2.i386.rpm e83635604fb16d3d8bc5dd37b0afa0f4 7.2/en/os/i386/mod_ssl-2.8.12-2.i386.rpm 055f5ad5af3b1459c7ad327c37137f69 7.2/en/os/ia64/apache-1.3.27-1.7.2.ia64.rpm 6c35060e59e833f1bc4a760ca90d0654 7.2/en/os/ia64/apache-devel-1.3.27-1.7.2.ia64.rpm c918d22e8a736f2bf59125b67297d140 7.2/en/os/ia64/apache-manual-1.3.27-1.7.2.ia64.rpm 11bfa3ba16c8cb8e2a9af4655284584a 7.2/en/os/ia64/mod_ssl-2.8.12-2.ia64.rpm 7ba20ebb306ecdd655ad8d5ce37af121 7.3/en/os/SRPMS/apache-1.3.27-2.src.rpm cae24f57f879b6a61818ac8f10e853f0 7.3/en/os/SRPMS/mod_ssl-2.8.12-2.src.rpm 6eb4e656c5310116e0cccc4e09002d2c 7.3/en/os/i386/apache-1.3.27-2.i386.rpm 7990f8d8ed4846704e468c9390618731 7.3/en/os/i386/apache-devel-1.3.27-2.i386.rpm c91ec30aaede3d3ed691dc83c6869a99 7.3/en/os/i386/apache-manual-1.3.27-2.i386.rpm e83635604fb16d3d8bc5dd37b0afa0f4 7.3/en/os/i386/mod_ssl-2.8.12-2.i386.rpm 33769c1c143f43c234015fcacc06b3c0 8.0/en/os/SRPMS/httpd-2.0.40-11.src.rpm f2e8238119ae05619a1647e51584a42c 8.0/en/os/i386/httpd-2.0.40-11.i386.rpm 61c76135fbe88268244920b130eb03af 8.0/en/os/i386/httpd-devel-2.0.40-11.i386.rpm d2146865eb81e380d848d458b254e661 8.0/en/os/i386/httpd-manual-2.0.40-11.i386.rpm 8f2aab8716f5d28f7e49f145bd78cc12 8.0/en/os/i386/mod_ssl-2.0.40-11.i386.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at About
You can verify each package with the following command:
rpm --checksig -v
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command:
md5sum

References

Apache Week. Security issues force release of 1.3.27, 2.0.43 CVE -CVE-2002-0839 CVE -CVE-2002-0840 CVE -CVE-2002-0843 CVE -CVE-2002-1157

Package List


Severity
Advisory ID: RHSA-2002:222-21
Issued Date: : 2002-12-12
Updated on: 2002-11-25
Product: Red Hat Linux
Keywords: apache ab mod_ssl xss scoreboard
Cross references:
Obsoletes: RHSA-2002:103
CVE Names: CAN-2002-0839 CAN-2002-0840 CAN-2002-0843 CAN-2002-1157

Topic


Topic

Updated apache and httpd packages which fix a number of security issues are

now available for Red Hat Linux 6.2, 7, 7.1, 7.2, 7.3, and 8.0.


 

Relevant Releases Architectures

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

Red Hat Linux 7.1 - alpha, i386, ia64

Red Hat Linux 7.2 - i386, ia64

Red Hat Linux 7.3 - i386

Red Hat Linux 8.0 - i386


Bugs Fixed


Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved