lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: security-announce at turbolinux.co.jp (Turbolinux)
Subject: [TURBOLINUX SECURITY INFO] 07/Apr/2004

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is an announcement only email list for the x86 architecture.
============================================================
Turbolinux Security Announcement 07/Apr/2004
============================================================

The following page contains the security information of Turbolinux Inc.

 - Turbolinux Security Center
   http://www.turbolinux.com/security/

 (1) apache -> Buffer overflows in mod_alias, mod_rewrite
 (2) httpd -> Two issues have been discovered in httpd
 (3) libxml2 ->  Buffer overflows
 (4) mod_python -> DoS vulnerability in httpd

===========================================================
* apache -> Buffer overflows in mod_alias, mod_rewrite
===========================================================

 More information :
    Apache is a powerful, full-featured, efficient, and freely-available Web server.
    Multiple stack-based buffer overflows in mod_alias and mod_rewrite for Apache.

 Impact :
    The vulnerabilities allow remote attackers to cause a denial of service and
    possibly execute arbitrary code.

 Affected Products :
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation
    - Turbolinux Server 6.5
    - Turbolinux Advanced Server 6
    - Turbolinux Server 6.1
    - Turbolinux Workstation 6.0

 Solution :
    Please use turbopkg(zabom) tool to apply the update.
 ---------------------------------------------
 # turbopkg
 or
 # zabom update apache apache-devel apache-manual mod_ssl
 ---------------------------------------------


 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size : MD5

   apache-1.3.27-22.src.rpm
      3095990 d4e2b916623b4d640b5d679497d9e302

   Binary Packages
   Size : MD5

   apache-1.3.27-22.i586.rpm
       499679 6212ae0f1cd0f30e01d95031802428eb
   apache-devel-1.3.27-22.i586.rpm
        93851 263f9ec42f46f0e839e5cca1eb927c1e
   mod_ssl-2.8.14-22.i586.rpm
       180744 041df7d94acedd1ba7fb5f97064c7eea

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size : MD5

   apache-1.3.27-22.src.rpm
      3095990 3fc9813efe8710c56e0b77b5e05338c3

   Binary Packages
   Size : MD5

   apache-1.3.27-22.i586.rpm
       499724 7bb20cd888d05c0e4cc5f561199894f6
   apache-devel-1.3.27-22.i586.rpm
        93832 cae619a1b8963ad97da1a5aed1564999
   mod_ssl-2.8.14-22.i586.rpm
       180662 9545e160e32aed4032e12b4dfef7df73

 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 3839d93452bde8e36b103fb79d3cf458

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-1.3.27-22.i586.rpm
       500553 78238f9e36c649c84a1a5b1756d97578
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-devel-1.3.27-22.i586.rpm
        93949 a3329e03b72782d3d3b95554b7290c9d
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-manual-1.3.27-22.i586.rpm
       850807 6ee1cecbe57b89e3dfc3d5de2e6fdc9a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/mod_ssl-2.8.14-22.i586.rpm
       180800 1cb72b938751a3a9c5c7fa3ae9c6647c

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 b25efd073d90f7454d43c069cd3eeb98

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/apache-1.3.27-22.i586.rpm
       500372 3c9763463cda876b97eaed2f1327fe5e
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/apache-devel-1.3.27-22.i586.rpm
        94018 2470307199ff33d30c642f934667335a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/apache-manual-1.3.27-22.i586.rpm
       850632 1a64d40efe6de1ff15dcc9a2b220e52f
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/mod_ssl-2.8.14-22.i586.rpm
       180816 cf24eff8c7e7369e3287e41a82432e49

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 ddc39b15d760059c87e182b62d52a33f

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-1.3.27-22.i586.rpm
       486217 1151c6ecf1aa21562d0fc170fd67bf40
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-devel-1.3.27-22.i586.rpm
        93879 933560ed4038a7fcc72541de230d8acb
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-manual-1.3.27-22.i586.rpm
       849973 392beee13024b1444099b1c2f9055f81
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/mod_ssl-2.8.14-22.i586.rpm
       177997 037153aac8248fc21470e52fb190ad8a

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 e89f9dda6f70d8c7f52c7cbbf62509dd

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/apache-1.3.27-22.i586.rpm
       486199 82c1725c50d0d48c86828e2b2ef9c9d6
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/apache-devel-1.3.27-22.i586.rpm
        93949 48d9f27d6b4aaa9f2877de70be155dc4
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/apache-manual-1.3.27-22.i586.rpm
       850055 59c90fa2c2377323b8f2d187b8922463
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/mod_ssl-2.8.14-22.i586.rpm
       178382 ae4575db718088d905a5a98de9b437db

 <Turbolinux Server 6.5>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 d3b8c26b4d21f8e15ed3e0fb02f4436c

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/apache-1.3.27-22.i386.rpm
       572608 d44abe94288e1c3ff15e8d37a67dfce2
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/apache-devel-1.3.27-22.i386.rpm
       109943 07b769e891277be997735c9c94d050e2
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/apache-manual-1.3.27-22.i386.rpm
      1088335 680afe2861889d0e8d856db384a6f11c
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/mod_ssl-2.8.14-22.i386.rpm
       191501 3f0058c21e59084c338fc665630f2231

 <Turbolinux Advanced Server 6>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 b87e3782487686f17191c93110107c96

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/apache-1.3.27-22.i386.rpm
       573652 44cf4220883ca5bf3be8a84e33ea9091
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/apache-devel-1.3.27-22.i386.rpm
       109941 5509aca57d903efdc43e2419f5c33e50
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/apache-manual-1.3.27-22.i386.rpm
      1089906 6589583a5d032414e48434b71a9dfa32
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/mod_ssl-2.8.14-22.i386.rpm
       191495 a69883d96bd09dd3fbeb797a29785cd0

 <Turbolinux Server 6.1>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 49d2e7d0e4f93f896586ce60160042a2

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/apache-1.3.27-22.i386.rpm
       573061 157b27651fb523665ca29b0903e474bf
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/apache-devel-1.3.27-22.i386.rpm
       109949 0f9b4e1b49e8e2037f65b82c5e5fa7cf
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/apache-manual-1.3.27-22.i386.rpm
      1088821 62e88f3f55487327fb2c6a04bd690c19
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/mod_ssl-2.8.14-22.i386.rpm
       191460 aa2b4ceeea10ea5f0fbf6c84fdbef499

 <Turbolinux Workstation 6.0>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 c3380e8d06de7db5d47426e61002b398

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/apache-1.3.27-22.i386.rpm
       573837 21e8a2af9561d754a8b38dbceec92a33
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/apache-devel-1.3.27-22.i386.rpm
       110112 92b4c9ff967eb61fdf56792ad167288c
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/apache-manual-1.3.27-22.i386.rpm
      1089097 98f9b8f895fde788a95432850d74e4f5


 Reiferences :

 The Apache HTTP Server Project
   [Changes with Apache 1.3.29]
   http://www.apache.org/dist/httpd/CHANGES_1.3

 CVE
   [CAN-2003-0542]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542


===========================================================
* httpd -> Two issues have been discovered in httpd
===========================================================

 More information :
    Apache is a powerful, full-featured, efficient, and freely-available Web server.

    - Apache does not filter terminal escape sequences from its error logs,
      which could make it easier for attackers to insert those sequences
      into terminal emulators containing vulnerabilities related to escape sequences.

    - Memory leak in ssl_engine_io.c for mod_ssl in Apache 2.

 Impact :
    The vulnerabilities may allow an attacker to cause a denial of service of httpd.

 Affected Products :
    - Turbolinux 10 Desktop

 Solution :
    Please use turbopkg(zabom) tool to apply the update.
 ---------------------------------------------
 # turboupdate

 # turbopkg

 # zabom update httpd
 ---------------------------------------------


 <Turbolinux 10 Desktop>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/httpd-2.0.47-8.src.rpm
      6270514 bf9ca0708d5834ce5e299786a0e2a284

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/httpd-2.0.47-8.i586.rpm
       884255 ce07501b44185392ff26f888eead50c5


 Reiferences :

 The Apache HTTP Server Project
   [Apache HTTP Server 2.0.49 Released]
   http://www.apache.org/dist/httpd/Announcement2.html

 CVE
   [CAN-2003-0020]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020
   [CAN-2004-0113]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113


===========================================================
* libxml2 ->  Buffer overflows
===========================================================

 More information :
    Libxml2 is a library for manipulating XML files.
    A buffer overflow vulnerability was discovered in libxml2 versions prior to 2.6.6.

 Impact :
    This may allow remote attackers to execute arbitrary code via a long URL.

 Affected Products :
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Desktop
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation

 Solution :
    Please use turbopkg(zabom) tool to apply the update.
 ---------------------------------------------
 # turboupdate

 # turbopkg

 # zabom update libxml2 libxml2-deve libxml2-python
 ---------------------------------------------


 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size : MD5

   libxml2-2.4.22-2.src.rpm
      1544784 45887af170d5931f2db7381737a99dfe

   Binary Packages
   Size : MD5

   libxml2-2.4.22-2.i586.rpm
       348852 5e5dae2527a67fcc6d69f0b6ba5c3f75
   libxml2-devel-2.4.22-2.i586.rpm
       673017 f41474006180d834f54f0a30797c9781
   libxml2-python-2.4.22-2.i586.rpm
       120006 9ac02ed2be1c8c7cde88fb852e5bbe71

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size : MD5

   libxml2-2.4.22-2.src.rpm
      1544784 132d50b9dc13ff00c6ab39b3719d883e

   Binary Packages
   Size : MD5

   libxml2-2.4.22-2.i586.rpm
       348775 a73087648767b5f3e3ef13f80382ff4d
   libxml2-devel-2.4.22-2.i586.rpm
       672864 37cb38c3d7d50ca02dce0e87f4b8fc21
   libxml2-python-2.4.22-2.i586.rpm
       119890 eda3ae08127252fa6c0dcbdbaed08b53

 <Turbolinux 10 Desktop>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/libxml2-2.5.11-2.src.rpm
      2299266 aca3b55257986b10e13d2dcec12db7d5

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libxml2-2.5.11-2.i586.rpm
       510473 d49464be5aaddff35f6a14829ef3ac1e
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libxml2-devel-2.5.11-2.i586.rpm
      1039549 474a2f6acc73e12199cde2b1a8233775

 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/libxml2-2.4.22-2.src.rpm
      1544784 24d996e8d5394c7f70c0cc9a06726bb0

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libxml2-2.4.22-2.i586.rpm
       348613 e4b980f0b4c3aa7b0ac55449fae6491d
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libxml2-devel-2.4.22-2.i586.rpm
       672887 75cfe3b619a4056a3c72d3d742d76f9c
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libxml2-python-2.4.22-2.i586.rpm
       119860 8cb2ef3d8f9e780797f1633de3d37775

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/libxml2-2.4.19-2.src.rpm
      1934996 b8e13d700dd12e1da05ca9b688cfa8d6

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libxml2-2.4.19-2.i586.rpm
       343360 6a468e671b9058c688f0112e19705c7f
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libxml2-devel-2.4.19-2.i586.rpm
       648282 0216b0cf8fcee52f4bdc668f8ba1f1ee
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libxml2-python-2.4.19-2.i586.rpm
       118177 aa5c7e0d05326923eead4d96835f0f9e

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/libxml2-2.4.28-2.src.rpm
      2498086 667895c050fde1426e2e8dc854f6a7fb

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libxml2-2.4.28-2.i586.rpm
       387991 226d46babf6a54f72bf89d530aacf160
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libxml2-devel-2.4.28-2.i586.rpm
       971376 7a9c5f4862c41a7768dc36a34a8bc911
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libxml2-python-2.4.28-2.i586.rpm
       155282 cc7039cc53d87eb5cc1d5b9a3dca291b

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/libxml2-2.4.28-2.src.rpm
      2498086 d814b4b15a7b4c45abc293795cb8910e

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libxml2-2.4.28-2.i586.rpm
       387983 de5c72d2df1e74a1367563e4394233dd
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libxml2-devel-2.4.28-2.i586.rpm
       971447 baae34a4623c7dbbdbaedaa52a36d31c
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libxml2-python-2.4.28-2.i586.rpm
       155244 d7344b14fcff59ae829c5c8a01be17b6


 Reiferences :

 CVE
   [CAN-2004-0110]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0110


===========================================================
* mod_python -> DoS vulnerability in httpd
===========================================================

 More information :
    Mod_python is an Apache module that embeds the Python interpreter within the server.
    The vulnerability allows remote attackers to cause a denial of service (httpd crash)
    via a certain query string.

 Impact :
    The vulnerability may allow an attacker to cause a denial of service of httpd.

 Affected Products :
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation

 Solution :
    Please use turbopkg(zabom) tool to apply the update.
 ---------------------------------------------
 # turboupdate

 # turbopkg

 # zabom update mod_python
 ---------------------------------------------


 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size : MD5

   mod_python-2.7.8-4.src.rpm
       203281 87c696009a79e5061c0ed75480cedf2a

   Binary Packages
   Size : MD5

   mod_python-2.7.8-4.i586.rpm
       472529 0f4ff9ed10305224a8cc65d72ff8bf8c

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size : MD5

   mod_python-2.7.8-4.src.rpm
       203281 387ea0a2ad04525c7ea6ff53b9bb72bd

   Binary Packages
   Size : MD5

   mod_python-2.7.8-4.i586.rpm
       472301 e6674f99d9c5c50f589031eb9780ef47

 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/mod_python-2.7.8-4.src.rpm
       203281 56d0673c20f65e2ecf44ca6680592eac

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/mod_python-2.7.8-4.i586.rpm
       472311 82d9da6dd22e08cb3f10dcf361b4978c

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/mod_python-2.7.8-4.src.rpm
       203281 435c352b9044e081548ee0e714333cdd

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/mod_python-2.7.8-4.i586.rpm
       483519 5a43f671f6a481f06f64115097e1c0ee


 Reiferences :

 CVE
   [CAN-2003-0973]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0973


 * You may need to update the turbopkg tool before applying the update.
Please refer to the following URL for detailed information.

  http://www.turbolinux.com/download/zabom.html
  http://www.turbolinux.com/download/zabomupdate.html

Package Update Path
http://www.turbolinux.com/update

============================================================
 * To obtain the public key

Here is the public key

 http://www.turbolinux.com/security/

 * To unsubscribe from the list

If you ever want to remove yourself from this mailing list,
  you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the word `unsubscribe' in the body (don't include the quotes).

unsubscribe

 * To change your email address

If you ever want to chage email address in this mailing list,
  you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the following command in the message body:

  chaddr 'old address' 'new address'

If you have any questions or problems, please contact
<supp_info@...bolinux.co.jp>

Thank you!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAc7tWK0LzjOqIJMwRAkdPAKC6Tta5JDBHqOKy7Dfhd3qszHEsuwCeK1zV
izF3sXPh+7prT42sjIRZcUY=
=0sDT
-----END PGP SIGNATURE-----




Powered by blists - more mailing lists