[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200405281655.42627.security-announce@turbolinux.co.jp>
From: security-announce at turbolinux.co.jp (Turbolinux)
Subject: [TURBOLINUX SECURITY INFO] 28/May/2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is an announcement only email list for the x86 architecture.
============================================================
Turbolinux Security Announcement 28/May/2004
============================================================
The following page contains the security information of Turbolinux Inc.
- Turbolinux Security Center
http://www.turbolinux.com/security/
(1) cvs -> Two issues have been discovered in cvs
(2) tcpdump -> Two issues have been discovered in tcpdump
(3) apache -> Multiple vulnerabilities in apache
===========================================================
* cvs -> Two issues have been discovered in cvs
===========================================================
More information :
CVS is a front end to the rcs(1) revision control system which extends
the notion of revision control from a collection of files in a single
directory to a hierarchical collection of directories consisting of
revision controlled files.
- The client for CVS allows a remote malicious CVS server to create arbitrary files using
certain RCS diff files that use absolute pathnames during checkouts or updates.
- CVS contains a flaw when deciding if a CVS entry line should get a modified or unchanged flag attached.
This results in a heap overflow which can be exploited to execute arbitrary code on the CVS server.
Impact :
This vulnerability may allow attackers to cause the CVS server to create directories or
files in your system.
An attacker that has access to a CVS server could use this flaw to execute arbitrary code
under the UID which the CVS server is executing.
Affected Products :
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux 10 Desktop
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
- Turbolinux 7 Workstation
- Turbolinux Server 6.5
- Turbolinux Advanced Server 6
- Turbolinux Server 6.1
- Turbolinux Workstation 6.0
Solution :
Please use the turbopkg (zabom) tool to apply the update.
---------------------------------------------
[Turbolinux 10 Desktop]
# turboupdate
# zabom --update cvs
[Other]
# turbopkg
# zabom update cvs
---------------------------------------------
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages
Size : MD5
cvs-1.12.8-1.src.rpm
2544223 b833bb39e41f301afe3e96c62e32af6f
Binary Packages
Size : MD5
cvs-1.12.8-1.i586.rpm
1033658 66144d4082879e66ad7ab80fa5df5d58
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages
Size : MD5
cvs-1.12.8-1.src.rpm
2544223 e08ecd7234b78097fed5f5e1c789d10d
Binary Packages
Size : MD5
cvs-1.12.8-1.i586.rpm
1033420 542602cb4b70b59c1304c3337d3373da
<Turbolinux 10 Desktop>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/cvs-1.12.8-1.src.rpm
2544223 1d8dcc792ce2f99e0a187ad2a530f704
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cvs-1.12.8-1.i586.rpm
1040140 38d3ad9525bbaaacf775eb1d5aafbb75
<Turbolinux 8 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/cvs-1.12.8-1.src.rpm
2544223 6ac72c0a561b10b0d254f19ff3ec1fa3
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cvs-1.12.8-1.i586.rpm
1033625 f36bce658669efc451d722accc6e8ffb
<Turbolinux 8 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/cvs-1.12.8-1.src.rpm
2544223 ae92dd21e05a28885d5de0bc5a61bf65
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cvs-1.12.8-1.i586.rpm
1033405 52eee7509020fa428b2d8b0ed1cb2549
<Turbolinux 7 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/cvs-1.12.8-1.src.rpm
2544223 7edbab723dadd1d48eec3ecc3c5c1f4b
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/cvs-1.12.8-1.i586.rpm
1019809 2b16a9e657d95c382306da81c2ac6022
<Turbolinux 7 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/cvs-1.12.8-1.src.rpm
2544223 b88e4b2fc37ed34a6a7b8cf8cdc7d6fe
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/cvs-1.12.8-1.i586.rpm
1020848 d117a8cb93d81a2a72ff1450ebbe6674
<Turbolinux Server 6.5>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/SRPMS/cvs-1.12.8-1.src.rpm
2544223 ce5cc9114a8f4ad349a41ab774cb69e6
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/cvs-1.12.8-1.i386.rpm
1170600 1dad34925cae29640b1aa924a85ec76d
<Turbolinux Advanced Server 6>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/SRPMS/cvs-1.12.8-1.src.rpm
2544223 98bd94de8a644f96a7aef01427cc7cde
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/cvs-1.12.8-1.i386.rpm
1170553 49a5485e9969d532139e560c34802171
<Turbolinux Server 6.1>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/SRPMS/cvs-1.12.8-1.src.rpm
2544223 82d2dcdb1d81bfdcc9733d3c8f23410e
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/cvs-1.12.8-1.i386.rpm
1170583 45b87a71d99db6ed43c03a6860bfad14
<Turbolinux Workstation 6.0>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/SRPMS/cvs-1.12.8-1.src.rpm
2544223 eae06ac1884c65f3064691529bb3e7c3
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/cvs-1.12.8-1.i386.rpm
1170505 ddc031af995b018c6f64ba6c63252027
References:
US-CERT
[TA04-147A -- CVS Heap Overflow Vulnerability]
http://www.us-cert.gov/cas/techalerts/TA04-147A.html
CVE
[CAN-2004-0180]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0180
[CAN-2004-0396]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396
===========================================================
* tcpdump -> Two issues have been discovered in tcpdump
===========================================================
More information :
Tcpdump is a tool designed to prints out the headers of packets on a network interface.
The buffer overflow vulnerabilities were discovered in the ISAKMP decoding routines of tcpdump.
Impact :
Remote attackers could potentially exploit these issues by sending
carefully-crafted packets to a victim.
Affected Products :
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux 10 Desktop
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
- Turbolinux 7 Workstation
- Turbolinux Server 6.5
- Turbolinux Advanced Server 6
- Turbolinux Server 6.1
- Turbolinux Workstation 6.0
Solution :
Please use the turbopkg (zabom) tool to apply the update.
---------------------------------------------
[Turbolinux 10 Desktop]
# turboupdate
# zabom --update tcpdump
[Other]
# turbopkg
# zabom update tcpdump
---------------------------------------------
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages
Size : MD5
tcpdump-3.8.3-2.src.rpm
575692 8f1b579e91197e680af0360a7315bc14
Binary Packages
Size : MD5
tcpdump-3.8.3-2.i586.rpm
264777 1f628764c02f67b895d9086c223b9cef
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages
Size : MD5
tcpdump-3.8.3-2.src.rpm
575692 366921eb1f3e003de8a36a1850c4ac38
Binary Packages
Size : MD5
tcpdump-3.8.3-2.i586.rpm
264648 5f5fe7e9f496db2a890c3203c26833e7
<Turbolinux 10 Desktop>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/tcpdump-3.8.3-2.src.rpm
575692 b2ab652f74f5f2405865bbbf1e6c0c6c
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/tcpdump-3.8.3-2.i586.rpm
261771 451fd494f2ca01d0d5ada6e41381a2e4
<Turbolinux 8 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/tcpdump-3.8.3-2.src.rpm
575692 e8b9bdfe0e122864d0603817489785a9
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/tcpdump-3.8.3-2.i586.rpm
264667 8afae3502fac1e2e2eccc04f36e6bbb6
<Turbolinux 8 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/tcpdump-3.8.3-2.src.rpm
575692 0c1926cf613e0f568b430cb693f10a09
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/tcpdump-3.8.3-2.i586.rpm
264642 2fe5be2bd5c5abda40c5e8bf7b0ec266
<Turbolinux 7 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/tcpdump-3.8.3-2.src.rpm
575692 d0fb472490f6b6f1e2134ef1b28ecc30
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/tcpdump-3.8.3-2.i586.rpm
258792 cb855384260230be84d1fecff5131efa
<Turbolinux 7 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/tcpdump-3.8.3-2.src.rpm
575692 8b5e63401066837e68e34365c95dc4cc
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/tcpdump-3.8.3-2.i586.rpm
258706 23bcbca7994890a841b9fd0bd0a251ef
<Turbolinux Server 6.5>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/SRPMS/tcpdump-3.8.3-2.src.rpm
575692 29bc899b80e97dcc76d65070c53d7c06
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/tcpdump-3.8.3-2.i386.rpm
253215 1861c58d856e5cb379bef561cac665af
<Turbolinux Advanced Server 6>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/SRPMS/tcpdump-3.8.3-2.src.rpm
575692 d1fe5c778d45483c256048facd94495a
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/tcpdump-3.8.3-2.i386.rpm
253211 a18f5fa2b39bdd16a36a9751e35ff47e
<Turbolinux Server 6.1>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/SRPMS/tcpdump-3.8.3-2.src.rpm
575692 11c3ca0ddedbcae2f719c6190f385c06
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/tcpdump-3.8.3-2.i386.rpm
253225 5be638ba8dea675e9205d7d1087b9841
<Turbolinux Workstation 6.0>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/SRPMS/tcpdump-3.8.3-2.src.rpm
575692 2cdc5649cd60871d57e0425b71ed39a9
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/tcpdump-3.8.3-2.i386.rpm
253229 382c6909a47ebe6164fe19b93647ee2c
Reiferences :
www.tcpdump.org
[tcpdump-changes]
http://www.tcpdump.org/tcpdump-changes.txt
CVE
[CAN-2004-0183]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0183
[CAN-2004-0184]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0184
===========================================================
* apache -> Multiple vulnerabilities in apache
===========================================================
More information :
Apache is a powerful, full-featured, efficient, and freely-available Web server.
- Apache does not filter terminal escape sequences from its error logs,
which could make it easier for attackers to insert those sequences
into terminal emulators containing vulnerabilities related to escape sequences.
- mod_digest for Apache does not properly verify the nonce of a client response by
using a AuthNonce secret.
Impact :
A third party may gain unauthorized access to a web server.
Affected Products :
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
- Turbolinux 7 Workstation
- Turbolinux Server 6.5
- Turbolinux Advanced Server 6
- Turbolinux Server 6.1
- Turbolinux Workstation 6.0
Solution :
Please use the turbopkg (zabom) tool to apply the update.
---------------------------------------------
# turbopkg
or
# zabom update apache apache-devel apache-manual mod_ssl
---------------------------------------------
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages
Size : MD5
apache-1.3.27-23.src.rpm
3104221 c62c1249139f17852aba2a4f8e976700
Binary Packages
Size : MD5
apache-1.3.27-23.i586.rpm
501592 61a908c8f6b325b34e18782a5623ebab
apache-devel-1.3.27-23.i586.rpm
94278 74a131e6990c18cd86a86655cec91099
mod_ssl-2.8.14-23.i586.rpm
181149 b17be2efd850d43668c1ace32a80b076
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages
Size : MD5
apache-1.3.27-23.src.rpm
3104221 a3a4b02dd3079169ddfed1c73e11fd4e
Binary Packages
Size : MD5
apache-1.3.27-23.i586.rpm
501539 df2a88cb00e7c315995dc12dd2ad9298
apache-devel-1.3.27-23.i586.rpm
94096 71c5c5bf97c8d76e6851cfbdc62eb112
mod_ssl-2.8.14-23.i586.rpm
181120 4bcf9b8a5622f275a000901fdd65041c
<Turbolinux 8 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/apache-1.3.27-23.src.rpm
3104221 fae6385e7dd7b5d2206078c119e59955
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-1.3.27-23.i586.rpm
501380 ba8a8b856724b0c40fc9d93b417b8090
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-devel-1.3.27-23.i586.rpm
94116 fefbb5128a71f48bc1b479bfd9e2f964
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-manual-1.3.27-23.i586.rpm
850102 894ab60db4c481e657cb2070df7ccfb6
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/mod_ssl-2.8.14-23.i586.rpm
181001 5a140863eec56d160e6ac0201859c7fc
<Turbolinux 8 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/apache-1.3.27-23.src.rpm
3104221 8c69532031a4db7c9e26dc5d2300cee9
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/apache-1.3.27-23.i586.rpm
501428 2ca754a87193d855e0eec0208db7656f
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/apache-devel-1.3.27-23.i586.rpm
94141 b72f561542781658bceaa318a7cce4ec
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/apache-manual-1.3.27-23.i586.rpm
850361 7b026bd15eeb5d540dacddec9e88ae33
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/mod_ssl-2.8.14-23.i586.rpm
180937 64d6422dad738b7492c2d4dfe75e02f1
<Turbolinux 7 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/apache-1.3.27-23.src.rpm
3104221 e8888ee7ad0be1f1f2d340eab4d2e282
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-1.3.27-23.i586.rpm
487526 7ce095cabb03c8f9a3685d4e0a903d12
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-devel-1.3.27-23.i586.rpm
94158 07a772f8a2946a44f85536c8ef9be9d0
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-manual-1.3.27-23.i586.rpm
850325 7a3f80c26378c56e892b0532b1dac542
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/mod_ssl-2.8.14-23.i586.rpm
178538 6e38f124e06aeeedd724ec19ad640c69
<Turbolinux 7 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/apache-1.3.27-23.src.rpm
3104221 eda5f2c70c693059619ae779ef7e5e32
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/apache-1.3.27-23.i586.rpm
487425 ee3f380641a272cea36c29112ac48945
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/apache-devel-1.3.27-23.i586.rpm
94165 94d4ea71797f204177f608df49a18e06
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/apache-manual-1.3.27-23.i586.rpm
850245 d24632ebdfd6282d7a4ca3188a8a3392
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/mod_ssl-2.8.14-23.i586.rpm
178704 47ebafb153d886d6d6fc1eab0de304a8
<Turbolinux Server 6.5>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/SRPMS/apache-1.3.27-23.src.rpm
3104221 bb8185361df260baa1f82e2fb00238c4
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/apache-1.3.27-23.i386.rpm
574103 345b50f95b4dcf5e157ce42544e5257b
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/apache-devel-1.3.27-23.i386.rpm
110319 72a5a542c40fb13e7655e262bb90020f
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/apache-manual-1.3.27-23.i386.rpm
1088349 d4dc2892b7bd051f10548f3469c3f399
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/mod_ssl-2.8.14-23.i386.rpm
191829 7d73f18b30b3b66338ae54f242becc95
<Turbolinux Advanced Server 6>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/SRPMS/apache-1.3.27-23.src.rpm
3104221 ab48dbcecff93759e28937238333d17d
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/apache-1.3.27-23.i386.rpm
574418 b23e9d600c8c238f816c5bd0384a5a3f
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/apache-devel-1.3.27-23.i386.rpm
110279 40edfbf79b0281dac916b9047b32ada7
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/apache-manual-1.3.27-23.i386.rpm
1089057 5d71326057b45bbc8720ff2fdd5fdcf3
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/mod_ssl-2.8.14-23.i386.rpm
191898 3603df1c0badb941fe8222876246ad47
<Turbolinux Server 6.1>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/SRPMS/apache-1.3.27-23.src.rpm
3104221 118886ebb423bbc369db26cad739a2ae
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/apache-1.3.27-23.i386.rpm
574226 616250d1c67bdfb3c4fc1936c3e22b25
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/apache-devel-1.3.27-23.i386.rpm
110287 b41abb5ba773549a986caf0a00fc21b1
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/apache-manual-1.3.27-23.i386.rpm
1089381 f2c34f7bc06fd381ecfa424992323e21
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/mod_ssl-2.8.14-23.i386.rpm
191864 b35b6e929225c85170d24a32c6566754
<Turbolinux Workstation 6.0>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/SRPMS/apache-1.3.27-23.src.rpm
3104221 f4874cf86944e7292f9410e66b3e57d1
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/apache-1.3.27-23.i386.rpm
574148 d10b21fa6e652e7f5963ae30d638d3f0
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/apache-devel-1.3.27-23.i386.rpm
110308 6c8cd18830f592259706af09fb547dcb
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/apache-manual-1.3.27-23.i386.rpm
1089368 b3e894e3d0eebdcc8286da19d0612b72
References:
The Apache HTTP Server Project
[Changes with Apache 1.3.31]
http://www.apache.org/dist/httpd/CHANGES_1.3
CVE
[CAN-2003-0020]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020
[CAN-2003-0987]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987
[CAN-2003-0993]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993
[CAN-2004-0174]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174
* You may need to update the turbopkg tool before applying the update.
Please refer to the following URL for detailed information.
http://www.turbolinux.com/download/zabom.html
http://www.turbolinux.com/download/zabomupdate.html
Package Update Path
http://www.turbolinux.com/update
============================================================
* To obtain the public key
Here is the public key
http://www.turbolinux.com/security/
* To unsubscribe from the list
If you ever want to remove yourself from this mailing list,
you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the word `unsubscribe' in the body (don't include the quotes).
unsubscribe
* To change your email address
If you ever want to chage email address in this mailing list,
you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the following command in the message body:
chaddr 'old address' 'new address'
If you have any questions or problems, please contact
<supp_info@...bolinux.co.jp>
Thank you!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAtvB6K0LzjOqIJMwRAu4FAJ9wHFvFIHhN259LAd+IxGZfYydavgCaAvuj
nRmNe7MBYyfvapH9xG8Euec=
=OztO
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists