Security Advisory Updated XEmacs packages available for Red Hat Powertools 6.2

Advisory: RHSA-2001:011-04
Type: Security Advisory
Severity: N/A
Issued on: 2001-02-02
Last updated on: 2001-02-07
Affected Products: Red Hat Linux 6.2
OVAL: N/A
CVEs (cve.mitre.org): CVE-2001-0191

Details

The XEmacs package as shipped with Red Hat PowerTools 6.2 has a security
problem with gnuserv and gnuclient, due to a buffer overflow and weak
security.

Note that this package obsoletes xemacs-mule (this is now compiled into the
main binary), xemacs-static, xemacs-extras and xemacs-noX, as this is a
backport of a newer xemacs package.


Solution

To update all RPMs for your particular architecture, run:

rpm -Fvh <filenames>

where <filenames> is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains
the desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Linux 6.2
alpha:
ftp://updates.redhat.com/6.2/alpha/xemacs-21.1.14-2.62.alpha.rpm
Missing file		     963901255ab8377baf92bcc8f3ec30b3
ftp://updates.redhat.com/6.2/alpha/xemacs-el-21.1.14-2.62.alpha.rpm
Missing file		     c1fa617399ff85af31c5d31e314249a8
ftp://updates.redhat.com/6.2/alpha/xemacs-info-21.1.14-2.62.alpha.rpm
Missing file		     e190d32da1a92132d53ee734a93b43cb
 
i386:
ftp://updates.redhat.com/6.2/i386/xemacs-21.1.14-2.62.i386.rpm
Missing file		     661aae1be3097c403df3d38eb5f6ae80
ftp://updates.redhat.com/6.2/i386/xemacs-el-21.1.14-2.62.i386.rpm
Missing file		     03fab61adb2f874f95dfc895e1ede878
ftp://updates.redhat.com/6.2/i386/xemacs-info-21.1.14-2.62.i386.rpm
Missing file		     bae82e4622a0b4b810eaa690446442b5
 
sparc:
ftp://updates.redhat.com/6.2/sparc/xemacs-21.1.14-2.62.sparc.rpm
Missing file		     5c4a36734b54ebd3be33e9404bbcb8e6
ftp://updates.redhat.com/6.2/sparc/xemacs-el-21.1.14-2.62.sparc.rpm
Missing file		     ef99cb1d6d1d2a0f90f034d4a3a0697f
ftp://updates.redhat.com/6.2/sparc/xemacs-info-21.1.14-2.62.sparc.rpm
Missing file		     e4a34278881cc1ec29f817bbcfc8f52b
 

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0191

Keywords

gnuclient

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/