Security Advisory Netscape security update

Advisory: RHSA-2004:429-07
Type: Security Advisory
Severity: Critical
Issued on: 2004-08-18
Last updated on: 2004-08-18
Affected Products:
CVEs ( CVE-2004-0597


Netscape Navigator and Netscape Communicator 4.8 as distributed with Red
Hat Enterprise Linux 2.1 contain security flaws and should not be used.

Netscape Navigator and Netscape Communicator have been removed from the Red
Hat Enterprise Linux 2.1 CD-ROM distribution as part of Update 5. These
packages were based on Netscape 4.8, which is known to be vulnerable to
recent critical security issues, such as CAN-2004-0597, CAN-2004-0598, and

Netscape 7.2 contains fixes for these issues and is available from Netscape 4.8 packages will also remain available
via Red Hat Network for those who choose to use them despite their known
security vulnerabilities.

Users of Netscape 4.8 are advised to switch to Mozilla, which is included
and supported in Red Hat Enterprise Linux 2.1, and offers comparable


Red Hat Enterprise 2.1 users who do not need the functionality of Netscape
4.8 should uninstall the netscape packages.

Updated packages


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

The Red Hat security contact is More contact details at