Security Advisory Moderate: tcltk security update

Advisory: RHSA-2008:0134-3
Type: Security Advisory
Severity: Moderate
Issued on: 2008-02-21
Last updated on: 2008-02-21
Affected Products: Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CVE-2007-4772
CVE-2007-5378
CVE-2008-0553

Details

Updated tcltk packages that fix a security issue are now available for Red
Hat Enterprise Linux 2.1, and 3.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Tcl is a scripting language designed for embedding into other applications
and for use with Tk, a widget set.

An input validation flaw was discovered in Tk's GIF image handling. A
code-size value read from a GIF image was not properly validated before
being used, leading to a buffer overflow. A specially crafted GIF file
could use this to cause a crash or, potentially, execute code with the
privileges of the application using the Tk graphical toolkit.
(CVE-2008-0553)

A buffer overflow flaw was discovered in Tk's animated GIF image handling.
An animated GIF containing an initial image smaller than subsequent images
could cause a crash or, potentially, execute code with the privileges of
the application using the Tk library. (CVE-2007-5378)

A flaw in the Tcl regular expression handling engine was discovered by Will
Drewry. This flaw, first discovered in the Tcl regular expression engine
used in the PostgreSQL database server, resulted in an infinite loop when
processing certain regular expressions. (CVE-2007-4772)

All users are advised to upgrade to these updated packages which contain
backported patches which resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

Red Hat Desktop (v. 3)

SRPMS:
tcltk-8.3.5-92.8.src.rpm     MD5: 617887bb9e0a3aa9323925db821c8641
 
IA-32:
expect-5.38.0-92.8.i386.rpm     MD5: d42370b81b11f2b057961974a1476686
expect-devel-5.38.0-92.8.i386.rpm     MD5: 1dfec046e01615ba2f03c23fb1181a84
itcl-3.2-92.8.i386.rpm     MD5: 983fef0b4e1e79f834c400798b69a32d
tcl-8.3.5-92.8.i386.rpm     MD5: daa781836a534b7d3948a64e6db63db4
tcl-devel-8.3.5-92.8.i386.rpm     MD5: ee015e99d6077451f0476d31d8be7747
tclx-8.3-92.8.i386.rpm     MD5: acc78e5ec4da5da6d8560fdf10bd895f
tix-8.1.4-92.8.i386.rpm     MD5: 68ed028422e3710fd9e74bc00c7f2060
tk-8.3.5-92.8.i386.rpm     MD5: 31e9cd45b1f810e8450e79fa7d88b889
tk-devel-8.3.5-92.8.i386.rpm     MD5: e067df5fd8232983ba1d3d07ec3585ab
 
x86_64:
expect-5.38.0-92.8.x86_64.rpm     MD5: 5097e312d1643b5717c4778583fb1c17
expect-devel-5.38.0-92.8.x86_64.rpm     MD5: 9c2b394424d180897b1d1801b834fddc
itcl-3.2-92.8.x86_64.rpm     MD5: e5b80fb0e7c66d19a0b5453a23252c57
tcl-8.3.5-92.8.i386.rpm     MD5: daa781836a534b7d3948a64e6db63db4
tcl-8.3.5-92.8.x86_64.rpm     MD5: a082bc01029bce2fa92ce2e2b0067615
tcl-devel-8.3.5-92.8.x86_64.rpm     MD5: 2ba5a9a271afb4d42ce127c04d1a9378
tclx-8.3-92.8.i386.rpm     MD5: acc78e5ec4da5da6d8560fdf10bd895f
tclx-8.3-92.8.x86_64.rpm     MD5: 97016bb19847d1c3b936b5d846a6a0a5
tix-8.1.4-92.8.x86_64.rpm     MD5: d3a840958a8a07cced133c489d6c286d
tk-8.3.5-92.8.i386.rpm     MD5: 31e9cd45b1f810e8450e79fa7d88b889
tk-8.3.5-92.8.x86_64.rpm     MD5: ecb786b1282070129bed0b7a629ecf5f
tk-devel-8.3.5-92.8.x86_64.rpm     MD5: ca563d1248577bde6dab27da09a6f80b
 
Red Hat Enterprise Linux AS (v. 2.1)

SRPMS:
tcltk-8.3.3-75.src.rpm     MD5: 08aa0194661f6b3d36a26c83597a522d
 
IA-32:
expect-5.38.0-75.i386.rpm     MD5: 1aec97d3b37ca2d37638c903b20f220a
itcl-3.2-75.i386.rpm     MD5: 481e7f36cc357dd1ac6cecf7cc6c4898
tcl-8.3.3-75.i386.rpm     MD5: 31cb7a73df4e6205ecaf41506f5f5c3c
tcllib-1.0-75.i386.rpm     MD5: 5ba08887656941789cafae1c9f0a9860
tclx-8.3-75.i386.rpm     MD5: aa4768b1783af1b3241ba475ff0befb0
tix-8.2.0b1-75.i386.rpm     MD5: 8982d124eed9c06252b8530b05fe4586
tk-8.3.3-75.i386.rpm     MD5: e656f86bc49b8d1a708a95b089e451e4
 
IA-64:
expect-5.38.0-75.ia64.rpm     MD5: 864822efd9a4b31da078e5a9adb0c13d
itcl-3.2-75.ia64.rpm     MD5: d6519459ce1ba00efe4670463d105836
tcl-8.3.3-75.ia64.rpm     MD5: ab9015aa7fbe1b2d899d02c5a961b5cb
tcllib-1.0-75.ia64.rpm     MD5: aad43bdf438b2c4ba4fd4f56b0e15973
tclx-8.3-75.ia64.rpm     MD5: fb6297460594f88c2f15cba96533dfea
tix-8.2.0b1-75.ia64.rpm     MD5: e714f4616d370443ef42ba8ea30e6739
tk-8.3.3-75.ia64.rpm     MD5: b7f6371d07db6a21d0d3d7c1c484882a
 
Red Hat Enterprise Linux AS (v. 3)

SRPMS:
tcltk-8.3.5-92.8.src.rpm     MD5: 617887bb9e0a3aa9323925db821c8641
 
IA-32:
expect-5.38.0-92.8.i386.rpm     MD5: d42370b81b11f2b057961974a1476686
expect-devel-5.38.0-92.8.i386.rpm     MD5: 1dfec046e01615ba2f03c23fb1181a84
itcl-3.2-92.8.i386.rpm     MD5: 983fef0b4e1e79f834c400798b69a32d
tcl-8.3.5-92.8.i386.rpm     MD5: daa781836a534b7d3948a64e6db63db4
tcl-devel-8.3.5-92.8.i386.rpm     MD5: ee015e99d6077451f0476d31d8be7747
tclx-8.3-92.8.i386.rpm     MD5: acc78e5ec4da5da6d8560fdf10bd895f
tix-8.1.4-92.8.i386.rpm     MD5: 68ed028422e3710fd9e74bc00c7f2060
tk-8.3.5-92.8.i386.rpm     MD5: 31e9cd45b1f810e8450e79fa7d88b889
tk-devel-8.3.5-92.8.i386.rpm     MD5: e067df5fd8232983ba1d3d07ec3585ab
 
IA-64:
expect-5.38.0-92.8.ia64.rpm     MD5: 58a223f79b8bacf017a8e132d2eaa685
expect-devel-5.38.0-92.8.ia64.rpm     MD5: 39e9016566b7e870eb1c6cb44e76aac6
itcl-3.2-92.8.ia64.rpm     MD5: 2132288cba28aa0586f2adba289b7f8d
tcl-8.3.5-92.8.i386.rpm     MD5: daa781836a534b7d3948a64e6db63db4
tcl-8.3.5-92.8.ia64.rpm     MD5: b8ee28fc5dbf3fad3a23cad841c8942b
tcl-devel-8.3.5-92.8.ia64.rpm     MD5: d19ffed086656000467b3258cb5ddd57
tclx-8.3-92.8.i386.rpm     MD5: acc78e5ec4da5da6d8560fdf10bd895f
tclx-8.3-92.8.ia64.rpm     MD5: 5583cf974fc017ec454625eb0f551011
tix-8.1.4-92.8.ia64.rpm     MD5: db9359002c85e36172ccd7581d62b449
tk-8.3.5-92.8.i386.rpm     MD5: 31e9cd45b1f810e8450e79fa7d88b889
tk-8.3.5-92.8.ia64.rpm     MD5: bb7316ce6e6bf65bbb25e20a90474421
tk-devel-8.3.5-92.8.ia64.rpm     MD5: 23b24d82f0cb928dcf1d39236e810a8d
 
PPC:
expect-5.38.0-92.8.ppc.rpm     MD5: f9685f1c71505b50a3849fa9a7540d12
expect-devel-5.38.0-92.8.ppc.rpm     MD5: e0c95432d239ab6e5d830f443f25fd84
itcl-3.2-92.8.ppc.rpm     MD5: 5d1795964ddb751bc6422ec38431bc10
tcl-8.3.5-92.8.ppc.rpm     MD5: d545b237e522b6d2f998697dff2df4ac
tcl-8.3.5-92.8.ppc64.rpm     MD5: 3916588cc807d2dec6ad70432e1b32ff
tcl-devel-8.3.5-92.8.ppc.rpm     MD5: 58cededef2a0b71a2b8d2e7ca099f169
tclx-8.3-92.8.ppc.rpm     MD5: 4beefa18ec86e52939098b223b8ad329
tclx-8.3-92.8.ppc64.rpm     MD5: 46c6318fe1580942ea79e21727e4c736
tix-8.1.4-92.8.ppc.rpm     MD5: f5879282a8944048f6d1b42333802828
tk-8.3.5-92.8.ppc.rpm     MD5: 0118cb80df22cfb9f3e57241b6d88a58
tk-8.3.5-92.8.ppc64.rpm     MD5: 27e1d4eacbd74a394c94b910fabcb7f9
tk-devel-8.3.5-92.8.ppc.rpm     MD5: 36f68a84098ef655fc27e94d38d42117
 
s390:
expect-5.38.0-92.8.s390.rpm     MD5: 0c3c5f44c336310c6c082d23e97a57a7
expect-devel-5.38.0-92.8.s390.rpm     MD5: d126fb777a6f138d21368712a6db01e1
itcl-3.2-92.8.s390.rpm     MD5: cb93ab5404d60ac43b381edc017d7190
tcl-8.3.5-92.8.s390.rpm     MD5: 47415428d4410a564785bffb32508deb
tcl-devel-8.3.5-92.8.s390.rpm     MD5: b75d5eb7409e4a0be2329fa5c5cd1571
tclx-8.3-92.8.s390.rpm     MD5: d6bdcdb866388d6266fa0b70e37a078f
tix-8.1.4-92.8.s390.rpm     MD5: ff2a1500b7b74cd725a115aec008a79c
tk-8.3.5-92.8.s390.rpm     MD5: 1633facc4b6ee0827ef942bced4b0e03
tk-devel-8.3.5-92.8.s390.rpm     MD5: 09c54917871698e95ff71d07c613dd1c
 
s390x:
expect-5.38.0-92.8.s390x.rpm     MD5: 61ea408f5512bcb997f19649cf82af8a
expect-devel-5.38.0-92.8.s390x.rpm     MD5: c1e64ace28ef54abdb468220f50acea9
itcl-3.2-92.8.s390x.rpm     MD5: cfcddc08df798e8126c7197c96d4dc08
tcl-8.3.5-92.8.s390.rpm     MD5: 47415428d4410a564785bffb32508deb
tcl-8.3.5-92.8.s390x.rpm     MD5: 8768ed0495c8a1c7e985b4907667d924
tcl-devel-8.3.5-92.8.s390x.rpm     MD5: f8c2aeccd59a5636bf39ca9d915726a1
tclx-8.3-92.8.s390.rpm     MD5: d6bdcdb866388d6266fa0b70e37a078f
tclx-8.3-92.8.s390x.rpm     MD5: 89e741d5bb0cfe44b42797a61e878b29
tix-8.1.4-92.8.s390x.rpm     MD5: c93e7904c7f90afd44ed96062676d6fe
tk-8.3.5-92.8.s390.rpm     MD5: 1633facc4b6ee0827ef942bced4b0e03
tk-8.3.5-92.8.s390x.rpm     MD5: 6d396716587eda8e135b34c5da6fceb9
tk-devel-8.3.5-92.8.s390x.rpm     MD5: a016d95cab1609b57c78c70e07d68bd2
 
x86_64:
expect-5.38.0-92.8.x86_64.rpm     MD5: 5097e312d1643b5717c4778583fb1c17
expect-devel-5.38.0-92.8.x86_64.rpm     MD5: 9c2b394424d180897b1d1801b834fddc
itcl-3.2-92.8.x86_64.rpm     MD5: e5b80fb0e7c66d19a0b5453a23252c57
tcl-8.3.5-92.8.i386.rpm     MD5: daa781836a534b7d3948a64e6db63db4
tcl-8.3.5-92.8.x86_64.rpm     MD5: a082bc01029bce2fa92ce2e2b0067615
tcl-devel-8.3.5-92.8.x86_64.rpm     MD5: 2ba5a9a271afb4d42ce127c04d1a9378
tclx-8.3-92.8.i386.rpm     MD5: acc78e5ec4da5da6d8560fdf10bd895f
tclx-8.3-92.8.x86_64.rpm     MD5: 97016bb19847d1c3b936b5d846a6a0a5
tix-8.1.4-92.8.x86_64.rpm     MD5: d3a840958a8a07cced133c489d6c286d
tk-8.3.5-92.8.i386.rpm     MD5: 31e9cd45b1f810e8450e79fa7d88b889
tk-8.3.5-92.8.x86_64.rpm     MD5: ecb786b1282070129bed0b7a629ecf5f
tk-devel-8.3.5-92.8.x86_64.rpm     MD5: ca563d1248577bde6dab27da09a6f80b
 
Red Hat Enterprise Linux ES (v. 2.1)

SRPMS:
tcltk-8.3.3-75.src.rpm     MD5: 08aa0194661f6b3d36a26c83597a522d
 
IA-32:
expect-5.38.0-75.i386.rpm     MD5: 1aec97d3b37ca2d37638c903b20f220a
itcl-3.2-75.i386.rpm     MD5: 481e7f36cc357dd1ac6cecf7cc6c4898
tcl-8.3.3-75.i386.rpm     MD5: 31cb7a73df4e6205ecaf41506f5f5c3c
tcllib-1.0-75.i386.rpm     MD5: 5ba08887656941789cafae1c9f0a9860
tclx-8.3-75.i386.rpm     MD5: aa4768b1783af1b3241ba475ff0befb0
tix-8.2.0b1-75.i386.rpm     MD5: 8982d124eed9c06252b8530b05fe4586
tk-8.3.3-75.i386.rpm     MD5: e656f86bc49b8d1a708a95b089e451e4
 
Red Hat Enterprise Linux ES (v. 3)

SRPMS:
tcltk-8.3.5-92.8.src.rpm     MD5: 617887bb9e0a3aa9323925db821c8641
 
IA-32:
expect-5.38.0-92.8.i386.rpm     MD5: d42370b81b11f2b057961974a1476686
expect-devel-5.38.0-92.8.i386.rpm     MD5: 1dfec046e01615ba2f03c23fb1181a84
itcl-3.2-92.8.i386.rpm     MD5: 983fef0b4e1e79f834c400798b69a32d
tcl-8.3.5-92.8.i386.rpm     MD5: daa781836a534b7d3948a64e6db63db4
tcl-devel-8.3.5-92.8.i386.rpm     MD5: ee015e99d6077451f0476d31d8be7747
tclx-8.3-92.8.i386.rpm     MD5: acc78e5ec4da5da6d8560fdf10bd895f
tix-8.1.4-92.8.i386.rpm     MD5: 68ed028422e3710fd9e74bc00c7f2060
tk-8.3.5-92.8.i386.rpm     MD5: 31e9cd45b1f810e8450e79fa7d88b889
tk-devel-8.3.5-92.8.i386.rpm     MD5: e067df5fd8232983ba1d3d07ec3585ab
 
IA-64:
expect-5.38.0-92.8.ia64.rpm     MD5: 58a223f79b8bacf017a8e132d2eaa685
expect-devel-5.38.0-92.8.ia64.rpm     MD5: 39e9016566b7e870eb1c6cb44e76aac6
itcl-3.2-92.8.ia64.rpm     MD5: 2132288cba28aa0586f2adba289b7f8d
tcl-8.3.5-92.8.i386.rpm     MD5: daa781836a534b7d3948a64e6db63db4
tcl-8.3.5-92.8.ia64.rpm     MD5: b8ee28fc5dbf3fad3a23cad841c8942b
tcl-devel-8.3.5-92.8.ia64.rpm     MD5: d19ffed086656000467b3258cb5ddd57
tclx-8.3-92.8.i386.rpm     MD5: acc78e5ec4da5da6d8560fdf10bd895f
tclx-8.3-92.8.ia64.rpm     MD5: 5583cf974fc017ec454625eb0f551011
tix-8.1.4-92.8.ia64.rpm     MD5: db9359002c85e36172ccd7581d62b449
tk-8.3.5-92.8.i386.rpm     MD5: 31e9cd45b1f810e8450e79fa7d88b889
tk-8.3.5-92.8.ia64.rpm     MD5: bb7316ce6e6bf65bbb25e20a90474421
tk-devel-8.3.5-92.8.ia64.rpm     MD5: 23b24d82f0cb928dcf1d39236e810a8d
 
x86_64:
expect-5.38.0-92.8.x86_64.rpm     MD5: 5097e312d1643b5717c4778583fb1c17
expect-devel-5.38.0-92.8.x86_64.rpm     MD5: 9c2b394424d180897b1d1801b834fddc
itcl-3.2-92.8.x86_64.rpm     MD5: e5b80fb0e7c66d19a0b5453a23252c57
tcl-8.3.5-92.8.i386.rpm     MD5: daa781836a534b7d3948a64e6db63db4
tcl-8.3.5-92.8.x86_64.rpm     MD5: a082bc01029bce2fa92ce2e2b0067615
tcl-devel-8.3.5-92.8.x86_64.rpm     MD5: 2ba5a9a271afb4d42ce127c04d1a9378
tclx-8.3-92.8.i386.rpm     MD5: acc78e5ec4da5da6d8560fdf10bd895f
tclx-8.3-92.8.x86_64.rpm     MD5: 97016bb19847d1c3b936b5d846a6a0a5
tix-8.1.4-92.8.x86_64.rpm     MD5: d3a840958a8a07cced133c489d6c286d
tk-8.3.5-92.8.i386.rpm     MD5: 31e9cd45b1f810e8450e79fa7d88b889
tk-8.3.5-92.8.x86_64.rpm     MD5: ecb786b1282070129bed0b7a629ecf5f
tk-devel-8.3.5-92.8.x86_64.rpm     MD5: ca563d1248577bde6dab27da09a6f80b
 
Red Hat Enterprise Linux WS (v. 2.1)

SRPMS:
tcltk-8.3.3-75.src.rpm     MD5: 08aa0194661f6b3d36a26c83597a522d
 
IA-32:
expect-5.38.0-75.i386.rpm     MD5: 1aec97d3b37ca2d37638c903b20f220a
itcl-3.2-75.i386.rpm     MD5: 481e7f36cc357dd1ac6cecf7cc6c4898
tcl-8.3.3-75.i386.rpm     MD5: 31cb7a73df4e6205ecaf41506f5f5c3c
tcllib-1.0-75.i386.rpm     MD5: 5ba08887656941789cafae1c9f0a9860
tclx-8.3-75.i386.rpm     MD5: aa4768b1783af1b3241ba475ff0befb0
tix-8.2.0b1-75.i386.rpm     MD5: 8982d124eed9c06252b8530b05fe4586
tk-8.3.3-75.i386.rpm     MD5: e656f86bc49b8d1a708a95b089e451e4
 
Red Hat Enterprise Linux WS (v. 3)

SRPMS:
tcltk-8.3.5-92.8.src.rpm     MD5: 617887bb9e0a3aa9323925db821c8641
 
IA-32:
expect-5.38.0-92.8.i386.rpm     MD5: d42370b81b11f2b057961974a1476686
expect-devel-5.38.0-92.8.i386.rpm     MD5: 1dfec046e01615ba2f03c23fb1181a84
itcl-3.2-92.8.i386.rpm     MD5: 983fef0b4e1e79f834c400798b69a32d
tcl-8.3.5-92.8.i386.rpm     MD5: daa781836a534b7d3948a64e6db63db4
tcl-devel-8.3.5-92.8.i386.rpm     MD5: ee015e99d6077451f0476d31d8be7747
tclx-8.3-92.8.i386.rpm     MD5: acc78e5ec4da5da6d8560fdf10bd895f
tix-8.1.4-92.8.i386.rpm     MD5: 68ed028422e3710fd9e74bc00c7f2060
tk-8.3.5-92.8.i386.rpm     MD5: 31e9cd45b1f810e8450e79fa7d88b889
tk-devel-8.3.5-92.8.i386.rpm     MD5: e067df5fd8232983ba1d3d07ec3585ab
 
IA-64:
expect-5.38.0-92.8.ia64.rpm     MD5: 58a223f79b8bacf017a8e132d2eaa685
expect-devel-5.38.0-92.8.ia64.rpm     MD5: 39e9016566b7e870eb1c6cb44e76aac6
itcl-3.2-92.8.ia64.rpm     MD5: 2132288cba28aa0586f2adba289b7f8d
tcl-8.3.5-92.8.i386.rpm     MD5: daa781836a534b7d3948a64e6db63db4
tcl-8.3.5-92.8.ia64.rpm     MD5: b8ee28fc5dbf3fad3a23cad841c8942b
tcl-devel-8.3.5-92.8.ia64.rpm     MD5: d19ffed086656000467b3258cb5ddd57
tclx-8.3-92.8.i386.rpm     MD5: acc78e5ec4da5da6d8560fdf10bd895f
tclx-8.3-92.8.ia64.rpm     MD5: 5583cf974fc017ec454625eb0f551011
tix-8.1.4-92.8.ia64.rpm     MD5: db9359002c85e36172ccd7581d62b449
tk-8.3.5-92.8.i386.rpm     MD5: 31e9cd45b1f810e8450e79fa7d88b889
tk-8.3.5-92.8.ia64.rpm     MD5: bb7316ce6e6bf65bbb25e20a90474421
tk-devel-8.3.5-92.8.ia64.rpm     MD5: 23b24d82f0cb928dcf1d39236e810a8d
 
x86_64:
expect-5.38.0-92.8.x86_64.rpm     MD5: 5097e312d1643b5717c4778583fb1c17
expect-devel-5.38.0-92.8.x86_64.rpm     MD5: 9c2b394424d180897b1d1801b834fddc
itcl-3.2-92.8.x86_64.rpm     MD5: e5b80fb0e7c66d19a0b5453a23252c57
tcl-8.3.5-92.8.i386.rpm     MD5: daa781836a534b7d3948a64e6db63db4
tcl-8.3.5-92.8.x86_64.rpm     MD5: a082bc01029bce2fa92ce2e2b0067615
tcl-devel-8.3.5-92.8.x86_64.rpm     MD5: 2ba5a9a271afb4d42ce127c04d1a9378
tclx-8.3-92.8.i386.rpm     MD5: acc78e5ec4da5da6d8560fdf10bd895f
tclx-8.3-92.8.x86_64.rpm     MD5: 97016bb19847d1c3b936b5d846a6a0a5
tix-8.1.4-92.8.x86_64.rpm     MD5: d3a840958a8a07cced133c489d6c286d
tk-8.3.5-92.8.i386.rpm     MD5: 31e9cd45b1f810e8450e79fa7d88b889
tk-8.3.5-92.8.x86_64.rpm     MD5: ecb786b1282070129bed0b7a629ecf5f
tk-devel-8.3.5-92.8.x86_64.rpm     MD5: ca563d1248577bde6dab27da09a6f80b
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

SRPMS:
tcltk-8.3.3-75.src.rpm     MD5: 08aa0194661f6b3d36a26c83597a522d
 
IA-64:
expect-5.38.0-75.ia64.rpm     MD5: 864822efd9a4b31da078e5a9adb0c13d
itcl-3.2-75.ia64.rpm     MD5: d6519459ce1ba00efe4670463d105836
tcl-8.3.3-75.ia64.rpm     MD5: ab9015aa7fbe1b2d899d02c5a961b5cb
tcllib-1.0-75.ia64.rpm     MD5: aad43bdf438b2c4ba4fd4f56b0e15973
tclx-8.3-75.ia64.rpm     MD5: fb6297460594f88c2f15cba96533dfea
tix-8.2.0b1-75.ia64.rpm     MD5: e714f4616d370443ef42ba8ea30e6739
tk-8.3.3-75.ia64.rpm     MD5: b7f6371d07db6a21d0d3d7c1c484882a
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

316511 - CVE-2007-4772 postgresql DoS via infinite loop in regex NFA optimization code
332021 - CVE-2007-5378 Tk GIF processing buffer overflow
431518 - CVE-2008-0553 tk: GIF handling buffer overflow


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/