SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Server)  >   Red Hat Enterprise MRG Messaging Vendors:   Red Hat
(Red Hat Issues Fix) Red Hat Enterprise MRG Messaging AMQP Processing Flaw Lets Remote and Remote Authenticated Users Shutdown the Cluster
SecurityTracker Alert ID:  1024581
SecurityTracker URL:  http://securitytracker.com/id/1024581
CVE Reference:   CVE-2009-5005, CVE-2009-5006   (Links to External Site)
Date:  Oct 14 2010
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): MRG Messaging and Grid Version 1.3
Description:   Two vulnerabilities were reported in Red Hat Enterprise MRG Messaging. A remote user can cause denial of service conditions. A remote authenticated user can cause denial of service conditions.

A remote user can send specially crafted AMQP data to cause the target Apache Qpid service to crash, shutting down the cluster [CVE-2009-5005].

A remote authenticated user can send a specially crafted request to redeclare an existing exchange while adding a new alternate exchange to cause the target Apache Qpid service to crash, shutting down the cluster [CVE-2009-5006].

Impact:   A remote or remote authenticated user can cause the cluster to shutdown.
Solution:   Red Hat has issued a fix.

The Red Hat advisory is available at:

https://rhn.redhat.com/errata/RHSA-2010-0774.html

Vendor URL:  rhn.redhat.com/errata/RHSA-2010-0773.html (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:  Linux (Red Hat Enterprise)
Underlying OS Comments:  4

Message History:   This archive entry is a follow-up to the message listed below.
Oct 14 2010 Red Hat Enterprise MRG Messaging AMQP Processing Flaw Lets Remote and Remote Authenticated Users Shutdown the Cluster



 Source Message Contents

Subject:  [RHSA-2010:0774-01] Moderate: Red Hat Enterprise MRG Messaging and Grid Version 1.3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: Red Hat Enterprise MRG Messaging and Grid Version 1.3
Advisory ID:       RHSA-2010:0774-01
Product:           Red Hat Enterprise MRG for RHEL-4
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2010-0774.html
Issue date:        2010-10-14
CVE Names:         CVE-2009-5005 CVE-2009-5006 
=====================================================================

1. Summary:

Updated packages that fix two security issues, several bugs, and add
multiple enhancements are now available as part of the ongoing support and
maintenance of Red Hat Enterprise MRG Messaging and Grid for Red Hat
Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat MRG Grid Execute Node for RHEL-4 AS - i386, noarch, x86_64
Red Hat MRG Grid Execute Node for RHEL-4 ES - i386, noarch, x86_64
Red Hat MRG Grid for RHEL-4 AS - i386, noarch, x86_64
Red Hat MRG Grid for RHEL-4 ES - i386, noarch, x86_64
Red Hat MRG Messaging Base for RHEL-4 AS - i386, noarch, x86_64
Red Hat MRG Messaging Base for RHEL-4 ES - i386, noarch, x86_64
Red Hat MRG Messaging for RHEL-4 AS - i386, noarch, x86_64
Red Hat MRG Messaging for RHEL-4 ES - i386, noarch, x86_64

3. Description:

Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a realtime IT
infrastructure for enterprise computing. MRG Messaging uses Apache Qpid to
implement the Advanced Message Queuing Protocol (AMQP) standard, adding
persistence options, kernel optimizations, and operating system services.

This update moves Red Hat Enterprise MRG to version 1.3.

A flaw was found in the way Apache Qpid handled the receipt of invalid AMQP
data. A remote user could send invalid AMQP data to the server, causing it
to crash, resulting in the cluster shutting down. (CVE-2009-5005)

A flaw was found in the way Apache Qpid handled a request to redeclare an
existing exchange while adding a new alternate exchange. If a remote,
authenticated user issued such a request, the server would crash, resulting
in the cluster shutting down. (CVE-2009-5006)

This update also adds the following enhancements:

* This update introduces a protocol-independent C++ API. The extra layer of
indirection will make it easy to support new versions of the AMQP protocol,
as well as multiple versions simultaneously. (BZ#497747)

* The management component is now capable of working in a cluster.
(BZ#501015)

* The Messaging Client Python API is now protocol-independent. (BZ#497748)

* This update allows a JMS client to subscribe to the failover exchange to
retrieve cluster membership information and subsequently to receive
updates. (BZ#483753)

* With this update, the qpidd service can be run without additional
authentication options. (BZ#515513)

* This update adds an OpenMPI wrapper script to Condor. It adds support for
OpenMPI jobs. (BZ#537232)

* The Messaging Client Python API now provides a failover mechanism for
clustered brokers. (BZ#495718)

* The Python Messaging API now includes support for Simple Authentication
and Security Layer (SASL), which allows authentication support to be added
to connection-based protocols. (BZ#548493)

* The qpid-tool is now able to determine which session a queue consumer
belongs to. (BZ#504325)

* This update handles backward/forward compatibility for QMF and its
components. (BZ#506698)

* Both Secure Sockets Layer (SSL) and Remote Direct Memory Access (RDMA)
entries can now appear in the list of known URLs. (BZ#471632)

* This update allows for the scheduler daemon to run without swap.
(BZ#548090)

* This update introduces a mechanism that specifies the queue size of a
queue that is setup via the Java API. (BZ#534008)

* Previously, a collector could not be remotely restarted. With this
update, the restart is possible and works as expected. (BZ#543021)

* The usage information for the qpid-config utility (that is, the output of
the "qpid-config -h" command) has been updated to include a brief
explanation of the exchange type. (BZ#506420)

These updated packages include many other bug fixes and enhancements. Users
are directed to the Red Hat Enterprise MRG 1.3 Technical Notes for
information on these changes:

http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/1/html/Technical_N
otes/index.html

All Red Hat Enterprise MRG users are advised to upgrade to these updated
packages, which resolve these issues and add these enhancements, as well as
resolving the issues and adding the enhancements noted in the Red Hat
Enterprise MRG 1.3 Technical Notes. After installing the updated packages,
the qpidd service must be restarted ("service qpidd restart") for this
update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

637944 - MRG 1.3 Released for RHEL4
642373 - CVE-2009-5005 qpid: crash on receipt of invalid AMQP data
642377 - CVE-2009-5006 qpid: crash when redeclaring the exchange with specified alternate_exchange

6. Package List:

Red Hat MRG Grid for RHEL-4 AS:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/classads-1.0.8-1.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/condor-low-latency-1.1-0.2.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/mrg-grid-docs-1.3-1.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/mrg-release-1.3-2.el4.src.rpm

i386:
classads-1.0.8-1.el4.i386.rpm
classads-debuginfo-1.0.8-1.el4.i386.rpm
classads-devel-1.0.8-1.el4.i386.rpm
classads-static-1.0.8-1.el4.i386.rpm

noarch:
condor-low-latency-1.1-0.2.el4.noarch.rpm
mrg-grid-docs-1.3-1.el4.noarch.rpm
mrg-release-1.3-2.el4.noarch.rpm

x86_64:
classads-1.0.8-1.el4.x86_64.rpm
classads-debuginfo-1.0.8-1.el4.x86_64.rpm
classads-devel-1.0.8-1.el4.x86_64.rpm
classads-static-1.0.8-1.el4.x86_64.rpm

Red Hat MRG Grid Execute Node for RHEL-4 AS:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/condor-7.4.4-0.16.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/condor-job-hooks-1.4-5.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/condor-low-latency-1.1-0.2.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/condor-wallaby-3.6-6.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/mrg-grid-docs-1.3-1.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/mrg-release-1.3-2.el4.src.rpm

i386:
condor-7.4.4-0.16.el4.i386.rpm
condor-debuginfo-7.4.4-0.16.el4.i386.rpm
condor-kbdd-7.4.4-0.16.el4.i386.rpm
condor-qmf-7.4.4-0.16.el4.i386.rpm

noarch:
condor-job-hooks-1.4-5.el4.noarch.rpm
condor-low-latency-1.1-0.2.el4.noarch.rpm
condor-wallaby-client-3.6-6.el4.noarch.rpm
mrg-grid-docs-1.3-1.el4.noarch.rpm
mrg-release-1.3-2.el4.noarch.rpm
python-condorutils-1.4-5.el4.noarch.rpm

x86_64:
condor-7.4.4-0.16.el4.x86_64.rpm
condor-debuginfo-7.4.4-0.16.el4.x86_64.rpm
condor-kbdd-7.4.4-0.16.el4.x86_64.rpm
condor-qmf-7.4.4-0.16.el4.x86_64.rpm

Red Hat MRG Messaging for RHEL-4 AS:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/mrg-release-1.3-2.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/python-qmf-0.7.946106-13.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/python-qpid-0.7.946106-14.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/qpid-java-0.7.946106-11.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/qpid-tests-0.7.946106-1.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/qpid-tools-0.7.946106-11.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/rhm-docs-0.7.946106-8.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/sesame-0.7.4297-3.el4.src.rpm

i386:
sesame-0.7.4297-3.el4.i386.rpm
sesame-debuginfo-0.7.4297-3.el4.i386.rpm

noarch:
mrg-release-1.3-2.el4.noarch.rpm
python-qmf-0.7.946106-13.el4.noarch.rpm
python-qpid-0.7.946106-14.el4.noarch.rpm
qpid-java-client-0.7.946106-11.el4.noarch.rpm
qpid-java-common-0.7.946106-11.el4.noarch.rpm
qpid-java-example-0.7.946106-11.el4.noarch.rpm
qpid-tests-0.7.946106-1.el4.noarch.rpm
qpid-tools-0.7.946106-11.el4.noarch.rpm
rhm-docs-0.7.946106-8.el4.noarch.rpm

x86_64:
sesame-0.7.4297-3.el4.x86_64.rpm
sesame-debuginfo-0.7.4297-3.el4.x86_64.rpm

Red Hat MRG Messaging Base for RHEL-4 AS:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/mrg-release-1.3-2.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/python-qmf-0.7.946106-13.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/python-qpid-0.7.946106-14.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/qpid-cpp-mrg-0.7.946106-17.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/qpid-java-0.7.946106-11.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/qpid-tests-0.7.946106-1.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/qpid-tools-0.7.946106-11.el4.src.rpm
ftp://updates.redhat.com/enterprise/4AS/en/RHEMRG/SRPMS/sesame-0.7.4297-3.el4.src.rpm

i386:
qmf-0.7.946106-17.el4.i386.rpm
qmf-devel-0.7.946106-17.el4.i386.rpm
qpid-cpp-client-0.7.946106-17.el4.i386.rpm
qpid-cpp-client-devel-0.7.946106-17.el4.i386.rpm
qpid-cpp-client-devel-docs-0.7.946106-17.el4.i386.rpm
qpid-cpp-client-ssl-0.7.946106-17.el4.i386.rpm
qpid-cpp-mrg-debuginfo-0.7.946106-17.el4.i386.rpm
qpid-cpp-server-0.7.946106-17.el4.i386.rpm
qpid-cpp-server-devel-0.7.946106-17.el4.i386.rpm
qpid-cpp-server-ssl-0.7.946106-17.el4.i386.rpm
qpid-cpp-server-store-0.7.946106-17.el4.i386.rpm
qpid-cpp-server-xml-0.7.946106-17.el4.i386.rpm
sesame-0.7.4297-3.el4.i386.rpm
sesame-debuginfo-0.7.4297-3.el4.i386.rpm

noarch:
mrg-release-1.3-2.el4.noarch.rpm
python-qmf-0.7.946106-13.el4.noarch.rpm
python-qpid-0.7.946106-14.el4.noarch.rpm
qpid-java-client-0.7.946106-11.el4.noarch.rpm
qpid-java-common-0.7.946106-11.el4.noarch.rpm
qpid-java-example-0.7.946106-11.el4.noarch.rpm
qpid-tests-0.7.946106-1.el4.noarch.rpm
qpid-tools-0.7.946106-11.el4.noarch.rpm

x86_64:
qmf-0.7.946106-17.el4.x86_64.rpm
qmf-devel-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-client-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-client-devel-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-client-devel-docs-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-client-ssl-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-mrg-debuginfo-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-server-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-server-devel-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-server-ssl-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-server-store-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-server-xml-0.7.946106-17.el4.x86_64.rpm
sesame-0.7.4297-3.el4.x86_64.rpm
sesame-debuginfo-0.7.4297-3.el4.x86_64.rpm

Red Hat MRG Grid for RHEL-4 ES:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/classads-1.0.8-1.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/condor-low-latency-1.1-0.2.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/mrg-grid-docs-1.3-1.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/mrg-release-1.3-2.el4.src.rpm

i386:
classads-1.0.8-1.el4.i386.rpm
classads-debuginfo-1.0.8-1.el4.i386.rpm
classads-devel-1.0.8-1.el4.i386.rpm
classads-static-1.0.8-1.el4.i386.rpm

noarch:
condor-low-latency-1.1-0.2.el4.noarch.rpm
mrg-grid-docs-1.3-1.el4.noarch.rpm
mrg-release-1.3-2.el4.noarch.rpm

x86_64:
classads-1.0.8-1.el4.x86_64.rpm
classads-debuginfo-1.0.8-1.el4.x86_64.rpm
classads-devel-1.0.8-1.el4.x86_64.rpm
classads-static-1.0.8-1.el4.x86_64.rpm

Red Hat MRG Grid Execute Node for RHEL-4 ES:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/condor-7.4.4-0.16.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/condor-job-hooks-1.4-5.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/condor-low-latency-1.1-0.2.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/condor-wallaby-3.6-6.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/mrg-grid-docs-1.3-1.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/mrg-release-1.3-2.el4.src.rpm

i386:
condor-7.4.4-0.16.el4.i386.rpm
condor-debuginfo-7.4.4-0.16.el4.i386.rpm
condor-kbdd-7.4.4-0.16.el4.i386.rpm
condor-qmf-7.4.4-0.16.el4.i386.rpm

noarch:
condor-job-hooks-1.4-5.el4.noarch.rpm
condor-low-latency-1.1-0.2.el4.noarch.rpm
condor-wallaby-client-3.6-6.el4.noarch.rpm
mrg-grid-docs-1.3-1.el4.noarch.rpm
mrg-release-1.3-2.el4.noarch.rpm
python-condorutils-1.4-5.el4.noarch.rpm

x86_64:
condor-7.4.4-0.16.el4.x86_64.rpm
condor-debuginfo-7.4.4-0.16.el4.x86_64.rpm
condor-kbdd-7.4.4-0.16.el4.x86_64.rpm
condor-qmf-7.4.4-0.16.el4.x86_64.rpm

Red Hat MRG Messaging for RHEL-4 ES:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/mrg-release-1.3-2.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/python-qmf-0.7.946106-13.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/python-qpid-0.7.946106-14.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/qpid-java-0.7.946106-11.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/qpid-tests-0.7.946106-1.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/qpid-tools-0.7.946106-11.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/rhm-docs-0.7.946106-8.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/sesame-0.7.4297-3.el4.src.rpm

i386:
sesame-0.7.4297-3.el4.i386.rpm
sesame-debuginfo-0.7.4297-3.el4.i386.rpm

noarch:
mrg-release-1.3-2.el4.noarch.rpm
python-qmf-0.7.946106-13.el4.noarch.rpm
python-qpid-0.7.946106-14.el4.noarch.rpm
qpid-java-client-0.7.946106-11.el4.noarch.rpm
qpid-java-common-0.7.946106-11.el4.noarch.rpm
qpid-java-example-0.7.946106-11.el4.noarch.rpm
qpid-tests-0.7.946106-1.el4.noarch.rpm
qpid-tools-0.7.946106-11.el4.noarch.rpm
rhm-docs-0.7.946106-8.el4.noarch.rpm

x86_64:
sesame-0.7.4297-3.el4.x86_64.rpm
sesame-debuginfo-0.7.4297-3.el4.x86_64.rpm

Red Hat MRG Messaging Base for RHEL-4 ES:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/mrg-release-1.3-2.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/python-qmf-0.7.946106-13.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/python-qpid-0.7.946106-14.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/qpid-cpp-mrg-0.7.946106-17.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/qpid-java-0.7.946106-11.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/qpid-tests-0.7.946106-1.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/qpid-tools-0.7.946106-11.el4.src.rpm
ftp://updates.redhat.com/enterprise/4ES/en/RHEMRG/SRPMS/sesame-0.7.4297-3.el4.src.rpm

i386:
qmf-0.7.946106-17.el4.i386.rpm
qmf-devel-0.7.946106-17.el4.i386.rpm
qpid-cpp-client-0.7.946106-17.el4.i386.rpm
qpid-cpp-client-devel-0.7.946106-17.el4.i386.rpm
qpid-cpp-client-devel-docs-0.7.946106-17.el4.i386.rpm
qpid-cpp-client-ssl-0.7.946106-17.el4.i386.rpm
qpid-cpp-mrg-debuginfo-0.7.946106-17.el4.i386.rpm
qpid-cpp-server-0.7.946106-17.el4.i386.rpm
qpid-cpp-server-devel-0.7.946106-17.el4.i386.rpm
qpid-cpp-server-ssl-0.7.946106-17.el4.i386.rpm
qpid-cpp-server-store-0.7.946106-17.el4.i386.rpm
qpid-cpp-server-xml-0.7.946106-17.el4.i386.rpm
sesame-0.7.4297-3.el4.i386.rpm
sesame-debuginfo-0.7.4297-3.el4.i386.rpm

noarch:
mrg-release-1.3-2.el4.noarch.rpm
python-qmf-0.7.946106-13.el4.noarch.rpm
python-qpid-0.7.946106-14.el4.noarch.rpm
qpid-java-client-0.7.946106-11.el4.noarch.rpm
qpid-java-common-0.7.946106-11.el4.noarch.rpm
qpid-java-example-0.7.946106-11.el4.noarch.rpm
qpid-tests-0.7.946106-1.el4.noarch.rpm
qpid-tools-0.7.946106-11.el4.noarch.rpm

x86_64:
qmf-0.7.946106-17.el4.x86_64.rpm
qmf-devel-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-client-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-client-devel-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-client-devel-docs-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-client-ssl-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-mrg-debuginfo-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-server-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-server-devel-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-server-ssl-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-server-store-0.7.946106-17.el4.x86_64.rpm
qpid-cpp-server-xml-0.7.946106-17.el4.x86_64.rpm
sesame-0.7.4297-3.el4.x86_64.rpm
sesame-debuginfo-0.7.4297-3.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2009-5005.html
https://www.redhat.com/security/data/cve/CVE-2009-5006.html
http://www.redhat.com/security/updates/classification/#moderate
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/1/html/Technical_Notes/index.html

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMty/fXlSAg2UNWIIRAjQwAJ9Kyais3AknZWJ604+22TdGvplpRACcCUrJ
aRp0UuHecA1rMRXP38zHuTo=
=V7IQ
-----END PGP SIGNATURE-----


-- 
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC