RHSA-2003:027 - Security Advisory

Topic

Updated Netscape 4.8 packages fixing various bugs and vulnerabilities are
now available.

Description

Netscape is a suite of Internet utilities including a Web browser, email
client, and Usenet news reader.

Netscape version 4.8 contains various bugfixes and updates.

Note that Macromedia Flash is no longer included as of this update. The
recommended Macromedia Flash with security fixes no longer supports
Netscape 4.x. The security issues that affected the Macromedia Flash
player include CVE-2002-0846 and CAN-2002-1467.

It is recommended that all Netscape Communicator and Netscape Navigator
users upgrade to these errata packages.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

Please note that this update is available via Red Hat Network. To use Red
Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Affected Products

• Red Hat Enterprise Linux Server 2 i386
• Red Hat Enterprise Linux Workstation 2 i386

Fixes

• BZ - 62052 - Does the netscape libflashplugin.so use an insecure zlib ??
• BZ - 65862 - A problem for the zh_CN.GB2312 locale
• BZ - 71341 - Lots of security holes in flash plugin

CVEs

• CVE-2002-1467
• CVE-2002-0846

References

(none)