Red Hat Product Errata RHSA-2007:0932 - Security Advisory
Issued:
2007-10-08
Updated:
2007-10-08

RHSA-2007:0932 - Security Advisory

Synopsis

Moderate: pwlib security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated pwlib packages that fix a security issue are now available for Red
Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

PWLib is a library used to support cross-platform applications.

In Red Hat Enterprise Linux 5, the Ekiga teleconferencing application uses
PWLib.

A memory management flaw was discovered in PWLib. An attacker could use this
flaw to crash an application, such as Ekiga, which is linked with pwlib
(CVE-2007-4897).

Users should upgrade to these updated packages which contain a backported
patch to correct this issue.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 292831 - CVE-2007-4897 ekiga GetHostAddress remote DoS

Red Hat Enterprise Linux Server 5

SRPM
pwlib-1.10.1-7.0.1.el5.src.rpm SHA-256: 5c438d0d8cce814ef5ad32fecf3449f70d91b4eaaf9b3dff7750ab0c85e61498
x86_64
pwlib-1.10.1-7.0.1.el5.x86_64.rpm SHA-256: 5a6067fb9ae75f3b99067d8fddbfbaa57a1ac762386172b7b9012bf8f123735c
pwlib-devel-1.10.1-7.0.1.el5.x86_64.rpm SHA-256: 6fd0e0565e4c3e6f734a24769c3b0cc62a82dbb0423b73d0d7f261cf5bb47b10
i386
pwlib-1.10.1-7.0.1.el5.i386.rpm SHA-256: bb6f1afac66162d0c68637d187141424922f9c3eb91751905a8013efa46afce4
pwlib-devel-1.10.1-7.0.1.el5.i386.rpm SHA-256: 2aaa1d4b5810094d421c90e54dba1cb3458b4e8804562b2a0463f631df7d0517

Red Hat Enterprise Linux Workstation 5

SRPM
pwlib-1.10.1-7.0.1.el5.src.rpm SHA-256: 5c438d0d8cce814ef5ad32fecf3449f70d91b4eaaf9b3dff7750ab0c85e61498
x86_64
pwlib-1.10.1-7.0.1.el5.x86_64.rpm SHA-256: 5a6067fb9ae75f3b99067d8fddbfbaa57a1ac762386172b7b9012bf8f123735c
pwlib-devel-1.10.1-7.0.1.el5.x86_64.rpm SHA-256: 6fd0e0565e4c3e6f734a24769c3b0cc62a82dbb0423b73d0d7f261cf5bb47b10
i386
pwlib-1.10.1-7.0.1.el5.i386.rpm SHA-256: bb6f1afac66162d0c68637d187141424922f9c3eb91751905a8013efa46afce4
pwlib-devel-1.10.1-7.0.1.el5.i386.rpm SHA-256: 2aaa1d4b5810094d421c90e54dba1cb3458b4e8804562b2a0463f631df7d0517

Red Hat Enterprise Linux Desktop 5

SRPM
pwlib-1.10.1-7.0.1.el5.src.rpm SHA-256: 5c438d0d8cce814ef5ad32fecf3449f70d91b4eaaf9b3dff7750ab0c85e61498
x86_64
pwlib-1.10.1-7.0.1.el5.x86_64.rpm SHA-256: 5a6067fb9ae75f3b99067d8fddbfbaa57a1ac762386172b7b9012bf8f123735c
i386
pwlib-1.10.1-7.0.1.el5.i386.rpm SHA-256: bb6f1afac66162d0c68637d187141424922f9c3eb91751905a8013efa46afce4

Red Hat Enterprise Linux Server from RHUI 5

SRPM
pwlib-1.10.1-7.0.1.el5.src.rpm SHA-256: 5c438d0d8cce814ef5ad32fecf3449f70d91b4eaaf9b3dff7750ab0c85e61498
x86_64
pwlib-1.10.1-7.0.1.el5.x86_64.rpm SHA-256: 5a6067fb9ae75f3b99067d8fddbfbaa57a1ac762386172b7b9012bf8f123735c
pwlib-devel-1.10.1-7.0.1.el5.x86_64.rpm SHA-256: 6fd0e0565e4c3e6f734a24769c3b0cc62a82dbb0423b73d0d7f261cf5bb47b10
i386
pwlib-1.10.1-7.0.1.el5.i386.rpm SHA-256: bb6f1afac66162d0c68637d187141424922f9c3eb91751905a8013efa46afce4
pwlib-devel-1.10.1-7.0.1.el5.i386.rpm SHA-256: 2aaa1d4b5810094d421c90e54dba1cb3458b4e8804562b2a0463f631df7d0517

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.