LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 7th, 2014
Linux Advisory Watch: April 4th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RH6.0: Netscape (RHSA-1999:039-02) Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
RedHat Linux A new version of Netscape has been released. This release fixes some security problems in Javascript and form signing.
 
Red Hat, Inc. Security Advisory
Package Netscape

Synopsis New netscape packages available

Advisory ID RHSA-1999:039-02

Issue Date 1999-10-04

Updated on 1999-10-08

Keywords netscape 4.7 communicator navigator

Revision History:
1999-10-08: New packages for Red Hat Linux 6.x, to fix %post script bug. Users of the previous errata packages (4.7-1.1) may want to run: chkfontpath --add /usr/X11R6/lib/X11/fonts/75dpi as opposed to downloading the new packages. Removed bogus Sparc package listing.

1. Topic:
A new version of Netscape has been released. This release fixes some security problems in Javascript and form signing.

2. Bug IDs fixed:
None

3. Relevant releases/architectures:
Red Hat Linux 6.x, Intel Sparc packages will be available if/when Netscape updates their Sparc releases.

4. Obsoleted by:
None

5. Conflicts with:
None

6. RPMs required:

Intel:

ftp://updates.Red Hat.com/6.1/i386/

netscape-common-4.7-1.1.i386.rpm
netscape-communicator-4.7-1.1.i386.rpm
netscape-navigator-4.7-1.1.i386.rpm

Source:

ftp://updates.Red Hat.com/6.1/SRPMS

netscape- 4.7-1.1.src.rpm

Red Hat Linux 6.1, US-only Version:

Intel:

netscape-common-4.7-1.1.i386.rpm.rhmask

netscape-communicator-4.7- 1.1.i386.rpm.rhmask

netscape-navigator-4.7- 1.1.i386.rpm.rhmask

Source:

netscape-4.7-1.1.src.rpm.rhmask

These updates are available in rhmask-ed RPM format. To obtain valid RPMs from rhmask-ed ones you will need to have available the original binary RPMs shipped with your Red Hat Linux 6.1 CD. Copy those rpms to your temporary directory along with the .rhmask files available here. Then you will have to use the rhmask program to obtain the updated RPMs:

rhmask netscape-common-4.61-12us.i386.rpm netscape-common-4.7- 1.1.i386.rpm.rhmask

rhmask netscape-communicator-4.61-12us.i386.rpm netscape-communicator-4.7- 1.1.i386.rpm.rhmask (all on one line)

rhmask netscape-communicator-4.61-12us.i386.rpm netscape-navigator-4.7- 1.1.i386.rpm.rhmask (all on one line)

7. Problem description:
A new version of Netscape has been released. This release fixes some security problems in Javascript and form signing, as well as adding some new features. For more information, please see:

http://home.netscape.com/eng/mozilla/4.7/relnotes/unix-4.7.html

(1999-10-08)
The original packages released for Red Hat Linux 6.0 and 6.1 had an error in the post-install script; the 75dpi font directory was accidentally removed from the font path instead of added. This is fixed in the updated packages. Users of the previous packages may wish to run (as root):

chkfontpath --add /usr/X11R6/lib/X11/fonts/75dpi
/etc/rc.d/init.d/xfs restart

as opposed to downloading the new packages, as the package contents have not changed.

8. Solution:

For each RPM for your particular architecture, run:

rpm -Uvh filename

where filename is the name of the RPM.

9. Verification:


 MD5 sum                           Package Name

 -------------------------------------------------------------------------
 da8414206db834a9cf40c387f1ac2920  netscape-common-4.7-1.1.i386.rpm
b1efd248d95a1a1cd7b9a5a1caef1922  netscape-communicator-4.7-1.1.i386.rpm
d5529c3e2403ff2a3ce4483b6c2eb131  netscape-navigator-4.7-1.1.i386.rpm
c8dd34bd0cad87bfd1d51a0c56713ac3  netscape-4.7-1.1.src.rpm

6d15f2d2fbb49a3603bfcbfad2741142  netscape-common-4.7-1.1us.i386.rpm.rhmask
84bc2680b0344417a99357f58baac962  netscape-communicator-4.7-
1.1us.i386.rpm.rhmask
f69bd8d20b64a699ae48fe59db612034  netscape-navigator-4.7-1.1us.i386.rpm.rhmask
b7f76b259d4f290e525b60ebcfd0a100  netscape-4.7-1.1us.src.rpm.rhmask



These packages are signed with GnuPG by Red Hat Inc. for security. Our key is available at:

http://www.Red Hat.com/corp/contact.html

and is also attached to this annoucement.

You can verify each package with the following command:

rpm --checksig filename

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command:

rpm --checksig --nogpg filename

Note that you need RPM >= 3.0 to check GnuPG keys.

10. References:

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.