[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RHN Errata Alert: Critical: RealPlayer security update
- Subject: RHN Errata Alert: Critical: RealPlayer security update
- From: Red Hat Network Alert <dev-null@rhn.redhat.com>
- Date: Thu, 23 Mar 2006 02:22:08 -0500
Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered:
Complete information about this errata can be found at the following location:
https://rhn.redhat.com/network/errata/errata_details.pxt?eid=3982
Security Advisory - RHSA-2006:0257-9
------------------------------------------------------------------------------
Summary:
Critical: RealPlayer security update
An updated RealPlayer package that fixes a buffer overflow bug is now
available for Red Hat Enterprise Linux Extras 3 and 4.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Description:
RealPlayer is a media player that provides media playback locally and via
streaming.
A buffer overflow bug was discovered in the way RealPlayer processes Flash
Media (.swf) files. It is possible for a malformed Flash Media file to
execute arbitrary code as the user running RealPlayer. The Common
Vulnerabilities and Exposures project assigned the name CVE-2006-0323 to
this issue.
All users of RealPlayer are advised to upgrade to this updated package,
which contains RealPlayer version 10.0.7 and is not vulnerable to this issue.
------------------------------------------------------------------------------
-------------
Taking Action
-------------
You may address the issues outlined in this advisory in two ways:
- select your server name by clicking on its name from the list
available at the following location, and then schedule an
errata update for it:
https://rhn.redhat.com/network/systemlist/system_list.pxt
- run the Update Agent on each affected server.
---------------------------------
Changing Notification Preferences
---------------------------------
To enable/disable your Errata Alert preferences globally please log in to RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.
URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt
You can also enable/disable notification on a per system basis by selecting an
individual system from the "Systems List". From the individual system view
click the "Details" tab.
---------------------
Affected Systems List
---------------------
This Errata Advisory may apply to the systems listed below. If you know that
this errata does not apply to a system listed, it might be possible that the
package profile for that server is out of date. In that case you should run
'up2date -p' as root on the system in question to refresh your software profile.
There are 4 affected systems registered in 'Your RHN' (only systems for
which you have explicitly enabled Errata Alerts are shown).
Release Arch Profile Name
-------- -------- ------------
The Red Hat Network Team
This message is being sent by Red Hat Network Alert to:
RHN user login: snooder
If you lost your RHN password, you can use the information above to
retrieve it by email from the following address:
https://rhn.redhat.com/forgot_password.pxt
To cancel these notices, go to:
https://rhn.redhat.com/oo.pxt?uid=3617679&oid=3699264