--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Updated mailman packages are available. Advisory ID: RHSA-2000:030-03 Issue date: 2000-05-24 Updated on: 2000-08-03 Product: Red Hat Secure Web Server Keywords: N/A Cross references: N/A --------------------------------------------------------------------- 1. Topic: New mailman packages are available which close security holes present in earlier versions of mailman. 2. Relevant releases/architectures: Red Hat Secure Web Server 3.0 - i386 Red Hat Secure Web Server 3.1 - i386, alpha, sparc Red Hat Secure Web Server 3.2 - i386 3. Problem description: New mailman packages are available which close security holes present in earlier versions of mailman. All sites using the mailman mailing list management software should upgrade. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): N/A 6. RPMs required: Red Hat Secure Web Server 3.2: i386: ftp://updates.redhat.com/secureweb/3.2/i386/mailman-2.0beta5-1.i386.rpm sources: ftp://updates.redhat.com/secureweb/3.2/SRPMS/mailman-2.0beta5-1.src.rpm 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- 3bec0ff832a99b87eb235229935fd2a0 3.2/SRPMS/mailman-2.0beta5-1.src.rpm 53561915ca8b245b98bd78f3e3a8fd9d 3.2/i386/mailman-2.0beta5-1.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: N/A Copyright(c) 2000 Red Hat, Inc.