INFORMATION BULLETIN
INFORMATION BULLETIN
| PROBLEM: | Several vulnerabilities were found in MySQL. |
| PLATFORM: | Red Hat Desktop (v.3 and v.4) Red Hat Enterprise Linux AS, ES, WS (v. 2.1, v.3 and v.4) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor Debian GNU/Linux 3.0 alias woody |
| DAMAGE: | A user with the ability to create and execute a user defined function could potentially execute arbitrary code on the MySQL server. A bug was also discovered in the way MySQL creates temporary tables. A local user could create a specially crafted symlink which could result in the MySQL server overwriting a file which it has write access to. |
| SOLUTION: | Apply the security upgrade. |
| VULNERABILITY ASSESSMENT: |
The risk is LOW. An authenticated attacker may execute arbitrary code with mysqld privileges. |
| LINKS: | |
| CIAC BULLETIN: | http://www.ciac.org/ciac/bulletins/p-164.shtml |
| ORIGINAL BULLETIN: | https://rhn.redhat.com/errata/RHSA-2005-334.html |
| ADDITIONAL LINKS: | Red Hat Security Advisory RHSA-2005-348-06 |
| https://rhn.redhat.com/errata/RHSA-2005-348.html | |
| Debian Security Advisory DSA-707-1 http://www.debian.org/security/2005/dsa-707 |
|
| Red Hat RHSA-2005:415-16 https://rhn.redhat.com/errata/RHSA-2005-415.html Sun Alert ID: 101864 http://www.sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1&searchclause=101864 |
|
| CVE/CAN: | http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= CAN-2005-0709, CAN-2005-0710, CAN-2005-0711 |
REVISION HISTORY:
04/06/05 - added link to Red Hat Security Advisory RHSA-2005:348-06 that fix serveral
security risks in the MySQL server.
04/13/05 - added a link to Debian Security Advisory DSA-707-1 for Debian
GNU/Linux 3.0 alias woody.
06/15/05 - added a link to Red Hat RHSA-2005:415-16.
08/12/2005 - added a link to Sun Alert ID: 101864
[***** Start Red Hat Advisory RHSA-2005:334-07 *****]
Important: mysql security update
Advisory: RHSA-2005:334-07
Type: Security Advisory
Issued on: 2005-03-28
Last updated on: 2005-03-28
Affected Products: Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CAN-2005-0709
CAN-2005-0710
CAN-2005-0711
Details
Updated mysql packages that fix several vulnerabilities are now available.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
MySQL is a multi-user, multi-threaded SQL database server.
This update fixes several security risks in the MySQL server.
Stefano Di Paola discovered two bugs in the way MySQL handles user-defined
functions. A user with the ability to create and execute a user defined
function could potentially execute arbitrary code on the MySQL server. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the names CAN-2005-0709 and CAN-2005-0710 to these issues.
Stefano Di Paola also discovered a bug in the way MySQL creates temporary
tables. A local user could create a specially crafted symlink which could
result in the MySQL server overwriting a file which it has write access to.
The Common Vulnerabilities and Exposures project has assigned the name
CAN-2005-0711 to this issue.
All users of the MySQL server are advised to upgrade to these updated
packages, which contain fixes for these issues.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
Updated packages
Red Hat Desktop (v. 3)
--------------------------------------------------------------------------------
SRPMS:
mysql-3.23.58-15.RHEL3.1.src.rpm 854563dcb2706dbf0eb417442e4dd601
IA-32:
mysql-3.23.58-15.RHEL3.1.i386.rpm 6e214b26ef33b2a8af7e94e37af6fc4b
mysql-bench-3.23.58-15.RHEL3.1.i386.rpm 84d4de6d6a9fe46cd989d3f28f605a0e
mysql-devel-3.23.58-15.RHEL3.1.i386.rpm 0c20117cddfcbcc2ae85b1329cb9dd5e
x86_64:
mysql-3.23.58-15.RHEL3.1.i386.rpm 6e214b26ef33b2a8af7e94e37af6fc4b
mysql-3.23.58-15.RHEL3.1.x86_64.rpm 429fb7ce5fc1e0284c9926df6294d8a3
mysql-bench-3.23.58-15.RHEL3.1.x86_64.rpm b25503c0af603c1d969c45e7b2a2438c
mysql-devel-3.23.58-15.RHEL3.1.x86_64.rpm 8068983267456132f1c70468521e3dfd
Red Hat Desktop (v. 4)
--------------------------------------------------------------------------------
SRPMS:
mysql-4.1.10a-1.RHEL4.1.src.rpm b6a840faaf98a346425dd9a06c8fec10
IA-32:
mysql-4.1.10a-1.RHEL4.1.i386.rpm 6a7fdca164e9d66223f86902be96a088
mysql-bench-4.1.10a-1.RHEL4.1.i386.rpm 0187c8af0101368f12335745e860039b
mysql-devel-4.1.10a-1.RHEL4.1.i386.rpm 11878e76e63152275d496917c66e9306
mysql-server-4.1.10a-1.RHEL4.1.i386.rpm 7ebf9d00d246c7da140b57ea998d29da
x86_64:
mysql-4.1.10a-1.RHEL4.1.i386.rpm 6a7fdca164e9d66223f86902be96a088
mysql-4.1.10a-1.RHEL4.1.x86_64.rpm aa863d0a948e88220b65196997553834
mysql-bench-4.1.10a-1.RHEL4.1.x86_64.rpm 859368a712acb8c2cb9c574c340b641f
mysql-devel-4.1.10a-1.RHEL4.1.x86_64.rpm bb6f83b4432b00bbd495a753f340b84a
mysql-server-4.1.10a-1.RHEL4.1.x86_64.rpm ca64d3910c12363a62ec773785f31724
Red Hat Enterprise Linux AS (v. 2.1)
--------------------------------------------------------------------------------
SRPMS:
mysql-3.23.58-1.72.2.src.rpm 9f8398d805ce362f80c15408233a9ed1
IA-32:
mysql-3.23.58-1.72.2.i386.rpm c8b10a5e219a0bb25c34a2df1b64bc18
mysql-devel-3.23.58-1.72.2.i386.rpm 2cf8e981adf1d3c6563fefa662905819
mysql-server-3.23.58-1.72.2.i386.rpm eab17f634d6291a172d8da3643d0bbc9
IA-64:
mysql-3.23.58-1.72.2.ia64.rpm a856bfd608828d4f64d9796917850273
mysql-devel-3.23.58-1.72.2.ia64.rpm 86c85219c9bee00653f7d15c3f7430ee
mysql-server-3.23.58-1.72.2.ia64.rpm 2b001d68cb35af5d79c24796a52ebcf0
Red Hat Enterprise Linux AS (v. 3)
--------------------------------------------------------------------------------
SRPMS:
mysql-3.23.58-15.RHEL3.1.src.rpm 854563dcb2706dbf0eb417442e4dd601
IA-32:
mysql-3.23.58-15.RHEL3.1.i386.rpm 6e214b26ef33b2a8af7e94e37af6fc4b
mysql-bench-3.23.58-15.RHEL3.1.i386.rpm 84d4de6d6a9fe46cd989d3f28f605a0e
mysql-devel-3.23.58-15.RHEL3.1.i386.rpm 0c20117cddfcbcc2ae85b1329cb9dd5e
IA-64:
mysql-3.23.58-15.RHEL3.1.i386.rpm 6e214b26ef33b2a8af7e94e37af6fc4b
mysql-3.23.58-15.RHEL3.1.ia64.rpm f11140c71bd0153313b568b5a2f3c3ce
mysql-bench-3.23.58-15.RHEL3.1.ia64.rpm 16090c803a0ebe16c182225a579238ee
mysql-devel-3.23.58-15.RHEL3.1.ia64.rpm 88f6753a99b5ee4f47a2d10c4861c945
PPC:
mysql-3.23.58-15.RHEL3.1.ppc.rpm a81cdaff84d2f09eb83a102917191afe
mysql-3.23.58-15.RHEL3.1.ppc64.rpm 45af37f982e521565793473f340e5be5
mysql-bench-3.23.58-15.RHEL3.1.ppc.rpm 59b3a8a7e23532c70d881b475af4bd7d
mysql-devel-3.23.58-15.RHEL3.1.ppc.rpm 3cd8cb4cd0915e0bbd96efa890d9bee4
s390:
mysql-3.23.58-15.RHEL3.1.s390.rpm 142b2ed96d26cae6cc4643307909ca91
mysql-bench-3.23.58-15.RHEL3.1.s390.rpm 6562ff7efbe46ecbc1278355653ea7d8
mysql-devel-3.23.58-15.RHEL3.1.s390.rpm 55dc03163e7ffcb5b549ed5865a09d75
s390x:
mysql-3.23.58-15.RHEL3.1.s390.rpm 142b2ed96d26cae6cc4643307909ca91
mysql-3.23.58-15.RHEL3.1.s390x.rpm 58e2b16cefa1011b037c3eb19abbadd7
mysql-bench-3.23.58-15.RHEL3.1.s390x.rpm 219bc280dfcc231e133fb176cc5d830c
mysql-devel-3.23.58-15.RHEL3.1.s390x.rpm fc9aaa8d267db06e32541a474cbfb743
x86_64:
mysql-3.23.58-15.RHEL3.1.i386.rpm 6e214b26ef33b2a8af7e94e37af6fc4b
mysql-3.23.58-15.RHEL3.1.x86_64.rpm 429fb7ce5fc1e0284c9926df6294d8a3
mysql-bench-3.23.58-15.RHEL3.1.x86_64.rpm b25503c0af603c1d969c45e7b2a2438c
mysql-devel-3.23.58-15.RHEL3.1.x86_64.rpm 8068983267456132f1c70468521e3dfd
Red Hat Enterprise Linux AS (v. 4)
--------------------------------------------------------------------------------
SRPMS:
mysql-4.1.10a-1.RHEL4.1.src.rpm b6a840faaf98a346425dd9a06c8fec10
IA-32:
mysql-4.1.10a-1.RHEL4.1.i386.rpm 6a7fdca164e9d66223f86902be96a088
mysql-bench-4.1.10a-1.RHEL4.1.i386.rpm 0187c8af0101368f12335745e860039b
mysql-devel-4.1.10a-1.RHEL4.1.i386.rpm 11878e76e63152275d496917c66e9306
mysql-server-4.1.10a-1.RHEL4.1.i386.rpm 7ebf9d00d246c7da140b57ea998d29da
IA-64:
mysql-4.1.10a-1.RHEL4.1.i386.rpm 6a7fdca164e9d66223f86902be96a088
mysql-4.1.10a-1.RHEL4.1.ia64.rpm c5e66b2052dddad3f7efa8f5a2548306
mysql-bench-4.1.10a-1.RHEL4.1.ia64.rpm 33db1d591733c449d28795506be1d3ec
mysql-devel-4.1.10a-1.RHEL4.1.ia64.rpm 960eaaf9f5cf36e0b0a94ab1ef9c21b9
mysql-server-4.1.10a-1.RHEL4.1.ia64.rpm 4bf66c5b263eb18988cd969ecebd8e58
PPC:
mysql-4.1.10a-1.RHEL4.1.ppc.rpm 5b88ed2db9ae0fd206eaaa103f043a08
mysql-4.1.10a-1.RHEL4.1.ppc64.rpm 64fd1fa7bc38b404acccbcc38fdf8211
mysql-bench-4.1.10a-1.RHEL4.1.ppc.rpm f94c6abe0859ec58e6eceaf05edbfe2b
mysql-devel-4.1.10a-1.RHEL4.1.ppc.rpm ee2a0cc6256bc7329789895e199e859a
mysql-server-4.1.10a-1.RHEL4.1.ppc.rpm b5fb67ecd12729f5a473803d12529813
s390:
mysql-4.1.10a-1.RHEL4.1.s390.rpm ae44637b61fe5b9c56c7306b396c0bff
mysql-bench-4.1.10a-1.RHEL4.1.s390.rpm 5d96344a3dfbd15f42e63d72d9648093
mysql-devel-4.1.10a-1.RHEL4.1.s390.rpm 21c55ea6889bb3a41c42a25f1083d328
mysql-server-4.1.10a-1.RHEL4.1.s390.rpm 3bff18b1d43eb5ef74be7b08714d2978
s390x:
mysql-4.1.10a-1.RHEL4.1.s390.rpm ae44637b61fe5b9c56c7306b396c0bff
mysql-4.1.10a-1.RHEL4.1.s390x.rpm 9f406ee647de81c005d89d38760b5574
mysql-bench-4.1.10a-1.RHEL4.1.s390x.rpm c2c3bb4b29a135ff177c964e167d3a3e
mysql-devel-4.1.10a-1.RHEL4.1.s390x.rpm e858acd2e61b4d7e7874b4f49a00308e
mysql-server-4.1.10a-1.RHEL4.1.s390x.rpm 9c12db91656385534ac3a8efdbc5705b
x86_64:
mysql-4.1.10a-1.RHEL4.1.i386.rpm 6a7fdca164e9d66223f86902be96a088
mysql-4.1.10a-1.RHEL4.1.x86_64.rpm aa863d0a948e88220b65196997553834
mysql-bench-4.1.10a-1.RHEL4.1.x86_64.rpm 859368a712acb8c2cb9c574c340b641f
mysql-devel-4.1.10a-1.RHEL4.1.x86_64.rpm bb6f83b4432b00bbd495a753f340b84a
mysql-server-4.1.10a-1.RHEL4.1.x86_64.rpm ca64d3910c12363a62ec773785f31724
Red Hat Enterprise Linux ES (v. 2.1)
--------------------------------------------------------------------------------
SRPMS:
mysql-3.23.58-1.72.2.src.rpm 9f8398d805ce362f80c15408233a9ed1
IA-32:
mysql-3.23.58-1.72.2.i386.rpm c8b10a5e219a0bb25c34a2df1b64bc18
mysql-devel-3.23.58-1.72.2.i386.rpm 2cf8e981adf1d3c6563fefa662905819
mysql-server-3.23.58-1.72.2.i386.rpm eab17f634d6291a172d8da3643d0bbc9
Red Hat Enterprise Linux ES (v. 3)
--------------------------------------------------------------------------------
SRPMS:
mysql-3.23.58-15.RHEL3.1.src.rpm 854563dcb2706dbf0eb417442e4dd601
IA-32:
mysql-3.23.58-15.RHEL3.1.i386.rpm 6e214b26ef33b2a8af7e94e37af6fc4b
mysql-bench-3.23.58-15.RHEL3.1.i386.rpm 84d4de6d6a9fe46cd989d3f28f605a0e
mysql-devel-3.23.58-15.RHEL3.1.i386.rpm 0c20117cddfcbcc2ae85b1329cb9dd5e
IA-64:
mysql-3.23.58-15.RHEL3.1.i386.rpm 6e214b26ef33b2a8af7e94e37af6fc4b
mysql-3.23.58-15.RHEL3.1.ia64.rpm f11140c71bd0153313b568b5a2f3c3ce
mysql-bench-3.23.58-15.RHEL3.1.ia64.rpm 16090c803a0ebe16c182225a579238ee
mysql-devel-3.23.58-15.RHEL3.1.ia64.rpm 88f6753a99b5ee4f47a2d10c4861c945
x86_64:
mysql-3.23.58-15.RHEL3.1.i386.rpm 6e214b26ef33b2a8af7e94e37af6fc4b
mysql-3.23.58-15.RHEL3.1.x86_64.rpm 429fb7ce5fc1e0284c9926df6294d8a3
mysql-bench-3.23.58-15.RHEL3.1.x86_64.rpm b25503c0af603c1d969c45e7b2a2438c
mysql-devel-3.23.58-15.RHEL3.1.x86_64.rpm 8068983267456132f1c70468521e3dfd
Red Hat Enterprise Linux ES (v. 4)
--------------------------------------------------------------------------------
SRPMS:
mysql-4.1.10a-1.RHEL4.1.src.rpm b6a840faaf98a346425dd9a06c8fec10
IA-32:
mysql-4.1.10a-1.RHEL4.1.i386.rpm 6a7fdca164e9d66223f86902be96a088
mysql-bench-4.1.10a-1.RHEL4.1.i386.rpm 0187c8af0101368f12335745e860039b
mysql-devel-4.1.10a-1.RHEL4.1.i386.rpm 11878e76e63152275d496917c66e9306
mysql-server-4.1.10a-1.RHEL4.1.i386.rpm 7ebf9d00d246c7da140b57ea998d29da
IA-64:
mysql-4.1.10a-1.RHEL4.1.i386.rpm 6a7fdca164e9d66223f86902be96a088
mysql-4.1.10a-1.RHEL4.1.ia64.rpm c5e66b2052dddad3f7efa8f5a2548306
mysql-bench-4.1.10a-1.RHEL4.1.ia64.rpm 33db1d591733c449d28795506be1d3ec
mysql-devel-4.1.10a-1.RHEL4.1.ia64.rpm 960eaaf9f5cf36e0b0a94ab1ef9c21b9
mysql-server-4.1.10a-1.RHEL4.1.ia64.rpm 4bf66c5b263eb18988cd969ecebd8e58
x86_64:
mysql-4.1.10a-1.RHEL4.1.i386.rpm 6a7fdca164e9d66223f86902be96a088
mysql-4.1.10a-1.RHEL4.1.x86_64.rpm aa863d0a948e88220b65196997553834
mysql-bench-4.1.10a-1.RHEL4.1.x86_64.rpm 859368a712acb8c2cb9c574c340b641f
mysql-devel-4.1.10a-1.RHEL4.1.x86_64.rpm bb6f83b4432b00bbd495a753f340b84a
mysql-server-4.1.10a-1.RHEL4.1.x86_64.rpm ca64d3910c12363a62ec773785f31724
Red Hat Enterprise Linux WS (v. 2.1)
--------------------------------------------------------------------------------
SRPMS:
mysql-3.23.58-1.72.2.src.rpm 9f8398d805ce362f80c15408233a9ed1
IA-32:
mysql-3.23.58-1.72.2.i386.rpm c8b10a5e219a0bb25c34a2df1b64bc18
mysql-devel-3.23.58-1.72.2.i386.rpm 2cf8e981adf1d3c6563fefa662905819
mysql-server-3.23.58-1.72.2.i386.rpm eab17f634d6291a172d8da3643d0bbc9
Red Hat Enterprise Linux WS (v. 3)
--------------------------------------------------------------------------------
SRPMS:
mysql-3.23.58-15.RHEL3.1.src.rpm 854563dcb2706dbf0eb417442e4dd601
IA-32:
mysql-3.23.58-15.RHEL3.1.i386.rpm 6e214b26ef33b2a8af7e94e37af6fc4b
mysql-bench-3.23.58-15.RHEL3.1.i386.rpm 84d4de6d6a9fe46cd989d3f28f605a0e
mysql-devel-3.23.58-15.RHEL3.1.i386.rpm 0c20117cddfcbcc2ae85b1329cb9dd5e
IA-64:
mysql-3.23.58-15.RHEL3.1.i386.rpm 6e214b26ef33b2a8af7e94e37af6fc4b
mysql-3.23.58-15.RHEL3.1.ia64.rpm f11140c71bd0153313b568b5a2f3c3ce
mysql-bench-3.23.58-15.RHEL3.1.ia64.rpm 16090c803a0ebe16c182225a579238ee
mysql-devel-3.23.58-15.RHEL3.1.ia64.rpm 88f6753a99b5ee4f47a2d10c4861c945
x86_64:
mysql-3.23.58-15.RHEL3.1.i386.rpm 6e214b26ef33b2a8af7e94e37af6fc4b
mysql-3.23.58-15.RHEL3.1.x86_64.rpm 429fb7ce5fc1e0284c9926df6294d8a3
mysql-bench-3.23.58-15.RHEL3.1.x86_64.rpm b25503c0af603c1d969c45e7b2a2438c
mysql-devel-3.23.58-15.RHEL3.1.x86_64.rpm 8068983267456132f1c70468521e3dfd
Red Hat Enterprise Linux WS (v. 4)
--------------------------------------------------------------------------------
SRPMS:
mysql-4.1.10a-1.RHEL4.1.src.rpm b6a840faaf98a346425dd9a06c8fec10
IA-32:
mysql-4.1.10a-1.RHEL4.1.i386.rpm 6a7fdca164e9d66223f86902be96a088
mysql-bench-4.1.10a-1.RHEL4.1.i386.rpm 0187c8af0101368f12335745e860039b
mysql-devel-4.1.10a-1.RHEL4.1.i386.rpm 11878e76e63152275d496917c66e9306
mysql-server-4.1.10a-1.RHEL4.1.i386.rpm 7ebf9d00d246c7da140b57ea998d29da
IA-64:
mysql-4.1.10a-1.RHEL4.1.i386.rpm 6a7fdca164e9d66223f86902be96a088
mysql-4.1.10a-1.RHEL4.1.ia64.rpm c5e66b2052dddad3f7efa8f5a2548306
mysql-bench-4.1.10a-1.RHEL4.1.ia64.rpm 33db1d591733c449d28795506be1d3ec
mysql-devel-4.1.10a-1.RHEL4.1.ia64.rpm 960eaaf9f5cf36e0b0a94ab1ef9c21b9
mysql-server-4.1.10a-1.RHEL4.1.ia64.rpm 4bf66c5b263eb18988cd969ecebd8e58
x86_64:
mysql-4.1.10a-1.RHEL4.1.i386.rpm 6a7fdca164e9d66223f86902be96a088
mysql-4.1.10a-1.RHEL4.1.x86_64.rpm aa863d0a948e88220b65196997553834
mysql-bench-4.1.10a-1.RHEL4.1.x86_64.rpm 859368a712acb8c2cb9c574c340b641f
mysql-devel-4.1.10a-1.RHEL4.1.x86_64.rpm bb6f83b4432b00bbd495a753f340b84a
mysql-server-4.1.10a-1.RHEL4.1.x86_64.rpm ca64d3910c12363a62ec773785f31724
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
--------------------------------------------------------------------------------
SRPMS:
mysql-3.23.58-1.72.2.src.rpm 9f8398d805ce362f80c15408233a9ed1
IA-64:
mysql-3.23.58-1.72.2.ia64.rpm a856bfd608828d4f64d9796917850273
mysql-devel-3.23.58-1.72.2.ia64.rpm 86c85219c9bee00653f7d15c3f7430ee
mysql-server-3.23.58-1.72.2.ia64.rpm 2b001d68cb35af5d79c24796a52ebcf0
(The unlinked packages above are only available from the Red Hat Network)
Bugs fixed (see bugzilla for more information)
150868 - CAN-2005-0711 Insecure temporary file creation with CREATE TEMPORARY
TABLE
150871 - CAN-2005-0710 MySQL security attacks via user-defined functions in C
(CAN-2005-0709)
151051 - CAN-2005-0710 MySQL security attacks via user-defined functions in C
(CAN-2005-0709)
152344 - CAN-2005-0711 Insecure temporary file creation with CREATE TEMPORARY
TABLE
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711
--------------------------------------------------------------------------------
These packages are GPG signed by Red Hat for security. Our key and details on
how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at
http://www.redhat.com/security/team/contact/
[***** End Red Hat Advisory RHSA-2005:334-07 *****]
Voice: +1 866-941-2472 (7 x 24)
E-mail: doecirc@doecirc.energy.gov
World Wide Web: http://www.doecirc.energy.gov/