Oval Definition:oval:com.redhat.rhsa:def:20130250
Revision Date:2013-02-11Version:638
Title:RHSA-2013:0250: elinks security update (Moderate)
Description:ELinks is a text-based web browser. ELinks does not display any images, but it does support frames, tables, and most other HTML tags.

  • It was found that ELinks performed client credentials delegation during the client-to-server GSS security mechanisms negotiation. A rogue server could use this flaw to obtain the client's credentials and impersonate that client to other servers that are using GSSAPI. (CVE-2012-4545)

    This issue was discovered by Marko Myllynen of Red Hat.

    All ELinks users are advised to upgrade to this updated package, which contains a backported patch to resolve the issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2012-4545
    CVE-2012-4545
    RHSA-2013:0250
    RHSA-2013:0250-01
    RHSA-2013:0250-01
    Platform(s):Red Hat Enterprise Linux 5
    Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND elinks is earlier than 0:0.12-0.21.pre5.el6_3
  • AND elinks is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND elinks is earlier than 0:0.11.1-8.el5_9
  • AND elinks is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • elinks is earlier than 0:0.12-0.21.pre5.el6_3
  • AND elinks is signed with Red Hat redhatrelease2 key
  • AND
  • Red Hat Enterprise Linux 6 Client is installed
  • OR Red Hat Enterprise Linux 6 Server is installed
  • OR Red Hat Enterprise Linux 6 Workstation is installed
  • OR Red Hat Enterprise Linux 6 ComputeNode is installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND elinks is earlier than 0:0.11.1-8.el5_9
  • AND elinks is signed with Red Hat redhatrelease key
    • BACK