Updated packages that disable SSLv2/3 usage are now availablefor Red Hat Enterprise MRG 2.5 for Red Hat Enterprise Linux 5.

Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generationIT infrastructure for enterprise computing. MRG offers increasedperformance, reliability, interoperability, and faster computing forenterprise customers.These updated packages address a vulnerability in the SSLv3 protocols,which is commonly referred to as POODLE. POODLE stands for Padding OracleOnDowngraded Legacy Encryption. This vulnerability allows a man-in-the-middleattacker to decrypt ciphertext using a padding oracle side-channel attack. POODLE affects older standards of encryption, specifically Secure SocketLayer(SSL) version 3. It does not affect the newer encryption mechanism knownas Transport Layer Security (TLS). As such, these updated packagesimplement therecommended action to disable SSLv3 in the C++ broker (qpid-cpp),Windows C++ client (qpid-qmf), Java client (qpid-java), and cumin (cumin).All users of Red Hat Enterprise MRG 2.5 for Red Hat EnterpriseLinux 5 are advised to upgrade to these updated packages, which correctthese issues.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/articles/11258Red Hat Enterprise MRG v2 for Red Hat Enterprise Linux (version 5)

SRPMS:
cumin-0.1.5796-6.el5_9.src.rpm
    MD5: 6740ec777df49335891890792b63a92eSHA-256: b211ec23052c4f8d6d4ca3cc440e9a79e4ffaa6ccafce16a70990c46eaab8538
qpid-cpp-mrg-0.18-36.el5_10.src.rpm
    MD5: 345cf941e453d8912bd71d633b54be95SHA-256: 8a04ebe212a45ae02f2d9389a7f64e94b7c5de0ece5c553aa0b250f48c361837
qpid-java-0.18-9.el5_9.src.rpm
    MD5: 2d134c4359471b8d8b1c99f687c5f887SHA-256: b95ad66e95fcd9feabf91582c3dae9c8681b54df1d372603b0219be74cae02b8
qpid-qmf-0.18-29.el5_10.src.rpm
    MD5: 2a326833d0422abf0d2e1ca548b8e89aSHA-256: f9da21765eb3820bdeb4fb8903ef579127ee8133525ab88ff5c8847c7145e4d8
 
IA-32:
cumin-0.1.5796-6.el5_9.noarch.rpm
    MD5: b453fb5f9e972f3c5e110278f52ceff8SHA-256: 90578166e2c4ae1b7df0ae741f0cde491ba4e95aa2f168dbd40debcdba5af68d
python-qpid-qmf-0.18-29.el5_10.i386.rpm
    MD5: 4571dd656bad109efe6988fa52f6836eSHA-256: f3b1605eafeb58d4ed9eec1d4d6cedcec7c52d27eb765135cbf9847b4762c852
qpid-cpp-client-0.18-36.el5_10.i386.rpm
    MD5: 60b63120b4252c29f8f7fed1913bf257SHA-256: cdfa0180ebd7a8db7b6d0a11e217c10eb37b4300bbfcec2306c8a62ccf021453
qpid-cpp-client-devel-0.18-36.el5_10.i386.rpm
    MD5: a6d8b58ea89a18f43b8f4d0da3614386SHA-256: 6a975b557a4f872bc3301633cd4fc040ba52de9b7c36e2f033cbc6257d599bb0
qpid-cpp-client-devel-docs-0.18-36.el5_10.i386.rpm
    MD5: c9ebf296aef5c30ae376329b2b4a0eccSHA-256: 1ad26786bd4223a4a2a4aaab02231e7bb34fbb71b0daf9dadc48e729280d2e68
qpid-cpp-client-rdma-0.18-36.el5_10.i386.rpm
    MD5: 642ab25928598e4fa4c96a84d543fbd1SHA-256: 770f097f8ff145bb5398d38e61bbe6a40da56744e235746bb5547055c4d17c14
qpid-cpp-client-ssl-0.18-36.el5_10.i386.rpm
    MD5: 95787672e061e71ba87bf5f00d57df59SHA-256: 9f3fafeb6ee40324f37ece4d57ef1ba89edf08d9ced49f66d093f82da23c942c
qpid-cpp-server-0.18-36.el5_10.i386.rpm
    MD5: 5b0bbe215c639f61a87a8386fe8de6f4SHA-256: 1283e7917a8fc5d0c49de172a3455c2042d56bdb3a130e0a689a64e5219223bb
qpid-cpp-server-cluster-0.18-36.el5_10.i386.rpm
    MD5: 3d2ff35fb58f24c34700afa6f0c06c06SHA-256: 0e84d211e0d97674a1bbe475449f8e85c63a1d0930918120ccf534f9904466f5
qpid-cpp-server-devel-0.18-36.el5_10.i386.rpm
    MD5: ee517b5519e246327c83eb8b0a44fd90SHA-256: 0a53e38e278658f8b3011c2fdcce1a0cba6eb5e287aded9290ac15b0dbb38ed6
qpid-cpp-server-rdma-0.18-36.el5_10.i386.rpm
    MD5: f0085da6214f55e226e41eb2054abf2cSHA-256: a32033a6a7c1174a38c54c726988688a3cc6d227efcecb15eee791051a65cc38
qpid-cpp-server-ssl-0.18-36.el5_10.i386.rpm
    MD5: b2fa4b9570cfc91c427c42aadf2368e7SHA-256: 66beb029541b61e81ad70bab7f319ae7c8b496187b3e33ab41657c167de9d241
qpid-cpp-server-store-0.18-36.el5_10.i386.rpm
    MD5: 735703f16cc1c32797ae6d07e8e4542bSHA-256: 11f0779e30fabe718a6d8fbe6cd41208682c8a3f29d246f3a94b53ffb1bf2017
qpid-cpp-server-xml-0.18-36.el5_10.i386.rpm
    MD5: 750d4706b600cff418b40b3f2d5f1eb0SHA-256: 61f6a4649ad3be8773ffb35adb4924a443ce899206474f464f898906a6548208
qpid-java-client-0.18-9.el5_9.noarch.rpm
    MD5: 9d266abdbf35336b361ac32784b4358eSHA-256: 4f7545368f9099b6e09971d0fa5c432170a55d34895f8271bf7be8464907e26d
qpid-java-common-0.18-9.el5_9.noarch.rpm
    MD5: 4a4d72f410ec29eddbd4d80099a8ee1eSHA-256: b3b21e65ff8600aeae4967c005251720224c6937f8e6710e0f575fa305452930
qpid-java-example-0.18-9.el5_9.noarch.rpm
    MD5: 9015255e1bbd2595fa5ad6e00ff119f8SHA-256: 22e75b90c38b1c2b525078f0816e036e8f330d32f6148f97fe8dbc19f1e2d541
qpid-qmf-0.18-29.el5_10.i386.rpm
    MD5: cc3e1e18a9296a3b72eefb250aba54cdSHA-256: c8da20616f5b413d1648bc881662e5bfb06b52fcffd731e31668387027147612
qpid-qmf-devel-0.18-29.el5_10.i386.rpm
    MD5: 9bb8dbd28f8e4dd4265dd43a76ef1451SHA-256: e7c0a2179b8e6b6dc6ae2bfc17dd3c8b2a61705244464a319f138132bd56c42f
ruby-qpid-qmf-0.18-29.el5_10.i386.rpm
    MD5: a4193b5c2c7491ea15b8be78d6cc2e9cSHA-256: 2b3612e955cc4b1d4cf719d1738c5b58e1d7d82feafd9d3393a32bc7574559d0
 
x86_64:
cumin-0.1.5796-6.el5_9.noarch.rpm
    MD5: b453fb5f9e972f3c5e110278f52ceff8SHA-256: 90578166e2c4ae1b7df0ae741f0cde491ba4e95aa2f168dbd40debcdba5af68d
python-qpid-qmf-0.18-29.el5_10.x86_64.rpm
    MD5: dacdb3e4e869b23b275d6eed3720c9a9SHA-256: c3497a9ea04ba7427e1aeafa8aa7236371904565b1ecb80a23188ce3d835309e
qpid-cpp-client-0.18-36.el5_10.x86_64.rpm
    MD5: 214cca35fb727af6094496f2e4c9d830SHA-256: 24f2e9583207eb09bd5c025727eff9efcd0a2fbe340ee91713c775640b69be94
qpid-cpp-client-devel-0.18-36.el5_10.x86_64.rpm
    MD5: 8359192e6bac141b42cec357e5533c1bSHA-256: e81afb8aa23d507469e02fcf51aad109a384d430ded50e83bc038458d416a662
qpid-cpp-client-devel-docs-0.18-36.el5_10.x86_64.rpm
    MD5: b875decbd71564a7cd29578e2909b634SHA-256: 19692adea1c5a6b7bb34a6f132bf419a383bcea912797d68b6c20a8488db63b7
qpid-cpp-client-rdma-0.18-36.el5_10.x86_64.rpm
    MD5: f1ebb6e25e9669e32cac3bd3ca1f4c7bSHA-256: 9626e0312881d79122cc62257f50dc0738c452be10f54b5693454a54c087b5e4
qpid-cpp-client-ssl-0.18-36.el5_10.x86_64.rpm
    MD5: 4cf24612ea20f59ce6ca6199f0a145d7SHA-256: ea927ced8814c0322f0066c9a3194d81db1e39827efef13a4f3024ecc0d31bd5
qpid-cpp-server-0.18-36.el5_10.x86_64.rpm
    MD5: b9ba5455948fb4ff3538446fcf5d60ecSHA-256: d7399e9a2017b7f7d114695cb19ae4c873f3eb4cba154a36eb68324efdc6d9bf
qpid-cpp-server-cluster-0.18-36.el5_10.x86_64.rpm
    MD5: 46b01aac31bbec26012a79b99fb1d471SHA-256: 6c75a58983aae0b712f5037347fb9b7f1371c39f8c20c55be57186d3a0878c7f
qpid-cpp-server-devel-0.18-36.el5_10.x86_64.rpm
    MD5: 80483c7622e709218a37d6ec9756218dSHA-256: ce8a27098ac8dcb4c22760bf8883d70e4741a3d25d3c855e62e267f9b2a4ffb8
qpid-cpp-server-rdma-0.18-36.el5_10.x86_64.rpm
    MD5: b2a95a1b72e0334b29a6196c8fd962eeSHA-256: ed717fb12102af99109bb68c2e07902eabcd0dfb1799581f06e13d565f373f56
qpid-cpp-server-ssl-0.18-36.el5_10.x86_64.rpm
    MD5: f668de3506024fb3b039618ef6679dbcSHA-256: 19919e23047332e9a9a30e1cbed44794069d8a8b6796321b8b8530205c908177
qpid-cpp-server-store-0.18-36.el5_10.x86_64.rpm
    MD5: ecaf30301031c8b0a0eea9253c229941SHA-256: 711d8638a397173d021c8a35dbeec178107e10d2c1027bfbacabc3c90a3d6109
qpid-cpp-server-xml-0.18-36.el5_10.x86_64.rpm
    MD5: c6ea360e4d49540e2803c2812398e6ccSHA-256: 537cf9bdaf9349d1511690a3315c173dd73ac2ef8ff11a424b00dc8be606828a
qpid-java-client-0.18-9.el5_9.noarch.rpm
    MD5: 9d266abdbf35336b361ac32784b4358eSHA-256: 4f7545368f9099b6e09971d0fa5c432170a55d34895f8271bf7be8464907e26d
qpid-java-common-0.18-9.el5_9.noarch.rpm
    MD5: 4a4d72f410ec29eddbd4d80099a8ee1eSHA-256: b3b21e65ff8600aeae4967c005251720224c6937f8e6710e0f575fa305452930
qpid-java-example-0.18-9.el5_9.noarch.rpm
    MD5: 9015255e1bbd2595fa5ad6e00ff119f8SHA-256: 22e75b90c38b1c2b525078f0816e036e8f330d32f6148f97fe8dbc19f1e2d541
qpid-qmf-0.18-29.el5_10.x86_64.rpm
    MD5: 0c4a93fb69ac209158bc8524eb394219SHA-256: 6ea9dadb6432b8c0c57be9f3f8fbaec79e27652f562f1dc90443380c950bfe5c
qpid-qmf-devel-0.18-29.el5_10.x86_64.rpm
    MD5: 1a47c0a9abf39d749333d4004366cf37SHA-256: 6b7c9c2424cb5fcf6a568e7b779bafdf46b4e9595fd14c0bc8676fe48cbb0b31
ruby-qpid-qmf-0.18-29.el5_10.x86_64.rpm
    MD5: 3d0e82ed3a404c133a15d3d3114e4ad1SHA-256: 4552be932640827c172222828a56477088572224249270cc38f3c29fb703eb28
 
(The unlinked packages above are only available from the Red Hat Network)
1164011 – MRG 2.5.9/RHEL-5 errata placeholder

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply