Fedora Core 4 Update: openssh-4.1p1-3.1
by Tomas Mraz
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-495
2005-07-13
---------------------------------------------------------------------
Product : Fedora Core 4
Name : openssh
Version : 4.1p1
Release : 3.1
Summary : The OpenSSH implementation of SSH protocol versions 1 and 2.
Description :
OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. SSH
replaces rlogin and rsh, to provide secure encrypted communications
between two untrusted hosts over an insecure network. X11 connections
and arbitrary TCP/IP ports can also be forwarded over the secure
channel. Public key authentication may be used for "passwordless"
access to servers.
This update rebases openssh to 4.1p1 upstream. This upstream release
is only bug fix release so the changes should be minimal. Also /etc/nologin
processing has been changed so it is not done twice.
---------------------------------------------------------------------
* Wed Jun 29 2005 Tomas Mraz <tmraz(a)redhat.com> 4.1p1-3.1
- fix small regression caused by the nologin patch (#161956)
- fix race in getpeername error checking (mindrot #1054)
- don't deadlock on exit with multiple X forwarded channels (#152432)
* Thu Jun 9 2005 Tomas Mraz <tmraz(a)redhat.com> 4.1p1-2
- use only pam_nologin for nologin testing
* Mon Jun 6 2005 Tomas Mraz <tmraz(a)redhat.com> 4.1p1-1
- upgrade to a new upstream version
- call pam_loginuid as a pam session module
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
eee8a760bc1adafd90b6cd064d911928 SRPMS/openssh-4.1p1-3.1.src.rpm
97e091048907ba0dac1c89617bb1390a ppc/openssh-4.1p1-3.1.ppc.rpm
1ed090fc73504dab6fc10a1458f1156c ppc/openssh-clients-4.1p1-3.1.ppc.rpm
665171f459bca6baad73961d238669fe ppc/openssh-server-4.1p1-3.1.ppc.rpm
1ef6154a0ab119324739449c150ae82e ppc/openssh-askpass-4.1p1-3.1.ppc.rpm
33f01c5d1f5f61e54aab4a9ee7b3f843 ppc/openssh-askpass-gnome-4.1p1-3.1.ppc.rpm
8f55b5cc1b575d942dbbae3ae1e6bbf6 ppc/debug/openssh-debuginfo-4.1p1-3.1.ppc.rpm
da0c958d4e29ab9bc40261fbda063678 x86_64/openssh-4.1p1-3.1.x86_64.rpm
b3fd90a053c307235e3e4be07f815cd2 x86_64/openssh-clients-4.1p1-3.1.x86_64.rpm
13e10f577026726366f8a7694a97227d x86_64/openssh-server-4.1p1-3.1.x86_64.rpm
f6b8e5b04f68a82d433ade52bfbdc1b1 x86_64/openssh-askpass-4.1p1-3.1.x86_64.rpm
04164a14daee1b78a10e1c9489fc81e3 x86_64/openssh-askpass-gnome-4.1p1-3.1.x86_64.rpm
f17e8bccb50b5638d200a3e5d15440c0 x86_64/debug/openssh-debuginfo-4.1p1-3.1.x86_64.rpm
096ceab7795ce64a46a491ef036551b9 i386/openssh-4.1p1-3.1.i386.rpm
60d45f429dfd496ca74091b810f28682 i386/openssh-clients-4.1p1-3.1.i386.rpm
7beeb4eb3e03d1beafc69bce0db4dd04 i386/openssh-server-4.1p1-3.1.i386.rpm
86a6b8b6424cc220b83f92e507a88afb i386/openssh-askpass-4.1p1-3.1.i386.rpm
bf7ab359936fc8b8b61b692f245cfaa2 i386/openssh-askpass-gnome-4.1p1-3.1.i386.rpm
8f6c7454d2e304b21f4b0442fd97059d i386/debug/openssh-debuginfo-4.1p1-3.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 9 months
[SECURITY] Fedora Core 4 Update: rpm-4.4.1-22
by Paul Nasrat
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-565
2005-07-13
---------------------------------------------------------------------
Product : Fedora Core 4
Name : rpm
Version : 4.4.1
Release : 22
Summary : The RPM package management system.
Description :
The RPM Package Manager (RPM) is a powerful command line driven
package management system capable of installing, uninstalling,
verifying, querying, and updating software packages. Each software
package consists of an archive of files along with information about
the package like its version, a description, etc.
---------------------------------------------------------------------
Update Information:
This update corrects security problem CAN-2005-2096.
---------------------------------------------------------------------
* Wed Jul 13 2005 Paul Nasrat <pnasrat(a)redhat.com> - 4.4.1-22
- zlib fix for CAN-2005-2096
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
4e8753f4e96768e731dc7ff33e91323f SRPMS/rpm-4.4.1-22.src.rpm
4d2cef556d21a4590068b378222ae584 ppc/rpm-4.4.1-22.ppc.rpm
767aa8667cfb6130736fbd86f2a63750 ppc/rpm-libs-4.4.1-22.ppc.rpm
72ab6a216aeceb956ab71f27ccea7d01 ppc/rpm-devel-4.4.1-22.ppc.rpm
d0260b73251f2ebca9d46cda26ba731d ppc/rpm-build-4.4.1-22.ppc.rpm
833d3484b4d4169b518e3cee7f8ffe8f ppc/rpm-python-4.4.1-22.ppc.rpm
3fdc79debc0679add4e965d23a59b29e ppc/popt-1.10.1-22.ppc.rpm
d480472dfb69566ece6f9072f2bc4bee ppc/debug/rpm-debuginfo-4.4.1-22.ppc.rpm
604d36a26a6734dd556012d7abde53f1 ppc/popt-1.10.1-22.ppc64.rpm
37b01382694ac79ce43ab8308cd789cf x86_64/rpm-4.4.1-22.x86_64.rpm
186c26cedfdc8602c215916749ac75a4 x86_64/rpm-libs-4.4.1-22.x86_64.rpm
5cd21dae524b0918da4cf0c28e3e0bbf x86_64/rpm-devel-4.4.1-22.x86_64.rpm
d17768c4505657b1c64f397ea568a402 x86_64/rpm-build-4.4.1-22.x86_64.rpm
f832726f36a48a01646cfb371aca60b3 x86_64/rpm-python-4.4.1-22.x86_64.rpm
de6456c074a74c48c35f1d18dd260629 x86_64/popt-1.10.1-22.x86_64.rpm
1184723dc5506944af4758333d883265 x86_64/debug/rpm-debuginfo-4.4.1-22.x86_64.rpm
4080913a0dc8d6e3cd3efeef0ee0e225 x86_64/popt-1.10.1-22.i386.rpm
4267228376a6eaf4cdf6426d0fcf7c02 i386/rpm-4.4.1-22.i386.rpm
2905f7ab83a8a670139eaef1a7cc8ddb i386/rpm-libs-4.4.1-22.i386.rpm
a7ea6be9916669305028f250e72b1e34 i386/rpm-devel-4.4.1-22.i386.rpm
e3da18a9335d70e8947860edac4f8ce9 i386/rpm-build-4.4.1-22.i386.rpm
8de0b8dc5b9a656fc1f760cdafdd31e4 i386/rpm-python-4.4.1-22.i386.rpm
4080913a0dc8d6e3cd3efeef0ee0e225 i386/popt-1.10.1-22.i386.rpm
97497259fd879f7a4152b4a4974f57fc i386/debug/rpm-debuginfo-4.4.1-22.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 9 months
Fedora Core 4 Update: bind-9.3.1-6.FC4
by Jason Vas Dias
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-564
2005-07-13
---------------------------------------------------------------------
Product : Fedora Core 4
Name : bind
Version : 9.3.1
Release : 6.FC4
Summary : A DNS (Domain Name System) server.
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.
---------------------------------------------------------------------
* Tue May 31 2005 Jason Vas Dias <jvdias(a)redhat.com> - 24:9.3.1-6.FC4
- fix bug 157950: dig / host / nslookup should reject invalid resolv.conf
files and not use uninitialized garbage nameserver values
(ISC bug 14841 raised).
* Mon May 23 2005 Jason Vas Dias <jvdias(a)redhat.com> - 24:9.3.1-4_FC4
- Fix SDB LDAP
* Mon May 16 2005 Jason Vas Dias <jvdias(a)redhat.com> - 24:9.3.1-4
- Fix bug 157601: give named.init a configtest function
- Fix bug 156797: named.init should check SELinux booleans.local before booleans
- Fix bug 154335: if no controls in named.conf, stop named with -TERM sig, not rndc
- Fix bug 155848: add NOTES section to named.8 man-page with info on all Red Hat
BIND quirks and SELinux DDNS / slave zone file configuration
- D-BUS patches NOT applied until dhcdbd is in FC
* Sun May 15 2005 Jason Vas Dias <jvdias(a)redhat.com> - 24:9.3.1-4_dbus
- Enhancement to allow dynamic forwarder table management and
- DHCP forwarder auto-configuration with D-BUS
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
64e39cb8781063bcbb4547013e685e69 SRPMS/bind-9.3.1-6.FC4.src.rpm
acf5b52eecc88f3366294a2a9ae697f1 ppc/bind-9.3.1-6.FC4.ppc.rpm
c22ab43cb19c5d2c4bf5bf4244a05d6f ppc/bind-libs-9.3.1-6.FC4.ppc.rpm
0df291ed28949a17ebf508ff9fae1b17 ppc/bind-utils-9.3.1-6.FC4.ppc.rpm
4ccb38075a65e23b355b7bc55507be13 ppc/bind-devel-9.3.1-6.FC4.ppc.rpm
d2513b46f34b310f7d6ddc7770be174c ppc/bind-libbind-devel-9.3.1-6.FC4.ppc.rpm
59f8dde15067ddaa3c88efc55ea5d7d8 ppc/bind-chroot-9.3.1-6.FC4.ppc.rpm
b4d765d3407b0df3eab893397283239b ppc/bind-sdb-9.3.1-6.FC4.ppc.rpm
7c3a34f0fc3cd0b7171ec8c94ccb25b0 ppc/debug/bind-debuginfo-9.3.1-6.FC4.ppc.rpm
ae223136ee1483ef5468572430775317 ppc/bind-libs-9.3.1-6.FC4.ppc64.rpm
86e3fd8102c24fd4898055e5edc9b995 x86_64/bind-9.3.1-6.FC4.x86_64.rpm
c21e80af0cc01cc0a5f8176226ca258b x86_64/bind-libs-9.3.1-6.FC4.x86_64.rpm
edd83e55c5cabd5b34b2baf10e809187 x86_64/bind-utils-9.3.1-6.FC4.x86_64.rpm
96e42d9bd62ac96e51099d8b5293e6e2 x86_64/bind-devel-9.3.1-6.FC4.x86_64.rpm
3bf82927fde95f8247fde88fcfdefb74 x86_64/bind-libbind-devel-9.3.1-6.FC4.x86_64.rpm
f3c6176ca51239e99e9232cce443e26b x86_64/bind-chroot-9.3.1-6.FC4.x86_64.rpm
50c3360884accf33860d3771ae4ab653 x86_64/bind-sdb-9.3.1-6.FC4.x86_64.rpm
0a04e608d42f95d457959e1a0bdc0915 x86_64/debug/bind-debuginfo-9.3.1-6.FC4.x86_64.rpm
a1f026adf6436f2fcd7f485d521165ad x86_64/bind-libs-9.3.1-6.FC4.i386.rpm
98fe47101b36c615f716237a9146267c i386/bind-9.3.1-6.FC4.i386.rpm
a1f026adf6436f2fcd7f485d521165ad i386/bind-libs-9.3.1-6.FC4.i386.rpm
ecf3c5a4eb232af3c9f96010997b72f0 i386/bind-utils-9.3.1-6.FC4.i386.rpm
b28fc7f88947ec242705a3aa6622a3e1 i386/bind-devel-9.3.1-6.FC4.i386.rpm
d472fbf33d9a3c7e9d6448ac28a1204a i386/bind-libbind-devel-9.3.1-6.FC4.i386.rpm
82e4197365e89cd186d7993b771f2cae i386/bind-chroot-9.3.1-6.FC4.i386.rpm
8d533bd02c0280f4955f69be3bcc20b2 i386/bind-sdb-9.3.1-6.FC4.i386.rpm
f92e3cfd4bb571ef851ad9760952a565 i386/debug/bind-debuginfo-9.3.1-6.FC4.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 9 months
Fedora Core 3 Update: bind-9.2.5-2
by Jason Vas Dias
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-563
2005-07-13
---------------------------------------------------------------------
Product : Fedora Core 3
Name : bind
Version : 9.2.5
Release : 2
Summary : A DNS (Domain Name System) server.
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.
---------------------------------------------------------------------
* Tue Jul 12 2005 Jason Vas Dias <jvdias(a)redhat.com> - 24.9.2.5-2
- fix bug 157950: dig / host / nslookup should reject invalid resolv.conf
files and not use uninitialized garbage nameserver values
(ISC bug 14841 raised).
- fix bug 154335: named.init: don't rely on 'rndc stop' for 'service named stop'
- fix bug 157601: give named.init a configtest function
- fix bug 151852: if chroot-ed, mount proc on $ROOTDIR/proc to allow sysconf(...)
- fix bug 155848: add NOTES section to named.8 man-page with info on all Red Hat
BIND quirks and SELinux DDNS / slave zone file configuration
- fix SDB ldap : upgrade zone2ldap to BIND9 + openldap2.2, add ldap2zone
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
4803c2f63e45d0558225470adcf178de SRPMS/bind-9.2.5-2.src.rpm
cd79b204020cf8a7dc82052a34e44689 x86_64/bind-9.2.5-2.x86_64.rpm
ff04bb385ec24b5e18336482cafc980e x86_64/bind-libs-9.2.5-2.x86_64.rpm
0525c6ef847f179112a8423b42586076 x86_64/bind-utils-9.2.5-2.x86_64.rpm
2f37b631720c56bc064825501de87775 x86_64/bind-devel-9.2.5-2.x86_64.rpm
f9d3653e78341f25cea673a773eba549 x86_64/bind-libbind-devel-9.2.5-2.x86_64.rpm
858a4fdf202172445f1d4316cf3b444c x86_64/bind-chroot-9.2.5-2.x86_64.rpm
eafe6d6016db0da692d81247b72b4bc3 x86_64/bind-sdb-9.2.5-2.x86_64.rpm
7179198784874ebc20560cc7885c2d93 x86_64/debug/bind-debuginfo-9.2.5-2.x86_64.rpm
f5baa2795677c45504e2f162b37f0cd8 x86_64/bind-libs-9.2.5-2.i386.rpm
724c865fef47cd4607eb81c82126fb0d i386/bind-9.2.5-2.i386.rpm
f5baa2795677c45504e2f162b37f0cd8 i386/bind-libs-9.2.5-2.i386.rpm
1db22f17ffbb393de144db4f36495e39 i386/bind-utils-9.2.5-2.i386.rpm
be6cd5798a46adc9c767bf5076549a38 i386/bind-devel-9.2.5-2.i386.rpm
de658389fd27953ae41be3e2386d6cb1 i386/bind-libbind-devel-9.2.5-2.i386.rpm
1780ae22583140b1cd022806d4c129e7 i386/bind-chroot-9.2.5-2.i386.rpm
89dd7c5060363c09cccc7c536499e391 i386/bind-sdb-9.2.5-2.i386.rpm
d6a7082b80e520a76da33da1adee26dc i386/debug/bind-debuginfo-9.2.5-2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 9 months
Fedora Core 4 Update: selinux-policy-targeted-1.25.1-9
by Daniel J Walsh
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-538
2005-07-13
---------------------------------------------------------------------
Product : Fedora Core 4
Name : selinux-policy-targeted
Version : 1.25.1
Release : 9
Summary : SELinux targeted policy configuration
Description :
Security-enhanced Linux is a patch of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.
This package contains the SELinux example policy configuration along
with the Flask configuration information and the application
configuration files.
---------------------------------------------------------------------
Update Information:
Fix saslauthd.
---------------------------------------------------------------------
* Mon Jul 11 2005 Dan Walsh <dwalsh(a)redhat.com> 1.25.1-9
- Bump for FC4
* Fri Jul 8 2005 Dan Walsh <dwalsh(a)redhat.com> 1.25.1-8
- Fix saslauthd policy to allow imapd and shadow.
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
a3129052f71cb4c986d13d3ef6e9fcea SRPMS/selinux-policy-targeted-1.25.1-9.src.rpm
9c63cd3042d82f5d5613faf38d8794da x86_64/selinux-policy-targeted-1.25.1-9.noarch.rpm
3c8cd8962aef846c6c896dc9d88f155d x86_64/selinux-policy-targeted-sources-1.25.1-9.noarch.rpm
9c63cd3042d82f5d5613faf38d8794da i386/selinux-policy-targeted-1.25.1-9.noarch.rpm
3c8cd8962aef846c6c896dc9d88f155d i386/selinux-policy-targeted-sources-1.25.1-9.noarch.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 9 months
[SECURITY] Fedora Core 3 Update: net-snmp-5.2.1.2-FC3.1
by Radek Vokal
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-562
2005-07-13
---------------------------------------------------------------------
Product : Fedora Core 3
Name : net-snmp
Version : 5.2.1.2
Release : FC3.1
Summary : A collection of SNMP protocol tools and libraries.
Description :
SNMP (Simple Network Management Protocol) is a protocol used for
network management. The NET-SNMP project includes various SNMP tools:
an extensible agent, an SNMP library, tools for requesting or setting
information from SNMP agents, tools for generating and handling SNMP
traps, a version of the netstat command which uses SNMP, and a Tk/Perl
mib browser. This package contains the snmpd and snmptrapd daemons,
documentation, etc.
You will probably also want to install the net-snmp-utils package,
which contains NET-SNMP utilities.
Building option:
--without tcp_wrappers : disable tcp_wrappers support
---------------------------------------------------------------------
* Wed Jul 13 2005 Radek Vokal <rvokal(a)redhat.com>
- CAN-2005-2177 new upstream version fixing DoS (#162908)
- CAN-2005-1740 net-snmp insecure temporary file usage (#158770)
- session free fixed, agentx modules build fine (#157851)
- report gigabit Ethernet speeds using Ethtool (#152480)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
4b721f407f7e3f8328b55c221934a1c3 SRPMS/net-snmp-5.2.1.2-FC3.1.src.rpm
b5e93da4d42a9ed378ade7a4dca53303 x86_64/net-snmp-5.2.1.2-FC3.1.x86_64.rpm
5c9b2a222c5b73d8574bfa73fa7a43db x86_64/net-snmp-utils-5.2.1.2-FC3.1.x86_64.rpm
0742d799d460c662ead52bc00cb5c0c4 x86_64/net-snmp-devel-5.2.1.2-FC3.1.x86_64.rpm
9f4058884731fb796989c070cc8daf79 x86_64/net-snmp-perl-5.2.1.2-FC3.1.x86_64.rpm
16e4b9661cd1877a7fe4c407defcfb59 x86_64/net-snmp-libs-5.2.1.2-FC3.1.x86_64.rpm
3172c8d4cd09a5aacaf07fe67838b3e0 x86_64/debug/net-snmp-debuginfo-5.2.1.2-FC3.1.x86_64.rpm
7b9f7d1d829c812906550f4788315d55 x86_64/net-snmp-libs-5.2.1.2-FC3.1.i386.rpm
592d67733a8b4dcaa2cae2aff855674d i386/net-snmp-5.2.1.2-FC3.1.i386.rpm
437282b8f6bf797286b55ab96021b27e i386/net-snmp-utils-5.2.1.2-FC3.1.i386.rpm
ad465047964e37127328c5c260562d8a i386/net-snmp-devel-5.2.1.2-FC3.1.i386.rpm
8da7b9da314591bcc6ebf0f139cb79c1 i386/net-snmp-perl-5.2.1.2-FC3.1.i386.rpm
7b9f7d1d829c812906550f4788315d55 i386/net-snmp-libs-5.2.1.2-FC3.1.i386.rpm
bdf494c06278cdb8bd7a029694403ff5 i386/debug/net-snmp-debuginfo-5.2.1.2-FC3.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 9 months
[SECURITY] Fedora Core 4 Update: net-snmp-5.2.1.2-fc4.1
by Radek Vokal
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-561
2005-07-13
---------------------------------------------------------------------
Product : Fedora Core 4
Name : net-snmp
Version : 5.2.1.2
Release : fc4.1
Summary : A collection of SNMP protocol tools and libraries.
Description :
SNMP (Simple Network Management Protocol) is a protocol used for
network management. The NET-SNMP project includes various SNMP tools:
an extensible agent, an SNMP library, tools for requesting or setting
information from SNMP agents, tools for generating and handling SNMP
traps, a version of the netstat command which uses SNMP, and a Tk/Perl
mib browser. This package contains the snmpd and snmptrapd daemons,
documentation, etc.
You will probably also want to install the net-snmp-utils package,
which contains NET-SNMP utilities.
Building option:
--without tcp_wrappers : disable tcp_wrappers support
---------------------------------------------------------------------
Update Information:
A security vulnerability has been found in Net-SNMP releases that
could allow a denial of service attack against Net-SNMP agent"s which
have opened a stream based protocol (EG, TCP but not UDP; it should be
noted that Net-SNMP does not by default open a TCP port).
http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=1...
---------------------------------------------------------------------
* Wed Jul 13 2005 Radek Vokal <rvokal(a)redhat.com> - 5.2.1.2-fc4.1
- CAN-2005-2177 new upstream version fixing DoS (#162908)
* Tue May 31 2005 Radek Vokal <rvokal(a)redhat.com> - 5.2.1-13
- CAN-2005-1740 net-snmp insecure temporary file usage (#158770)
- patch from suse.de
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
b79090650c617e039939241bdc7b3946 SRPMS/net-snmp-5.2.1.2-fc4.1.src.rpm
80b5a855b95900fb5973e6073d25d851 ppc/net-snmp-5.2.1.2-fc4.1.ppc.rpm
478843b0b1c7bc5f04a053bcdb6ddcd8 ppc/net-snmp-utils-5.2.1.2-fc4.1.ppc.rpm
270fc3fecbfbd31718c756f2d0bf2d36 ppc/net-snmp-devel-5.2.1.2-fc4.1.ppc.rpm
33c28040e1ca630bc6f8bfe84ad4af38 ppc/net-snmp-perl-5.2.1.2-fc4.1.ppc.rpm
242d3108af124c3b9d457e8da9ba766d ppc/net-snmp-libs-5.2.1.2-fc4.1.ppc.rpm
ad273e2a6a6acd3169f4d193b06c3688 ppc/debug/net-snmp-debuginfo-5.2.1.2-fc4.1.ppc.rpm
acb18e87eb710d133a3622954867254a ppc/net-snmp-libs-5.2.1.2-fc4.1.ppc64.rpm
7de313a1ac5f52382aee5c165653618e x86_64/net-snmp-5.2.1.2-fc4.1.x86_64.rpm
092b4dfe9ec5b1c19a40a7db2a82dc63 x86_64/net-snmp-utils-5.2.1.2-fc4.1.x86_64.rpm
627b1a3adc9d2c1236085aae4bf2cec5 x86_64/net-snmp-devel-5.2.1.2-fc4.1.x86_64.rpm
7819a593d4b083010ca3ed4939956d68 x86_64/net-snmp-perl-5.2.1.2-fc4.1.x86_64.rpm
cca2e6c99cc7a0a6c6de8a08ab095f94 x86_64/net-snmp-libs-5.2.1.2-fc4.1.x86_64.rpm
148c341e81c53c5098d79c4bcc3f931c x86_64/debug/net-snmp-debuginfo-5.2.1.2-fc4.1.x86_64.rpm
2ffdbca98fbfff39b894eab6d6f9faaa x86_64/net-snmp-libs-5.2.1.2-fc4.1.i386.rpm
e7e5ee415a6239d3a5c7e9d1174a07ab i386/net-snmp-5.2.1.2-fc4.1.i386.rpm
ea9380fb6c23881a2aa861974a32d041 i386/net-snmp-utils-5.2.1.2-fc4.1.i386.rpm
874b9d3fd002d524d3e45a67f88f163e i386/net-snmp-devel-5.2.1.2-fc4.1.i386.rpm
c6c304989cb5c4ba74736e2eba48848d i386/net-snmp-perl-5.2.1.2-fc4.1.i386.rpm
2ffdbca98fbfff39b894eab6d6f9faaa i386/net-snmp-libs-5.2.1.2-fc4.1.i386.rpm
eab2776c49ae418dabab1d85cd95a698 i386/debug/net-snmp-debuginfo-5.2.1.2-fc4.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 9 months
[SECURITY] Fedora Core 4 Update: krb5-1.4.1-5
by Nalin Dahyabhai
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-553
2005-07-12
---------------------------------------------------------------------
Product : Fedora Core 4
Name : krb5
Version : 1.4.1
Release : 5
Summary : The Kerberos network authentication system.
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.
---------------------------------------------------------------------
Update Information:
A double-free flaw was found in the krb5_recvauth() routine which may be triggered by a remote unauthenticated attacker. Fedora Core 4 contains checks within glibc that detect double-free flaws. Therefore, on Fedora Core 4, successful exploitation of this issue can only lead to a denial of service (KDC crash). The Common Vulnerabilities and Exposures project assigned the name CAN-2005-1689 to this issue.
Daniel Wachdorf discovered a single byte heap overflow in the krb5_unparse_name() function, part of krb5-libs. Successful exploitation of this flaw would lead to a denial of service (crash). To trigger this flaw remotely, an attacker would need to have control of a kerberos realm that shares a cross-realm key with the target, making exploitation of this flaw unlikely. (CAN-2005-1175).
Daniel Wachdorf also discovered that in error conditions that may occur in response to correctly-formatted client requests, the Kerberos 5 KDC may attempt to free uninitialized memory. This could allow a remote attacker to cause a denial of service (KDC crash) (CAN-2005-1174).
Gaël Delalleau discovered an information disclosure issue in the way some telnet clients handle messages from a server. An attacker could construct a malicious telnet server that collects information from the environment of any victim who connects to it using the Kerberos-aware telnet client (CAN-2005-0488).
The rcp protocol allows a server to instruct a client to write to arbitrary files outside of the current directory. This could potentially cause a security issue if a user uses the Kerberos-aware rcp to copy files from a malicious server (CAN-2004-0175).
---------------------------------------------------------------------
* Wed Jun 29 2005 Nalin Dahyabhai <nalin(a)redhat.com> 1.4.1-5
- fix telnet client environment variable disclosure the same way NetKit's
telnet client did (CAN-2005-0488) (#159305)
- keep apps which call krb5_principal_compare() or krb5_realm_compare() with
malformed or NULL principal structures from crashing outright (Thomas Biege)
(#161475)
* Tue Jun 28 2005 Nalin Dahyabhai <nalin(a)redhat.com>
- apply fixes from draft of MIT-KRB5-SA-2005-002 (CAN-2005-1174,CAN-2005-1175)
(#157104)
- apply fixes from draft of MIT-KRB5-SA-2005-003 (CAN-2005-1689) (#159755)
* Fri Jun 24 2005 Nalin Dahyabhai <nalin(a)redhat.com> 1.4.1-4
- fix double-close in keytab handling
- add port of fixes for CAN-2004-0175 to krb5-aware rcp (#151612)
* Fri May 13 2005 Nalin Dahyabhai <nalin(a)redhat.com> 1.4.1-3
- prevent spurious EBADF in krshd when stdin is closed by the client while
the command is running (#151111)
* Fri May 13 2005 Martin Stransky <stransky(a)redhat.com> 1.4.1-2
- add deadlock patch, removed old patch
* Fri May 6 2005 Nalin Dahyabhai <nalin(a)redhat.com> 1.4.1-1
- update to 1.4.1, incorporating fixes for CAN-2005-0468 and CAN-2005-0469
- when starting the KDC or kadmind, if KRB5REALM is set via the /etc/sysconfig
file for the service, pass it as an argument for the -r flag
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
e04410b41cb3e1ca5c5de361932d4f43 SRPMS/krb5-1.4.1-5.src.rpm
84ec58abea3e00d6ce09d9fa17bdec44 ppc/krb5-devel-1.4.1-5.ppc.rpm
3b036b4aebe92579c7b0553c6a943c9c ppc/krb5-libs-1.4.1-5.ppc.rpm
4ef4aae46285b2cc7ec2123175dc65d3 ppc/krb5-server-1.4.1-5.ppc.rpm
236c23aa99713ffbcd375be4418a629c ppc/krb5-workstation-1.4.1-5.ppc.rpm
72a70fe522d9945d62acff3b6d62e9c4 ppc/debug/krb5-debuginfo-1.4.1-5.ppc.rpm
819d79e1b3fbd06de75cae397f00c80e ppc/krb5-libs-1.4.1-5.ppc64.rpm
41a16309bae5f43caf50a9c34493c2a9 x86_64/krb5-devel-1.4.1-5.x86_64.rpm
5a733f5e5d35045e4efd44106d36fb5f x86_64/krb5-libs-1.4.1-5.x86_64.rpm
5da17e3e77e3a73ddbb9d68516cf084e x86_64/krb5-server-1.4.1-5.x86_64.rpm
53738638e418c3aba25c0a344e67d0d2 x86_64/krb5-workstation-1.4.1-5.x86_64.rpm
4f7310c5758bd32432db538f5008577d x86_64/debug/krb5-debuginfo-1.4.1-5.x86_64.rpm
e35d87893a9b3b22eb15246a4cc88046 x86_64/krb5-libs-1.4.1-5.i386.rpm
2a5f503e74207349f137d1aaf039879c i386/krb5-devel-1.4.1-5.i386.rpm
e35d87893a9b3b22eb15246a4cc88046 i386/krb5-libs-1.4.1-5.i386.rpm
c6578a1a24fbaf3da0b7724445fdb675 i386/krb5-server-1.4.1-5.i386.rpm
0317f834d5795dbaf9f531ef747d181b i386/krb5-workstation-1.4.1-5.i386.rpm
ec1e81cad1d4365febcff9df32be2375 i386/debug/krb5-debuginfo-1.4.1-5.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 9 months
[SECURITY] Fedora Core 3 Update: krb5-1.3.6-7
by Nalin Dahyabhai
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-552
2005-07-12
---------------------------------------------------------------------
Product : Fedora Core 3
Name : krb5
Version : 1.3.6
Release : 7
Summary : The Kerberos network authentication system.
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.
---------------------------------------------------------------------
Update Information:
A double-free flaw was found in the krb5_recvauth() routine which may be triggered by a remote unauthenticated attacker. Fedora Core 3 contains checks within glibc that detect double-free flaws. Therefore, on Fedora Core 3, successful exploitation of this issue can only lead to a denial of service (KDC crash). The Common Vulnerabilities and Exposures project assigned the name CAN-2005-1689 to this issue.
Daniel Wachdorf discovered a single byte heap overflow in the krb5_unparse_name() function, part of krb5-libs. Successful exploitation of this flaw would lead to a denial of service (crash). To trigger this flaw remotely, an attacker would need to have control of a kerberos realm that shares a cross-realm key with the target, making exploitation of this flaw unlikely. (CAN-2005-1175).
Daniel Wachdorf also discovered that in error conditions that may occur in response to correctly-formatted client requests, the Kerberos 5 KDC may attempt to free uninitialized memory. This could allow a remote attacker to cause a denial of service (KDC crash) (CAN-2005-1174).
Gaël Delalleau discovered an information disclosure issue in the way some telnet clients handle messages from a server. An attacker could construct a malicious telnet server that collects information from the environment of any victim who connects to it using the Kerberos-aware telnet client (CAN-2005-0488).
The rcp protocol allows a server to instruct a client to write to arbitrary files outside of the current directory. This could potentially cause a security issue if a user uses the Kerberos-aware rcp to copy files from a malicious server (CAN-2004-0175).
---------------------------------------------------------------------
* Wed Jun 29 2005 Nalin Dahyabhai <nalin(a)redhat.com> 1.3.6-7
- fix telnet client environment variable disclosure the same way NetKit's
telnet client did (CAN-2005-0488) (#159305)
- keep apps which call krb5_principal_compare() or krb5_realm_compare() with
malformed or NULL principal structures from crashing outright (Thomas Biege)
(#161475)
* Tue Jun 28 2005 Nalin Dahyabhai <nalin(a)redhat.com>
- apply fixes from draft of MIT-KRB5-SA-2005-002 (CAN-2005-1174,CAN-2005-1175)
(#157104)
- apply fixes from draft of MIT-KRB5-SA-2005-003 (CAN-2005-1689) (#159755)
* Fri Jun 24 2005 Nalin Dahyabhai <nalin(a)redhat.com> 1.3.6-6
- fix double-close in keytab handling
- add port of fixes for CAN-2004-0175 to krb5-aware rcp (#151612)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
bbda806f94b4d1833d9fd884844f43da SRPMS/krb5-1.3.6-7.src.rpm
1d9290dc2b92c62cebdd46ff27ed26f4 x86_64/krb5-devel-1.3.6-7.x86_64.rpm
1ee1d026aabc242677f91dccdf94558b x86_64/krb5-libs-1.3.6-7.x86_64.rpm
a31aad264eeecd22a73e5dc1ddc9ed77 x86_64/krb5-server-1.3.6-7.x86_64.rpm
87f60cb9bf65e7aeaa766ae33ff6a83c x86_64/krb5-workstation-1.3.6-7.x86_64.rpm
1a8bc195545e1bd5d9de79efae04fb38 x86_64/debug/krb5-debuginfo-1.3.6-7.x86_64.rpm
efa02df806c2730d4aadf47ea9502dfc x86_64/krb5-libs-1.3.6-7.i386.rpm
6c8f97b7bd66f752f60ee3e974613424 i386/krb5-devel-1.3.6-7.i386.rpm
efa02df806c2730d4aadf47ea9502dfc i386/krb5-libs-1.3.6-7.i386.rpm
681ebd995cce6cf33adcafc6c8d2f1f7 i386/krb5-server-1.3.6-7.i386.rpm
2f999eff92ca4885ba38dfc6b00286c9 i386/krb5-workstation-1.3.6-7.i386.rpm
a32f85ca5a135626840d0034f407b39d i386/debug/krb5-debuginfo-1.3.6-7.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 9 months
Fedora Core 4 Update: vixie-cron-4.1-36.FC4
by Jason Vas Dias
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-551
2005-07-12
---------------------------------------------------------------------
Product : Fedora Core 4
Name : vixie-cron
Version : 4.1
Release : 36.FC4
Summary : The Vixie cron daemon for executing specified programs at set times.
Description :
The vixie-cron package contains the Vixie version of cron. Cron is a
standard UNIX daemon that runs specified programs at scheduled times.
Vixie cron adds better security and more powerful configuration
options to the standard version of cron.
---------------------------------------------------------------------
Update Information:
- fix bug 162887: allow multiple /etc/cron.d crontabs for *system* user
- further fix for bug 154920 / CAN-2005-1038 ( crontab -e ):
invoke editor and copy operation as non-root user
---------------------------------------------------------------------
* Mon Jul 11 2005 Jason Vas Dias <jvdias(a)redhat.com> - 4.1-36.FC4
- fix bug 162887: allow multiple /etc/cron.d crontabs for *system* user
- further fix for bug 154920 / CAN-2005-1038 ( crontab -e ):
invoke editor and copy operation as non-root user
* Fri Jun 17 2005 Jason Vas Dias <jvdias(a)redhat.com> - 4.1-FC4.34
- fix bug 160811: FC3 version compared >= FC4 version
- fix bug 159216: add pam_loginuid support for new audit system
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
ad172e334ca71e6652e9d202dbc3593a SRPMS/vixie-cron-4.1-36.FC4.src.rpm
cf81e9e4304d0d0e2b1c17067c9e5ac2 ppc/vixie-cron-4.1-36.FC4.ppc.rpm
89f88c5d0446ea1f175a22c538591f2e ppc/debug/vixie-cron-debuginfo-4.1-36.FC4.ppc.rpm
12bb9d2d160704155aba8b6df075083e x86_64/vixie-cron-4.1-36.FC4.x86_64.rpm
2524c47f6696b16558748b26a1ba25f5 x86_64/debug/vixie-cron-debuginfo-4.1-36.FC4.x86_64.rpm
c6198a1727d17635adbed340e57ea6a4 i386/vixie-cron-4.1-36.FC4.i386.rpm
4e1fe756aa865c2ae06f945fc7874095 i386/debug/vixie-cron-debuginfo-4.1-36.FC4.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
18 years, 9 months