LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Distributions page

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Trustix Secure Linux TSL-2005-0046

[Posted September 14, 2005 by ris]

From:  Trustix Security Advisor <tsl-AT-trustix.org>
To:  tsl-announce-AT-lists.trustix.org
Subject:  TSL-2005-0046 - multi
Date:  Fri, 9 Sep 2005 12:33:28 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Bugfix Advisory #2005-0046

Package names:	   am-utils, apache-ant, devlabel, distcache, diffstat,
                   dvd+rw-tools, enscript, initscripts, kernel, mrtg,
                   net-tools, rpm  
Summary:           Various bug fixes
Date:              2005-09-09
Affected versions: Trustix Secure Linux 2.2
                   Trustix Secure Linux 3.0

- --------------------------------------------------------------------------
Package description:
  am-utils
  Am-utils includes an updated version of Amd, the popular BSD automounter.
  An automounter is a program which maintains a cache of mounted filesystems.
  Filesystems are mounted when they are first referenced by the user and
  unmounted after a certain period of inactivity. Amd supports a variety of
  filesystems, including NFS, UFS, CD-ROMS and local drives.

  apache-ant
  Ant is a Java based build tool. In theory it is kind of like "make"
  without makes wrinkles and with the full portability of pure java code.
  Ant is different. Instead of a model where it is extended with shell-based
  commands, Ant is extended using Java classes. Instead of writing shell
  commands, the configuration files are XML-based, calling out a target tree
  where various tasks get executed. Each task is run by an object that
  implements a particular Task interface.

  devlabel
  Devlabel is a program which dynamically creates symbolic links to
  disk/partition names. It uses the disk's and/or partition's unique
  identifiers to keep the symlink pointed to the correct location even if
  the underlying partition's name has changed.
  
  distcache
  The distcache package provides a variety of functionality for enabling
  a network-based session caching system, primarily for (though not
  restricted to) SSL/TLS session caching.

  diffstat
  The diff command compares files line by line.  Diffstat reads the
  output of the diff command and displays a histogram of the insertions,
  deletions and modifications in each file.  Diffstat is commonly used
  to provide a summary of the changes in large, complex patch files.
  
  dvd+rw-tools
  DVD burning software

  enscript
  GNU enscript is a free replacement for Adobe's Enscript program. Enscript
  converts ASCII files to PostScript(TM) and spools generated PostScript
  output to the specified printer or saves it to a file. Enscript can be
  extended to handle different output media and includes many options for
  customizing printouts.

  initscripts
  The initscripts package contains the basic system scripts used to boot
  your Trustix Secure Linux system, change runlevels, and shut the system
  down cleanly.  Initscripts also contains the scripts that activate and
  deactivate most network interfaces.

  kernel
  The kernel package contains the Linux kernel (vmlinuz), the core of your
  Trustix Secure Linux operating system.  The kernel handles the basic
  functions of the operating system:  memory allocation, process allocation,
  device input and output, etc.
  
  mrtg
  The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic 
  load on network links. MRTG generates HTML pages containing PNG images 
  which provide a LIVE visual representation of this traffic.

  net-tools
  The net-tools package contains the basic tools needed for setting up
  networking:  ethers, route and others.
  
  rpm
  The RPM Package Manager is a powerful command line driven package
  management system capable of installing, uninstalling, verifying,
  querying, and updating software packages. Each software package consists
  of an archive of files along with information about the package like its
  version, a description, etc.

  setup
  The setup package contains a set of important system configuration and
  setup files, such as passwd, group, and profile.

Problem description:
  am-utils < TSL 3.0 >
  - Initial Entry into TSL 3.0

  apache-ant < TSL 3.0 >
  - use the src instead of binary
  - create a ant home directory with /etc and /lib
  - link ant/lib to /java to use a single copy of jar files
  - inform user to set the java home and ant home
  
  devlabel < TSL 3.0 >
  - Initial Entry into TSL 3.0

  diffstat < TSL 3.0 >
  - Initial Entry into TSL 3.0

  distcache < TSL 3.0 >
  - Initial Entry into TSL 3.0

  dvd+rw-tools < TSL 3.0 >
  - Initial Entry into TSL 3.0

  enscript < TSL 3.0 >
  - Initial Entry into TSL 3.0

  initscripts < TSL 2.2 >
  - initscripts-7.14-not-activate-serial.patch

  kernel < TSL 3.0 >
  - Added 3w-9xxx-linux-src-2.6-9.2.1.1.tgz
  - New upstream with the following fixes (from the announcement):
    Bhavesh P. Davda:
      NPTL signal delivery deadlock fix

    Chris Wright:
      Linux 2.6.12.6

    Herbert Xu:
      Restrict socket policy loading to CAP_NET_ADMIN - CAN-2005-2555

    Jan Blunck:
      sg.c: fix a memory leak in devices seq_file implementation (2nd)

    lepton:
      fix gl_skb/skb type error in genelink driver in usbnet

    Linus Torvalds:
      Revert unnecessary zlib_inflate/inftrees.c fix

    Patrick McHardy:
      Fix DST leak in icmp_push_reply()
      Fix SKB leak in ip6_input_finish()

  mrtg < TSL 3.0 > < TSL 2.2 >
  - Now also specify TZ in /etc/sysconfig/mrtg.  Bug #1212.
  - Now skip counting of "grep" itself.
 
  net-tools < TSL 3.0 >
  - Added net-tools-1.60-miiioctl.patch.  Bug #1258.

  rpm < TSL 3.0 >
  - /etc/logrotate.d/rpm should be mod 644.  Bug #1259.

  setup < TSL 2.2 >
  - Added user distcache
 
Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All Trustix Secure Linux updates are available from
  <URI:http://http.trustix.org/pub/trustix/updates/>>
  <URI:ftp://ftp.trustix.org/pub/trustix/updates/>>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus
  on security and stability, the system is painlessly kept safe and up to
  date from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.


Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.org/support/>>


Verification:
  This advisory along with all Trustix packages are signed with the
  TSL sign key.
  This key is available from:
  <URI:http://www.trustix.org/TSL-SIGN-KEY>>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.org/errata/trustix-2.2/>> and
  <URI:http://www.trustix.org/errata/trustix-3.0/>>
  or directly at
  <URI:http://www.trustix.org/errata/2005/0046/>>


MD5sums of the packages:
- --------------------------------------------------------------------------
f5b6a307a79385c9f2fac01acddb82e7  3.0/rpms/am-utils-6.1.1-1tr.i586.rpm
04a7d2cd84e495740771aa34ed7db9ef  3.0/rpms/devlabel-0.48.01-1tr.i586.rpm
481f9934c0e81838d202a807a53e3303  3.0/rpms/diffstat-1.41-1tr.i586.rpm
7ab839b4ce8cc1efa93c2097b955ea9d  3.0/rpms/distcache-1.4.5-1tr.i586.rpm
cd98a2f0e3b716db4c633091b16be49e  3.0/rpms/distcache-devel-1.4.5-1tr.i586.rpm
e7d2f90ae82f231a84405364543d352c
3.0/rpms/dvd+rw-tools-5.21.4.10.8-1tr.i586.rpma904869eae26f9f41aaabc7697f00579
3.0/rpms/enscript-1.6.1-1tr.i586.rpm
ed6892bdddd7956738d06fdbef403b81  3.0/rpms/kernel-2.6.12.6-2tr.i586.rpm
0dc3509120117e953254f7201ccfa2c9  3.0/rpms/kernel-doc-2.6.12.6-2tr.i586.rpm
45988ab034443c55df632f38eb8cec8c  3.0/rpms/kernel-headers-2.6.12.6-2tr.i586.rpm
a16660119eeb47174d84b0bacc6494ab  3.0/rpms/kernel-smp-2.6.12.6-2tr.i586.rpm
18717d154cdab2ac4b77dbb31e87791c  3.0/rpms/kernel-smp-headers-2.6.12.6-2tr.i586.rpm
ea7600c7b6eeb875d4fd0ca7dea800ba  3.0/rpms/kernel-source-2.6.12.6-2tr.i586.rpm
3b8ab9f431fd7087be44a0b038424217  3.0/rpms/kernel-utils-2.6.12.6-2tr.i586.rpm
b16d6d41f51ef0dbf40ce99b6fde35f0  3.0/rpms/mrtg-2.12.2-7tr.i586.rpm
18e737cdad9be2c82e6f7eaf48d18564  3.0/rpms/net-tools-1.60-12tr.i586.rpm
b765f7824eda7054215eba00ea009807  3.0/rpms/popt-1.8.2-16tr.i586.rpm
29477d276a6c047f563d100f6b08df13  3.0/rpms/rpm-4.3.2-16tr.i586.rpm
29c70f12e8f9ce369b17230eba7819cb  3.0/rpms/rpm-build-4.3.2-16tr.i586.rpm
90a363d8331f80e41f3d4ec3f4dc4a9d  3.0/rpms/rpm-devel-4.3.2-16tr.i586.rpm
aeb8cddd7fed343ab721406d0faaf5a1  3.0/rpms/rpm-python-4.3.2-16tr.i586.rpm
6094d125fe56265a3dce0c14ffab2cc7  3.0/rpms/setup-2.2.9-16tr.i586.rpm

b83afabd4ac1c712a9392b918d600f1b  2.2/rpms/initscripts-7.14-21tr.i586.rpm
979e497a917090902da7ff7895f877fe  2.2/rpms/initscripts-inittab-7.14-21tr.i586.rpm
5c4491e1a67d572ad072795ce1be93a6  2.2/rpms/mrtg-2.12.2-7tr.i586.rpm
98aa8e1d4b7737e992dd374a6e9fb9b1  2.2/rpms/setup-2.2.9-7tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDIWQfi8CEzsK9IksRAgMlAJ4jMWZUChPFAuOLDBsFkYakjTxCOwCgkg3r
T6dh2hUCtMcwuPsifcgchlE=
=Ld6A
-----END PGP SIGNATURE-----
_______________________________________________
tsl-announce mailing list
tsl-announce@lists.trustix.org
http://lists.trustix.org/mailman/listinfo/tsl-announce
(Log in to post comments)

Copyright © 2005, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds