Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||||
TSL-2003-0031 - multiple packages
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Bugfix Advisory #2003-0031
Package name: anaconda, ftpd-BSD, iputils, nss_ldap, ntp, openssh,
pam_ldap, perl, perl-dbi, postfix, reiserfsprogs,
swup, swupcron, sysklogd
Summary: More .0 cleanups
Date: 2003-08-15
Affected versions: TSL 2.0
- --------------------------------------------------------------------------
Package description:
anaconda-7.2-76tr:
The anaconda package contains portions of the Trustix Secure Linux
installation program which can then be run by the user for
reconfiguration and advanced installation options.
Based on Red Hat anaconda 7.2 and 7.3
ftpd-BSD-0.3.3-9tr:
This is a Linux port of the BSD ftp server (ftpd). It doesn't have
all the bells and whistles of wu-ftpd, but it is also probably less
buggy and more secure.
iputils-0.0.20020927-8tr:
The iputils package contains ping, a basic networking tool. The ping
command sends a series of ICMP protocol ECHO_REQUEST packets to a
specified network host and can tell you if that machine is alive and
receiving network traffic.
nss_ldap-207-4tr:
This package includes a LDAP access client: nss_ldap.
Nss_ldap is a set of C library extensions which allows X.500 and LDAP
directory servers to be used as a primary source of aliases, ethers,
groups, hosts, networks, protocol, users, RPCs, services and shadow
passwords (instead of or in addition to using flat files or NIS).
ntp-4.1.72-7tr:
The Network Time Protocol (NTP) is used to synchronize a computer's
time with another reference time source. The ntp package contains
utilities and daemons that will synchronize your computer's time to
Coordinated Universal Time (UTC) via the NTP protocol and NTP servers.
The ntp package includes ntpdate (a program for retrieving the date
and time from remote machines via a network) and ntpd (a daemon which
continuously adjusts system time).
openssh-3.6.1p2-1tr:
Ssh (Secure Shell) a program for logging into a remote machine and for
executing commands in a remote machine. It is intended to replace
rlogin and rsh, and provide secure encrypted communications between
two untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.
OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
up to date in terms of security and features, as well as removing all
patented algorithms to seperate libraries (OpenSSL).
pam_ldap-164-3tr:
This package includes a LDAP access clients: pam_ldap.
Pam_ldap is a module for Linux-PAM that supports password changes, V2/V3
clients, Netscapes SSL/OpenSSL, ypldapd, Netscape Directory Server password
policies, access authorization, crypted hashes, etc.
perl-5.8.0-12tr:
Perl is a high-level programming language with roots in C, sed, awk
and shell scripting. Perl is good at handling processes and files,
and is especially good at handling text. Perl's hallmarks are
practicality and efficiency. While it is used to do a lot of
different things, Perl's most common applications (and what it excels
at) are probably system administration utilities and web programming.
A large proportion of the CGI scripts on the web are written in Perl.
You need the perl package installed on your system so that your
system can handle Perl scripts.
perl-dbi-1.37-1tr:
The Perl Database Interface (DBI) is a database access Application
Programming Interface (API) for the Perl Language. The Perl DBI API
specification defines a set of functions, variables and conventions that
provide a consistent database interface independent of the actual
database being used.
postfix-2.0.13-2tr:
Postfix is an alternative to the sendmail mailer daemon. Postfix attempts
to be fast, easy to administer, and secure, while at the same time being
sendmail compatible enough to not upset existing users.
reiserfsprogs-3.x.1b-7tr:
The reiserfsprogs package contains programs for creating (mkreiserfs),
checking and correcting any inconsistencies (reiserfsck) and resizing
(resize_reiserfs) of a reiserfs filesystem.
swup-2.0.2-1tr:
SWUP - SoftWare UPdater is an extension for existing software packaging
systems to facilitate automatic and secure update and install. SWUP
handles dependencies between software packages, and is able to fetch
additional required software when installing or upgrading.
swupcron-2.0.0-1tr:
This is the cron file for swup. Install this if you want swup to be run
automatically.
sysklogd-1.4.1-28tr:
The sysklogd package contains two system utilities (syslogd and klogd)
which provide support for system logging. Syslogd and klogd run as
daemons (background processes) and log system messages to different
places, like sendmail logs, security logs, error logs, etc.
Problem description:
The following packages had minor error still left from release.
anaconda:
- there was no attribute gatewayDevice defined, but used (patch58)
- bootloader argument lba32 in kickstart.py wrong defined (patch59)
ftpd-BSD:
- Renamed pam file to what is actually used.
iputils:
- Fixed typo in tftp description.
nss_ldap:
- Added --enable-rfc2307bis and --enable-schema-mapping to configure.
ntp:
- Removed thumbs databases.
openssh:
- New minor upstream.
pam_ldap:
- Changed description to something sane.
perl:
- fixed CGI.pm XSS bug (patch4)
- added patch for install suid root perl /wo beeing root (patch3)
perl-dbi:
- new upstream: 1.37
- the fixed perl 5.8.0-11tr allows for the default install macro
- fixed group
- some spec file fixes
postfix:
- Try to fix the SASL problems. Take II.
reiserfsprogs:
- Fixed typo in summary.
swup:
- New upstream version fixes bug related to the sitelist.
swupcron:
- Corrected path to swup.
sysklogd:
- cron.* is no longer duplicated to messages.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by these
packages, you may want to remove them from your system.
Location:
All TSL updates are available from
<URI:http://www.trustix.net/pub/Trustix/updates/>
<URI:ftp://ftp.trustix.net/pub/Trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Users of TSL 1.2 can get SWUP from:
<URI:ftp://ftp.trustix.net/pub/Trustix/software/swup/>
(In later versions of TSL, SWUP is included in the default installation.)
Public testing:
These packages have been available for public testing for some time.
If you want to contribute by testing the various packages in the
testing tree, please feel free to share your findings on the
tsl-discuss mailinglist.
The testing tree is located at
<URI:http://www.trustix.net/pub/Trustix/testing/>
<URI:ftp://ftp.trustix.net/pub/Trustix/testing/>
Questions?
Check out our mailing lists:
<URI:http://www.trustix.net/support/>
Verification:
This advisory along with all TSL packages are signed with the TSL sign key.
This key is available from:
<URI:http://www.trustix.net/TSL-GPG-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.net/errata/trustix-2.0/>
or directly at
<URI:http://www.trustix.net/errata/misc/2003/TSL-2003-0031-multi.asc.txt>
MD5sums of the packages:
- --------------------------------------------------------------------------
cb0d1ef09b950fa6f1688d1fbfc76832 2.0/RPMS/anaconda-7.2-76tr.i586.rpm
63a626c57553710c7f5ab478d703e3ee 2.0/RPMS/anaconda-runtime-7.2-76tr.i586.rpm
c97741b71ff911b188d9ad88e42f5336 2.0/RPMS/ftpd-BSD-0.3.3-9tr.i586.rpm
54e1780c108866ec3728a3aafdbbfb9f 2.0/RPMS/iputils-0.0.20020927-8tr.i586.rpm
22ce3b4b5f915aecece67b6b3dcca197 2.0/RPMS/iputils-tftpd-0.0.20020927-8tr.i586.rpm
64d353b752641cd56cd455e8f0a01ade 2.0/RPMS/ldapclients-common-164-3tr.i586.rpm
9b72df27959fc14c146ef30f87ce973b 2.0/RPMS/nss_ldap-207-4tr.i586.rpm
5289546997efd751d2f53efae167f6e4 2.0/RPMS/ntp-4.1.72-7tr.i586.rpm
31a04f35cd61fa90ea23fcdc328f1483 2.0/RPMS/openssh-3.6.1p2-1tr.i586.rpm
9bb3d2800207a8528a1db63550a2174c 2.0/RPMS/openssh-clients-3.6.1p2-1tr.i586.rpm
66ddff2eeea39510ead9f786438d51a3 2.0/RPMS/openssh-server-3.6.1p2-1tr.i586.rpm
a512b42cf708d305a971761f9299ae6f 2.0/RPMS/openssh-server-config-3.6.1p2-1tr.i586.rpm
bdf5d54d7e0a3e8f3b0b31b71c6f2f74 2.0/RPMS/pam_ldap-164-3tr.i586.rpm
6c6e9b36efc444d1fee1e6b1276e4aa5 2.0/RPMS/perl-5.8.0-12tr.i586.rpm
f6b402e1125285c6cbc1ba97d35ef737 2.0/RPMS/perl-dbi-1.37-1tr.i586.rpm
ca8707b117c75823eced6367cabfab27 2.0/RPMS/perl-devel-5.8.0-12tr.i586.rpm
e40da7720b308cb8729da4c77fd21e38 2.0/RPMS/perl-doc-5.8.0-12tr.i586.rpm
20887ec5260322d58e89ddd4338bfdac 2.0/RPMS/postfix-2.0.13-2tr.i586.rpm
4cd1fbbf9fee3d190652b6290da1c6b9 2.0/RPMS/postfix-ldap-2.0.13-2tr.i586.rpm
a339f9b5b9c8cdcdb0375713490c7432 2.0/RPMS/postfix-mysql-2.0.13-2tr.i586.rpm
8a5f860dfbfec7fda6fece3c4fbe2157 2.0/RPMS/postfix-pcre-2.0.13-2tr.i586.rpm
33d8f8b8e58a458d24ece375aace2f13 2.0/RPMS/postfix-pgsql-2.0.13-2tr.i586.rpm
f3a7f3c377c7ba7223944525cd9fd43b 2.0/RPMS/postfix-rmail-2.0.13-2tr.i586.rpm
93f11d0b6e5afcc139d3e27a66a0410f 2.0/RPMS/python-2.2.3-5tr.i586.rpm
be6e51535d67cd361019953053ed1492 2.0/RPMS/python-dbm-2.2.3-5tr.i586.rpm
2564c86eb46bf4a01c1bbde29d46af34 2.0/RPMS/python-devel-2.2.3-5tr.i586.rpm
a0c551255772c59d86be86cbc9c5e1a2 2.0/RPMS/python-docs-2.2.3-5tr.i586.rpm
f73ff94418653bf38bde247387f55b1e 2.0/RPMS/python-gdbm-2.2.3-5tr.i586.rpm
0fbeacad1b2721d73ff2151c855a0d5a 2.0/RPMS/python-modules-2.2.3-5tr.i586.rpm
95da98498b497d9693e6a49e556e627c 2.0/RPMS/reiserfsprogs-3.x.1b-7tr.i586.rpm
6b791889995ad41fe42ae31b2cb335d7 2.0/RPMS/swup-2.0.2-1tr.noarch.rpm
9e473d0bae6e089300dfd6e47528f069 2.0/RPMS/swupcron-2.0.0-1tr.noarch.rpm
76b40689c859cde981f905efdd45bfb1 2.0/RPMS/sysklogd-1.4.1-28tr.i586.rpm
9ab0ac170d29ce188c89689c2abc3024 2.0/SRPMS/anaconda-7.2-76tr.src.rpm
0daac7b2fbdafa065be1ee09efe69f35 2.0/SRPMS/ftpd-BSD-0.3.3-9tr.src.rpm
8efb55335fbdd8dd2862918cb30aea87 2.0/SRPMS/iputils-0.0.20020927-8tr.src.rpm
c4b0f649aab487a4bd11188d689c0208 2.0/SRPMS/nss_ldap-207-4tr.src.rpm
cd1b465679b72d67c825df574b1601f3 2.0/SRPMS/ntp-4.1.72-7tr.src.rpm
a2f7434054cf57ce4d78597287ed82be 2.0/SRPMS/openssh-3.6.1p2-1tr.src.rpm
cfadad201f90ef17dd5960c9c9c4bfb3 2.0/SRPMS/pam_ldap-164-3tr.src.rpm
076ef4a76a08b83bd49afc10845d4ca9 2.0/SRPMS/perl-5.8.0-12tr.src.rpm
dc718f7c7cac27ea8017c16efdb37659 2.0/SRPMS/perl-dbi-1.37-1tr.src.rpm
b22ca8ea44be2c2c0c42e2b06d964115 2.0/SRPMS/postfix-2.0.13-2tr.src.rpm
ec19a3fb82afd51a16c794ac4380875e 2.0/SRPMS/python-2.2.3-5tr.src.rpm
2ff91a46b90c993d4db0d6d1df0e6a55 2.0/SRPMS/reiserfsprogs-3.x.1b-7tr.src.rpm
4968c7ae81727cbcc46fb7d0f33ad77a 2.0/SRPMS/swup-2.0.2-1tr.src.rpm
a7acf3e6df713464e833533c105c743a 2.0/SRPMS/swupcron-2.0.0-1tr.src.rpm
5a1a6c81cd1100d6aaa1ec833d8f215b 2.0/SRPMS/sysklogd-1.4.1-28tr.src.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/PS6vwRTcg4BxxS0RAhS6AJ9YTuiqJ30mZQB6WVtlSeUcG5d9kQCeKhkd
epTCOAI7KHa9t/RWnmWQRH4=
=XBSY
-----END PGP SIGNATURE-----
_______________________________________________
tsl-announce mailing list
tsl-announce@trustix.org
http://www.trustix.org/mailman/listinfo/tsl-announce
(Log in to post comments)
|
|||||||||||||