User: Password:
Subscribe / Log in / New account

Yellow Dog alert YDU-20030602-1 (xinetd)

From:  security <>
Subject:  Yellow Dog Linux Security Advisory: YDU-20030602-1
Date:  Tue, 03 Jun 2003 18:45:16 -0600

Yellow Dog Linux Security Announcement -------------------------------------- Package: xinetd Issue Date: Jun 02,2003 Priority: medium Advisory ID: YDU-20030602-1 1. Topic: Updated xinetd packages are available. 2. Problem: "Xinetd is a 'master server' that is used to to accept service connection requests and start the appropriate servers. Because of a programming error, memory was allocated and never freed if a connection was refused for any reason. An attacker could exploit this flaw to crash the xinetd server, rendering all services it controls unavaliable. In addition, other flaws in xinetd could cause incorrect operation in certain unusual server configurations. All users of xinetd are advised to update to the packages listed in this erratum, which contain an upgrade to xinetd-2.3.11 and are not vulnerable to these issues." (From Red Hat Advisory) 3. Solution: a) Updating via apt... We suggest that you use the apt-get program to keep your system up-to-date. The following command(s) will retrieve and install the fixed version of this update onto your system: apt-get update apt-get install xinetd b) Updating manually... Download the updates below and then run the following rpm command. (Please use a mirror site) rpm -Fvh [filenames] Yellow Dog Linux 3.0 ppc/xinetd-2.3.11-1.9.0.ppc.rpm 4. Verification MD5 checksum Package -------------------------------- ---------------------------- [Yellow Dog Linux 3.0] f02d08a29e7e331e666a97a82c5d95ac SRPMS/xinetd-2.3.11-1.9.0.src.rpm 496e6f40f5972776b24dd10dcb8b73dd ppc/xinetd-2.3.11-1.9.0.ppc.rpm If you wish to verify that each package has not been corrupted or tampered with, examine the md5sum with the following command: md5sum <filename> 5. Misc. Terra Soft has setup a moderated mailing list where these security, bugfix, and package enhancement announcements will be posted. See for more information. For information regarding the usage of apt-get, see: _______________________________________________ yellowdog-updates mailing list

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds