Yellow Dog Linux Security Advisory: YDU-20030409-2
Rick Thomas
yellowdog-general@lists.terrasoftsolutions.com
Wed Apr 16 00:52:01 2003
Well, I'm doing something wrong, but for the life of me, I can't figure out
what...
Hardware: Apple Power Macintosh 6500/225 with 128 MB RAM, 80 GB IDE
hard-disk, CD-ROM reader, and 100 MB Zip drive.
Booted the install CD via BootX and did a fresh "server" install with 4GB
for "/", 1 GB for swap, and 64 GB for /home.
Following the reboot, I logged in as "root" and immediately did
apt-get update
followed by
apt-get upgrade
to pick up any security fixes (such as the one mentioned in the enclosed
update notice). It told me that a bunch of cups-printer packages were
obsoleted and I should use the "-f" option. So I quit the upgrade and did
apt-get -f upgrade
which ran to completion. I then tried to do another
apt-get upgrade
to see if there was anything else out there, and it gave me thousands of
errors about things (like /bin/sh of all things!) being not installable.
What did I do wrong?
Help!
Rick
on 4/14/03 1:31 PM, Troy Vitullo at security@terrasoftsolutions.com wrote:
> Yellow Dog Linux Security Announcement
> --------------------------------------
>
> Package: evolution
> Issue Date: April 09, 2003
> Priority: medium
> Advisory ID: YDU-20030409-2
>
>
> 1. Topic:
>
> Updated evolution packages are available.
>
>
> 2. Problem:
>
> Ximian Evolution, a groupware suite for GNOME, contains several
> vulnerabilities that allow well-crafted emails to crash the
> program and cause other instabilities.
>
> Evolution users are advised to upgrade to the following errata
> packages that address these issues.
>
>
> 3. Solution:
>
> a) Updating via apt...
> We suggest that you use the apt-get program to keep your
> system up-to-date. The following command(s) will retrieve
> and install the fixed version of this update onto your system:
>
> apt-get update
> apt-get install evolution
>
> b) Updating manually...
> Download the updates below and then run the following rpm command.
> (Please use a mirror site)
>
> rpm -Fvh [filenames]
> Yellow Dog Linux 3.0
> ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-3.0/
> ppc/evolution-1.2.2-5a.ppc.rpm
> SRPMS/evolution-1.2.2-5a.src.rpm
>
> Yellow Dog Linux 2.3
> ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-2.3/
> ppc/evolution-1.0.8-9.7x.1a.ppc.rpm
> SRPMS/evolution-1.0.8-9.7x.1a.src.rpm
>
>
> 4. Verification
>
> MD5 checksum Package
> -------------------------------- ----------------------------
> [Yellow Dog Linux 3.0]
> f6ec2c351e640bf9574b047579160d94 SRPMS/evolution-1.2.2-5a.src.rpm
> 5a7245ead4805cb7ea3ed3910e6864a0 ppc/evolution-1.2.2-5a.ppc.rpm
>
> [Yellow Dog Linux 2.3]
> 96826b88e3fe6d1a4529194ef6f182e7 ppc/evolution-1.0.8-9.7x.1a.ppc.rpm
> 900ba3f0b698923fbc67a450723fa253 SRPMS/evolution-1.0.8-9.7x.1a.src.rpm
>
> If you wish to verify that each package has not been corrupted or tampered
> with,
> examine the md5sum with the following command: md5sum <filename>
>
>
> 5. Misc.
>
> Terra Soft has setup a moderated mailing list where these security, bugfix,
> and package
> enhancement announcements will be posted. See
> http://lists.terrasoftsolutions.com/ for more
> information.
>
> For information regarding the usage of apt-get, see:
> http://www.yellowdoglinux.com/support/solutions/ydl_general/apt-get.shtml
> _______________________________________________
> yellowdog-updates mailing list
> yellowdog-updates@lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-updates
>