[yellowdog-updates] Yellow Dog Security Advisory: YDU-20000728-1.txt

Subject: [yellowdog-updates] Yellow Dog Security Advisory: YDU-20000728-1.txt
dburcaw@terraplex.com
Date: Mon Jul 31 2000 - 23:08:35 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: dburcaw@terraplex.com: "[yellowdog-updates] Yellow Dog Security Advisory: YDU-20000731-1.txt"

Yellow Dog Linux Security Announcement
--------------------------------------

Package: kernel
Issue Date: July 28, 2000
Update Date: July 28, 2000
Priority: high
Advisory ID: YDU-20000728-1

1. Topic:

   A security hole was discovered that affects any setuid
   program on a system.

2. Problem:

   A security bug involving setuid programs is fixed in
   this kernel.

   Other fixes include:
   - GMAC ethernet river
   - 2000 "Pismo" PowerBook G3 support
   - ATI Rage 128 Pro support

3. Solution:

   a) Updating via yup...
   We suggest that you use the Yellow Dog Update Program (yup)
   to keep your system up-to-date. The following command will
   automatically retrieve and install the fixed version of
   the kernel onto your system:

           yup update kernel

   If you require kernel headers and/or source, run the following
   yup commands respectively:

        yup update kernel-headers
        yup update kernel-source

   b) Updating manually...
   The update can also be retrieved manually from our ftp site
   below along with the rpm command that should be used to install
   the update.

   ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.2/ppc/RPMS/
   kernel-2.2.17-0.6.1.ppc.rpm

        rpm -Fvh kernel-2.2.17-0.6.1.ppc.rpm

   If you require kernel headers and/or source, install the following
   files respectively:
  
   ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.2/ppc/RPMS/
   kernel-headers-2.2.17-0.6.1.ppc.rpm
   kernel-source-2.2.17-0.6.1.ppc.rpm

        rpm -Fvh kernel-headers-2.2.17-0.6.1.ppc.rpm
        rpm -Fvh kernel-source-2.2.17-0.6.1.ppc.rpm

   You also need to copy the new vmlinux file to either your MacOS
   System Folder if you are using BootX to boot YDL or to your
   yaboot partition if you are using yaboot.

4. Verification

MD5 checksum Package
-------------------------------- ----------------------------
a5b03e718c4db68fc84e4af558cae01d RPMS/kernel-2.2.17-0.6.1.ppc.rpm
b7b1331472d1ff52705b10d09af45580 RPMS/kernel-doc-2.2.17-0.6.1.ppc.rpm
94b1abbb7d3705af32d591f4b4eefd34 RPMS/kernel-headers-2.2.17-0.6.1.ppc.rpm
be424ccf9d9d34e5a29e53052b181c0b RPMS/kernel-pcmcia-cs-2.2.17-0.6.1.ppc.rpm
7d252f14e4785e3f615116c110961a43 RPMS/kernel-smp-2.2.17-0.6.1.ppc.rpm
8aa5c849fffb79b98cd58224a7f999cb RPMS/kernel-source-2.2.17-0.6.1.ppc.rpm
4fc3b01df1032a1c2015d8fd41a2e11c RPMS/kernel-utils-2.2.17-0.6.1.ppc.rpm

If you only wish to verify that each package has not been corrupted or tampered with,
examine only the md5sum with the following command: rpm --checksig --nogpg filename

5. Misc.

Terra Soft has setup a moderated mailing list where these security, bugfix, and package
enhancement announcements will be posted. See http://lists.yellowdoglinux.com/ for more
information.

For information regarding the usage of yup, the Yellow Dog Update Program, see
http://devel.yellowdoglinux.com/rp_yup.shtml

• Next message: dburcaw@terraplex.com: "[yellowdog-updates] Yellow Dog Security Advisory: YDU-20000731-1.txt"

This archive was generated by hypermail 2a24 : Mon Jul 31 2000 - 23:09:05 MDT