Red Hat Linux 5.2 (Apollo) General Errata
Note: You do NOT need to apply these patches to your Fermi Linux machine, we have been put them in already, and AutoRPM will install updated packages when we determine that they are necessary. Please read our use of AutoRPM at Fermilab for more information on this service.The following are known problems with Red Hat Linux 5.2 on multiple platforms. Updates are available via FTP from:
If you have problems downloading fixes from the official site (ftp.redhat.com), please try one of the many Red Hat mirrors. Please note that newer versions of some of these packages may be available in the same location; any new versions which are made available will fix all of the bugs older versions did, so you can use the latest version with no problems. We are no longer separating the errata into general and platform-specific
errata. If you are unsure whether an errata update is for your system, the
following information should help:
If you experience problems downloading the RPMs using Netscape or Internet Explorer, you will need to explicitely download to file versus opening in a window. The problem you are encountering is that both browsers think that .rpm files are text files and thus try to show the contents. In Netscape, you can Shift-Click to correctly download the file. Overview
Detailed ErrataPackage: squid
1. Topic: cachemgr.cgi, the manager interface to Squid, is installed by default in /home/httpd/cgi-bin. If a web server (such as apache) is running, this can allow remote users to sent connect() requests from the local machine to arbitrary hosts and ports. 2. Bug IDs fixed:
3. Relevant releases/architectures: Red Hat Linux 5.2, all architectures 4. Obsoleted by: None 5. Conflicts with: None 6. RPMs required:
Intel: ftp://updates.redhat.com/5.2/i386/
squid-2.2.STABLE4-0.5.2.i386.rpm Alpha: ftp://updates.redhat.com/5.2/alpha/
squid-2.2.STABLE4-0.5.2.alpha.rpm SPARC: ftp://updates.redhat.com/5.2/sparc/
squid-2.2.STABLE4-0.5.2.sparc.rpm Source: ftp://updates.redhat.com/5.2/SRPMS squid-2.2.STABLE4-0.5.2.src.rpm 7. Problem description: A remote user could enter a hostname/IP address and port number, and the cachemgr CGI would attempt to connect to that host and port, printing the error if it fails. 8. Solution: For each RPM for your particular architecture, run: rpm -Uvh filename where filename is the name of the RPM. Alternatively, you can simply disable the cachemgr.cgi, by editing your http daemons access control files or deleting/moving the cachemgr.cgi binary. 9. Verification:
MD5 sum Package Name -------------------------------------------------------------------------- 175b42cc4b603242fbb95e345c14963c squid-2.2.STABLE4-0.5.2.i386.rpm f8dfc1198e32c645ed57769a44f3aa6d squid-2.2.STABLE4-0.5.2.alpha.rpm 2e11f629d2f15af8442d6b724ea4d020 squid-2.2.STABLE4-0.5.2.sparc.rpm 0ea1522539d2aebf298881571253e13d squid-2.2.STABLE4-0.5.2.src.rpmThese packages are also PGP signed by Red Hat Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html
You can verify each package with the following command:
rpm --checksig
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nopgp 10. References:
Revision History:
1999-07-29: Add note about %postun of Red Hat Linux 6.0 samba release.
1. Topic:
Samba 2.0.5a has been released. Among the fixes in this release
are several security issues present in previous Samba releases.
2. Bug IDs fixed:
1321 2557 2625 2779 2923 2982 3715
3. Relevant releases/architectures:
Red Hat Linux 5.2, all architectures
4. Obsoleted by:
None
5. Conflicts with:
The smbmount code shipped with Samba 2.0 is only compatible
with the Linux 2.2 kernel, so it has not been built for
the Red Hat Linux 4.2 and 5.2 releases. If smbmount
support for the 2.2 kernel is needed under Red Hat Linux
4.2 or 5.2, the source RPM can be rebuilt with the following
command line (RPM version 3.0 is required):
rpm --define "KERN22 yes" --rebuild samba-2.0.5a-
The samba package shipped with Red Hat Linux 6.0 (samba-2.0.3-8)
has an erroneous post-uninstall script. If this package is upgraded
to the errata release, it could cause /var/log/samba and
/var/lock/samba to be missing. It is recommended that users
of samba under Red Hat Linux 6.0 uninstall the previous release
using 'rpm -e samba' before installing the errata release.
6. RPMs required:
Intel:
ftp://updates.redhat.com/5.2/i386/
samba-2.0.5a-0.5.2.i386.rpm Alpha:
ftp://updates.redhat.com/5.2/alpha/
samba-2.0.5a-0.5.2.alpha.rpm SPARC:
ftp://updates.redhat.com/5.2/sparc/
samba-2.0.5a-0.5.2.sparc.rpm Source:
ftp://updates.redhat.com/5.2/SRPMS 7. Problem description:
Several security issues were present in earlier samba releases.
- a denial-of-service attack could be performed against nmbd.
- a buffer overflow was present in the message service in smbd
(not enabled by default under Red Hat Linux)
- a race condition was present in smbmnt that could cause problems
if installed setuid root (it is not installed setuid root by
default under Red Hat Linux 6.0, and is not present under Red
Hat Linux 4.2 or 5.2)
Thanks go to Olaf Kirch ([email protected]) for discovering the
security holes, as well as the Samba team.
8. Solution:
Install the updated RPMs, and restart the affected services by
running:
/etc/rc.d/init.d/smb restart
For each RPM for your particular architecture, run:
rpm -Uvh filename
where filename is the name of the RPM.
9. Verification:
You can verify each package with the following command:
rpm --checksig
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nopgp 10. References: 1. Topic:
This release of rpm is intended to permit all Red Hat platforms to
use the same version of rpm.
2. Bug IDs fixed:
The most significant user-visible bugs fixed in rpm-3.0.2 are 3. Relevant releases/architectures:
Red Hat Linux 5.x, all architectures
4. Obsoleted by:
None
5. Conflicts with:
Packages that are linked with rpm-2.5.x libraries. This includes
rpmfind, rpm2html, gnorpm, and kpackage. You will need to upgrade
to a version of these packages that have been linked with rpm-3.0.x
libraries.
6. RPMs required:
Intel:
ftp://updates.redhat.com/5.2/i386/
rpm-3.0.2-5.x.i386.rpm Alpha:
ftp://updates.redhat.com/5.2/alpha/
rpm-3.0.2-5.x.alpha.rpm SPARC:
ftp://updates.redhat.com/5.2/sparc/
rpm-3.0.2-5.x.sparc.rpm Source:
ftp://updates.redhat.com/5.2/SRPMS/
This release of rpm is intended to permit all Red Hat platforms to
use the same version of rpm.
8. Solution:
Upgrade to the latest errata release of rpm by downloading the correct
rpm and rpm-devel packages for your architecture and version of Red Hat
Linux.
You should install the packages by typing (assuming Red Hat 6.0/i386)
If you are upgrading from rpm-2.5.x, you should then type
If you use rpm to build packages, please note that the method of
configuring rpm has changed. The commonest configuration problem
encountered by packagers who upgrade is how to set topdir to
something other than /usr/src/redhat:
In rpm-2.5.x, you would put the following in ~/.rpmrc
topdir: /path/to/your/directory/here
In rpm-3.0.x, you should put the following in ~/.rpmmacros
%_topdir /path/to/your/directory/here
9. Verification:
You can verify each package with the following command:
rpm --checksig
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nopgp 10. References:
1. Topic:
A potential security problem has been fixed in the nfs-server package.
2. Bug IDs fixed:
3. Relevant releases/architectures:
Red Hat Linux 5.2, all architectures
4. Obsoleted by:
None
5. Conflicts with:
None
6. RPMs required:
Intel:
ftp://updates.redhat.com/5.2/i386/
nfs-server-2.2beta44-1.i386.rpm Alpha:
ftp://updates.redhat.com/5.2/alpha/
nfs-server-2.2beta44-1.alpha.rpm SPARC:
ftp://updates.redhat.com/5.2/sparc/
nfs-server-2.2beta44-1.sparc.rpm 7. Problem description:
A change to 32 bit uid_t's within glibc 2.0.x has opened a potential
hole in root-squashing.
8. Solution:
9. Verification:
10. References:
Updated: 10-Jun-1999
Problem
A more complete description of current problems with wu-ftpd may be found at
http://developer.redhat.com/bugzilla
by querying the wu-ftpd component. Bugs #2798 and #2944 describe the
file globbing failure symptoms, #2455 describes the ftpwho symptoms.
Users of Red Hat Linux should upgrade to a new version of wu-ftpd in order
to fix these problems.
Solution:
Red Hat 5.x: Updated: 10-Jun-1999
Problem:
This is a security errata for the imap package that corrects a known
ipop2d exploit in Red Hat 4.x and Red Hat 5.x.
A more complete description of current problems with imap may be found at
http://developer.redhat.com/bugzilla
by querying the imap component. Bug #3161 is the report of ipop2d exploit.
Users of Red Hat Linux 4.x and 5.x should upgrade to the new version of imap
in order to correct this security problem.
Solution: Updated: 11-Jun-1999
Problem:
Solution:
Updated: 27-May-1999
Problem:
The mod_perl Apache module shipped with Red Hat Linux 5.2 and Secure
Web Server 2.0 does not function properly with the latest errata
release of perl available for that platform (perl-5.004m7-1). This is
due to dependencies within mod_perl on perl itself.
Users which rely on mod_perl functionality are encouraged to upgrade
to a fixed version available at the following locations:
Solution:
Updated: 16-Apr-1999
Problem:
Due to many reports of security breaches of Red Hat systems
from NFS, we have updated the NFS for other versions of RH
Linux to the latest. We have done the same for RH 5.2. This
version fixes several small Denial of Service problems.
Solution: Updated: 16-Apr-1999
Problem:
Potential security problems have been identified in the
rsync package shipped with Red Hat Linux 5.2. A user can not
exploit this hole deliberately to gain privileges (ie. this
is not an "active" security hole) but a system administrator
could easily be caught by the bug and inadvertently
compromise the security of their system.
Red Hat would like to thank Andrew Tridgel for providing an
update that fixed the problem.
Users of Red Hat Linux are recommended to upgrade to the
new packages available under updates directory on our ftp site:
Solution:
Updated: 16-Apr-1999
Problem:
Potential security problems have been identified in all the
procmail packages shipped with Red Hat Linux. Currently Red
Hat is not aware of any exploits built on these
vulnerabilities.
Red Hat would like to thank the members of the Bugtraq list
for reporting these problems and the authors of procmail for
quickly providing an update.
Users of Red Hat Linux are recommended to upgrade to the new
packages available under updates directory on our ftp site:
Solution:
Updated: 16-Apr-1999
Problem:
Solution:
Updated: 01-Apr-1999
Problem:
Security vulnerabilities have been identified in the XFree86
packages that ship with Red Hat Linux. This security problem
can allow local users to get write access to directories
that they are otherwise not able to write to.
Red Hat would like to thank the members of the BUGTRAQ
mailing list, the members of the Linux Security Audit team,
and others. All users of Red Hat Linux are encouraged to
upgrade to the new packages immediately. As always, these
packages have been signed with the Red Hat PGP key.
New RPMs for XFree86 3.3.3.1 (X11) are available for Red Hat
Linux 4.2 and 5.x on all platforms. This new release is
primarily a bugfix release. It corrects problems with a few
drivers (especially the 3D Labs slowdown problem), fixes
Russian KOI8 font support, and fixes the font server xfs,
which was inadvertently broken in our release of XFree86
3.3.3.
Please see the official release notes at
http://www.xfree86.org/#news for further
information.
Solution:
In some circumstances, you may be required to add --force
and/or --nodeps to the rpm command line options to insure
a proper upgrade. Add these options if the command line given
gives an error.
Required RPMS
You will want one of the following RPMS for your video
card.
You might want one or more of these RPMS if you do
development. Further Instructions
For instructions on upgrading users should read the Red Hat XFree86 upgrade
howto. This document is in its initial drafts, but should be
useful.
Updated: 01-Apr-1999
Problem:
An problem in the mime handling code could allow a remote
user to execute certain commands on a local system.
Red Hat would like to thank the members of the BUGTRAQ
mailing list, the members of the Linux Security Audit team,
and others. All users of Red Hat Linux are encouraged to
upgrade to the new packages immediately. As always, these
packages have been signed with the Red Hat PGP key.
Solution:
Further Instructions
Updated: 01-Apr-1999
Problem:
An problem in the mime handling code could allow a remote
user to execute certain commands on a local system.
Red Hat would like to thank the members of the BUGTRAQ
mailing list, the members of the Linux Security Audit team,
and others. All users of Red Hat Linux are encouraged to
upgrade to the new packages immediately. As always, these
packages have been signed with the Red Hat PGP key.
Solution:
Updated: 01-Apr-1999
Problem:
Red Hat would like to thank the members of the BUGTRAQ
mailing list, the members of the Linux Security Audit team,
and others. All users of Red Hat Linux are encouraged to
upgrade to the new packages immediately. As always, these
packages have been signed with the Red Hat PGP key.
Auditors of zgv have found buffer overflows that could be
exploited to gain root privileges.
Red Hat would like to thank the users of the BUGTRAQ security
list for identifying the problem and Kevin Vajk
Solution:
Updated: 01-Apr-1999
Problem:
An overflow in the parsing code could lead to crashes of
the system logger.
Red Hat would like to thank the members of the BUGTRAQ
mailing list, the members of the Linux Security Audit team,
and others. All users of Red Hat Linux are encouraged to
upgrade to the new packages immediately. As always, these
packages have been signed with the Red Hat PGP key.
A buffer overflow has been identified in all versions of the
sysklogd packages shipped with Red Hat Linux. As the time of this
post there are no known exploits for this security vulnerability.
Red Hat would like to thank Michal Zalewski ([email protected])
and the members of the Bugtraq mailing list for discovering this
problem and providing a fix.
Users of Red Hat Linux are recommended to upgrade to the new
packages available under updates directory on our ftp site:
Solution:
Further Instructions
Once you have downloaded the sysklogd package for your architecture,
you will need to do the following as root:
Updated: 19-Feb-1999
Problem:
Red Hat Linux 5.2 is shipping with a vulnerable version of
lsof. The lsof binary is shipped setgid kmem and by
exploiting a buffer overflow a user will be able to get kmem
group access. Fortunately the permissions on /dev/kmem on
Red Hat Linux will only grant read only access to kmem group
members, so this exploit can not be used to get root
access.
There is an exploit floating around the net for this
security problem which is based on the fact that some
distributions grant both read and write access for the kmem
group members to /dev/kmem.
Red Hat would like to thank HERT - Hacker Emergency
Response Team - for bringing this problem to our attention.
Although this security hole can not be used to get root
access on Red Hat Linux, there are privacy concerns that
prompt us to release a security update for the lsof
package. All users of Red Hat Linux 5.2 are encouraged to
upgrade to the new lsof packages immediately. As always,
these packages have been signed with the Red Hat PGP key.
Solution:
Further Instructions:
You may get an error using this version of lsof if you have not
upgraded to the 2.0.36-1 or 2.0.36-3 kernel RPMs.
Updated: 09-Feb-1999
Problem:
Current minicom packages have permissions set to allow all
users to access a modem on a system. This update fixes this
problem limiting users to those listed in the minicom
configuration file.
New packages are available for the supported versions of Red
Hat Linux. All users of Red Hat Linux are encouraged to
upgrade to the new minicom releases immediately. As always,
these packages have been signed with the Red Hat PGP key.
Solution: Updated: 02-Feb-1999
Problem:
Solution:
Further Instructions
You should be able to upgrade the package using RPM. Example:
Updated: 02-Feb-1999
Problem:
Solution:
Further Instructions
You should be able to upgrade the package using RPM. Example:
Updated: 02-Feb-1999
Problem:
Solution:
Further Instructions
You should be able to upgrade the package using RPM. Example:
Updated: 19-Jan-1999
Problem:
Solution:
Updated: 03-Jan-1999
Problem:
Red Hat has further patched the standard 2.0.36 kernel
with updated drivers for the Adaptec 7xxx cards, NCR scsi,
3com 905B, and some other patches.
Several security holes were found in the Linux kernel and
patched in the 2.0.36 kernel. Users should upgrade to patch
these problems. The announcement can be found here.
Solution:
You will need to recompile the source code for your
platform.
Due to differences between versioning, Red Hat has patched
the 2.0.35 kernel with the security fixes that are in the
2.0.36 kernel.
Further Instructions
For instructions on upgrading users should read the Red Hat kernel upgrade howto.
While the howto focuses on intel, there are sub
chapters for upgrading alpha and sparc machines.
Updated: 03-Jan-1999
Problem:
The default configuration as shipped with the
supported releases of Red Hat Linux is not vulnerable
to this problem.
A race condition that can be exploited under some
particular scenarios has been identified in all
versions of the Linux-PAM library shipped with all
versions of Red Hat Linux. The vulnerability is
exhibited in the pam_unix_passwd.so module included in
Red Hat Linux, but *not* used by either of the 4.2 or
5.x releases. Red Hat Linux uses the pam_pwdb.so
module for performing PAM authentication.
You are at risk if you enabled pam_unix_passwd.so
and are using it instead of the pam_pwdb.so module. An
exploit occurs when an user with a umask setting of 0
is trying to change the login password.
As of this release there are no known exploits of
this security problem.
Solution:
Updated: 01-Feb-1999
Problem:
New boot and supplemental floppy images have been uploaded
to correct the following problems:
You will need to download these image files to your
harddrive since they are the exact size of a formatted
floppy disk (and thus will not fit).
You will then need to use the DOS rawrite.exe
command found on the CD-rom, or if you have Linux installed
on another machine, can use the dd command to write
the image to the floppy using:
Solution:
Further Instructions
Users experiencing problems with aic7xxx or
ncr53c8xx drivers need to go to
This will put the correct driver in the initrd that gets created
before lilo is installed.
Users will be able to install using 3c905B in 100 Mbps mode.
After reboot the card will be using the old driver,
therefore it will not be able to enter 100 Mbps mode.
Updating to the new kernel rpm will correct this.
Updated: 22-Dec-1998
Problem:
A security vulnerability has been identified in all versions
of the ftp client binary shipped with Red Hat Linux. An
exploit for this vulnerability would have to rely on getting
the user to connect using passive mode to a server running a
ftp daemon under the attacker's control. As of this release
time there are no known exploits of this security problem.
All users of Red Hat Linux are encouraged to upgrade to the
new package releases immediately. As always, these packages
have been signed with the Red Hat PGP key.
Solution:
Further Instructions
Once you have downloaded the NetKit package for your
architecture, you will need to do the following as root:
Updated: 25-May-1999
Problem:
New netscape packages are available. While these are not
specifically security updates, among the changes listed
are 'Fixes to improve security'; therefore it is recommended
that users update to the new packages.
Solution:
Updated: 22-Dec-1998
Problem:
Various security vulnerabilities have been found in versions
of Netscape Navigator and Communicator as shipped with Red
Hat Linux. More information on the security vulnerabilities
is available at
Netscape
It is recommended that users of Red Hat Linux upgrade to
the new packages available on our FTP site:
Solution:
Updated: 13-Nov-1998
Problem:
A buffer overflow has been identified in all versions of the
libc 5 packages shipped with Red Hat Linux. The most affected
systems are those that are libc 5 based (Red Hat Linux 4.2 and
older). Only Intel and Sparc architectures are affected.
The Red Hat Linux 5.x releases are glibc (libc 6) based, and
Red Hat does not ship any binaries linked against libc 5 that
might be used for compromising the system's security. However,
Red Hat Linux 5.x releases do include for backwards
compatibility a package containg a vulnerable library.
Users of Red Hat Linux are recommended to upgrade to the new
packages available under updates directory on our ftp site:
Solution:
Updated: 13-Nov-1998
Problems:
A problem has been found with the install when selecting
individual packages. To get around this problem, you will need
to down load the updated ramdisk from the ftp site. Then
rawrite the image to a floppy following the instructions in the
manual.
Solution:
Updated: 06-Nov-1998
Problem:
svgalib has been found to leak file descriptors to /dev/mem.
Red Hat would like to thank the users of the BUGTRAQ security
list for identifying the problem and Kevin Vajk
Solution:
Copyright © 1995-1999 Red Hat Software. Legal notices
copyright © 1999 Red Hat, Inc. All rights reserved. |