___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 | // \\ N Batavia, IL 60510 | "TANSTAAFL" /( )\ U ________________________________|_________________________________ ^`~'^__X_ ------- Forwarded Message Return-Path: redhat-watch-list-request@redhat.com Received: from lists.redhat.com (lists.REDHAT.com [199.183.24.247]) by sapphire.fnal.gov (8.8.7/8.8.7) with SMTP id GAA19826 for <yocum@sapphire.fnal.gov>; Fri, 16 Apr 1999 06:06:36 -0500 Received: (qmail 3324 invoked by uid 501); 16 Apr 1999 11:30:02 -0000 Resent-Date: 16 Apr 1999 11:30:02 -0000 Resent-Cc: recipient list not shown: ; MBOX-Line: From redhat-watch-list-request@redhat.com Fri Apr 16 07:30:01 1999 Date: Fri, 16 Apr 1999 07:06:08 -0400 (EDT) From: Cristian Gafton <gafton@redhat.com> X-Sender: gafton@alien.devel.redhat.com To: redhat-watch-list@redhat.com Subject: (Correction) SECURITY: New rsync packages available Message-ID: <Pine.LNX.4.10.9904160701270.25520-100000@alien.devel.redhat.com> Approved: ewt@redhat.com MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Resent-Message-ID: <"9I94u.0.Ap.vyn5t"@lists.redhat.com> Resent-From: redhat-watch-list@redhat.com Reply-To: redhat-watch-list@redhat.com X-Mailing-List: <redhat-watch-list@redhat.com> archive/latest/20 X-Loop: redhat-watch-list@redhat.com Precedence: list Resent-Sender: redhat-watch-list-request@redhat.com X-URL: http://www.redhat.com - -----BEGIN PGP SIGNED MESSAGE----- A number of subscribers pointed out the obvious error in the previous announcement for rsync - the fact that I posted the links for procmail packages instead. While the late, late night hour I am posting this might have something to do with it :-), I do apologize for any inconvenience caused. Now that I have the brown paper bag over my head, here is the correct update: * * * Potential security problems have been identified in the rsync package shipped with Red Hat Linux 5.2. A user can not exploit this hole deliberately to gain privileges (ie. this is not an "active" security hole) but a system administrator could easily be caught by the bug and inadvertently compromise the security of their system. Red Hat would like to thank Andrew Tridgel for providing an update that fixed the problem. Users of Red Hat Linux are recommended to upgrade to the new packages available under updates directory on our ftp site: Red Hat Linux 5.2: ================= alpha: rpm -Uvh ftp://updates.redhat.com/5.2/alpha/rsync-2.3.1-0.alpha.rpm i386: rpm -Uvh ftp://updates.redhat.com/5.2/i386/rsync-2.3.1-0.i386.rpm sparc: rpm -Uvh ftp://updates.redhat.com/5.2/sparc/rsync-2.3.1-0.sparc.rpm Source rpm: rpm -Uvh ftp://updates.redhat.com/5.2/SRPMS/rsync-2.3.1-0.src.rpm Cristian - - -- - - ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat Software, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ UNIX is user friendly. It's just selective about who its friends are. - -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNxcZpPGvxKXU9NkBAQFtXgP+IQkchpozWLqFzFXbvCwAQW8HHmhbr/HU XSkpmYr8XpmS20fq9O7kPp4SzEThyTswEoeFT//jpB3ssyU+jx9c4b5XoPBicZFL GQ308+ku7o8oeaWQFbYejp6HaxP7ZDFI4XIsBIhCRSjfq0JhAYnFfxJyiRRG5p/i 7dbkLTSCDNQ=BiJW - -----END PGP SIGNATURE----- - -- To unsubscribe: mail redhat-watch-list-request@redhat.com with "unsubscribe" as the Subject. ------- End of Forwarded Message