similar to: Forw: new procmail package

___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 |

This and the following 2 messages are from linux-watch@redhatc.com Dan ___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW:

___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 |

...and another one. Of course, if you subscribed to the redhat-watch list then I wouldn't have to forward these (hint, hint). ;) Cheers, Dan ___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov

below. Dan ___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 |

Another from Bugtraq. I've also forwarded this one on to our contact at Red Hat (Stephen Smoogen) and he tells me it's in their QA currently. Dan _______________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Computing Division OSS/FSS | Fax: (630) 840-6345 .~. L Fermi National Accelerator

Rogier, Until we get the list problem solved I'll just forward on the security notices directly to you. Cheers, Dan ___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi

below. Dan ___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 |

below. Dan ___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 |

------- Forwarded Message Return-Path: redhat-watch-list-request@redhat.com Received: from lists.redhat.com (lists.redhat.com [199.183.24.247]) by sapphire.fnal.gov (8.8.7/8.8.7) with SMTP id VAA26469 for <yocum@sapphire.fnal.gov>; Wed, 16 Jun 1999 21:19:18 -0500 Received: (qmail 7754 invoked by uid 501); 17 Jun 1999 03:06:01 -0000 Resent-Date: 17 Jun 1999 03:06:01 -0000 Resent-Cc:

Pulled from Bugtraq. Dan ____________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Computing Division OSS/FSS | Fax: (630) 840-6345 .~. L Fermi National Accelerator Lab | email: yocum@fnal.gov /V\ I P.O. Box 500 | WWW: www-oss.fnal.gov/~yocum/ // \\ N Batavia, IL

Enjoy.... ugh. Dan ____________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Computing Division OSS/FSS | Fax: (630) 840-6345 .~. L Fermi National Accelerator Lab | email: yocum@fnal.gov /V\ I P.O. Box 500 | WWW: www-oss.fnal.gov/~yocum/ // \\ N Batavia, IL

Freshmeat says: Following up to yesterday's Linux 2.0.38 release, Alan Cox sent out a security notice about a remote network DoS vulnerability which is present in all Linux 2.0.x systems. Linux 2.2.x is not affected by this bug. Causing this requires a great deal of skill and probably a reasonably local network access as it is extremely timing dependant. Nevertheless everyone is advised to

Can someone please address this? Thank you. -------------- next part -------------- An embedded message was scrubbed... From: Jason Helfman <jhelfman@bizrate.com> Subject: Help... Strip Whitespace. Date: Fri, 16 Nov 2001 09:26:54 -0500 Size: 3555 Url: http://lists.samba.org/archive/samba/attachments/20011119/332384ed/attachment.eml

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: screen defaults to not using Unix98 ptys Advisory ID: RHSA-1999:042-01 Issue date: 1999-10-20 Updated on: Keywords: Cross references: screen unix98 pty permissions --------------------------------------------------------------------- 1. Topic: Screen uses ptys with world

Well, last night, my box was hit again.. same symptoms: All attempts to connect remotely receive a connection, but a login prompt never comes up. When I went to the console and turned on the monitor, I had the login prompt, but written on to the screen was the message IPMASQ: Reverse ICMP: Checksum error from xxx.xxx.xxx.xxx So, on this occasion, I thought I would post a summary of the

-------- Is this old? I couldn''t find it in the linux-security archives. If so, please disregard. Dan ------- Forwarded Message Return-Path: cppm_reg_sysadmins-owner@fnal.gov Received: from FNAL.FNAL.Gov (fnal.fnal.gov [131.225.9.8]) by sapphire.fnal.gov (8.8.7/8.8.7) with ESMTP id LAA27322 for <yocum@sapphire.fnal.gov>; Tue, 13 Oct 1998 11:12:23 -0500 Received: from raven

I have produced fixed sendmail RPMs for RedHat systems for the exploit posted yesterday on BoS. They are not official, until RedHat release an official version themselves: URL: ftp://ftp.sorosis.ro/pub/linux/local/fixes/ 3237df366bd1def87c91b1f8fb835a3e ./redhat-3.0.3/sendmail-8.8.2-2.i386.rpm dc1ba8ce94c4f5df357e3db06989819e ./redhat-3.0.3/sendmail-cf-8.8.2-2.i386.rpm

I haven't seen this on the linux-security list so I thought I'd forward it on for your review. It was pulled from Bugtraq by one of our sys admins. Dan _______________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Computing Division OSS/FSS | Fax: (630) 840-6345 .~. L Fermi National

I have been trying for quite a while now to understand why is the flist.c:f_name() function implemented using static buffers. Anyone care to comment? The immediate problem is that any call to f_name overrides the previous content (well, obvious). This, combined with the fact that several function calls are made with the result of f_name(file) results in problems handling hardlinks - and