SECURITY: new nfs-server packages available (fwd)

From: Alan Cox (alanat_private)
Date: Thu Aug 27 1998 - 19:53:07 PDT

Next message: Scott Stone: "NFS fix - TurboLinux 2.0"

Previous message: Alan Cox: "Re: Seyon Security Vulnerability"
Next in thread: Paul Boehm: "Re: SECURITY: new nfs-server packages available (fwd)"
Reply: Paul Boehm: "Re: SECURITY: new nfs-server packages available (fwd)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Expect similar announces from other Linux vendors to follow this one. The
bug is in code that as far as I can tell in Linux specific portmap code
so this is unlikely to affect non Linux portmappers. I'll post an explanation
once the other vendor announcements are out.

Alan

> -----BEGIN PGP SIGNED MESSAGE-----
>
> Potential security problems have been identified in all versions of
> nfs-server packages shipped with Red Hat Linux.
>
> Users of Red Hat Linux are recommended to upgrade to the new packages
> available under updates directory on our ftp site:
>
>
> * Red Hat Linux 5.1 and 5.0:
> ============================
>
> alpha:
> - ------
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/5.1/alpha/nfs-server-2.2beta29-7.alpha.rpm
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/5.1/alpha/nfs-server-clients-2.2beta29-7.alpha.rpm
>
> i386:
> - -----
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/5.1/i386/nfs-server-2.2beta29-7.i386.rpm
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/5.1/i386/nfs-server-clients-2.2beta29-7.i386.rpm
>
> sparc:
> - ------
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/5.1/sparc/nfs-server-2.2beta29-7.sparc.rpm
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/5.1/sparc/nfs-server-clients-2.2beta29-7.sparc.rpm
>
> Source RPM:
> - -----------
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/5.1/SRPMS/nfs-server-2.2beta29-7.src.rpm
>
>
> * Red Hat Linux 4.2:
> ====================
>
> alpha:
> - ------
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/4.2/alpha/nfs-server-2.2beta16-9.alpha.rpm
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/4.2/alpha/nfs-server-clients-2.2beta16-9.alpha.rpm
>
> i386:
> - -----
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/4.2/i386/nfs-server-2.2beta16-9.i386.rpm
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/4.2/i386/nfs-server-clients-2.2beta16-9.i386.rpm
>
> sparc:
> - ------
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/4.2/sparc/nfs-server-2.2beta16-9.sparc.rpm
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/4.2/sparc/nfs-server-clients-2.2beta16-9.sparc.rpm
>
> Source RPM:
> - -----------
> rpm -Uvh \
>   ftp://ftp.redhat.com/pub/redhat/updates/4.2/SRPMS/nfs-server-2.2beta16-9.src.rpm
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
>
> iQCVAwUBNeYMBPGvxKXU9NkBAQEBrAP9EdR+axrR0AIO2NleNuSw/2WF/4two4lg
> RKwwQekrlTU0FjxOqmzhkuwyVHflWWu39wybto12y9XFIyptLJFdFvzwBiPczI5V
> f88L+acQcaAZtZmIARMMsOFCyGMmXoTNULFIkmtVlmIxcsIT3/heJtGC1WTYboE9
> 00fnNdehNFQ=
> =Spdn
> -----END PGP SIGNATURE-----
>
> Cristian
> --
> ----------------------------------------------------------------------
> Cristian Gafton   --   gaftonat_private   --   Red Hat Software, Inc.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>  UNIX is user friendly. It's just selective about who its friends are.

Next message: Scott Stone: "NFS fix - TurboLinux 2.0"
Previous message: Alan Cox: "Re: Seyon Security Vulnerability"
Next in thread: Paul Boehm: "Re: SECURITY: new nfs-server packages available (fwd)"
Reply: Paul Boehm: "Re: SECURITY: new nfs-server packages available (fwd)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:13:50 PDT