-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : zlib SUMMARY : zlib double free() vulnerability DATE : 2002-03-14 17:04:00 ID : CLA-2002:469 RELEVANT RELEASES : 5.0, prg graficos, ecommerce, 5.1, 6.0, 7.0 - ------------------------------------------------------------------------- DESCRIPTION "zlib"[1] is a compression library used by hundreds of different programs. zlib version 1.1.3 and lower of this library have a vulnerability[5] which can be used by an attacker (local or remote, it depends on the service being targeted) to cause a Denial of Service condition in most cases, or, in the worst case, possibly execute arbitrary code. With a carefully crafted compressed stream of data it is possible to make the library attempt to free the same pointer twice, which will cause the affected program to exit abnormally in most cases. However, it has already been demonstrated[7] that a double free() can be used in certain conditions to execute arbitrary code. Originally reported by Steven Sawkins to the authors for the 1.1.3 version of the library, the problem was initially not deemed a security vulnerability. More recently this issue was brought up again[4], this time by Matthias Clasen, and its security impact was realized after an analysis done by Owen Taylor. This update also addresses another problem[8] found by Ethan Benson in the rsync program. He found out that rsync fails to drop root's groups when switching to another uid/gid. SOLUTION Several hundred programs use zlib nowadays. There are basically three scenarios that will have to be taken into account for this update, besides having to update zlib itself, of course: a) services or programs which link dinamically with zlib. In this case, it is enough to update zlib and, IMPORTANT, restart all these services after updating the library. A quick way to check for these services is to issue the following command as root (the lsof package has to be installed): lsof | grep libz The first column shown by this command will be the name of the process that will have to be restarted. A few examples of processes that would have to be restarted if they were running are openssh, snort, mysql and others. If there is any doubt about which processes will have to be restarted, then it is best to reboot the machine. b) services or programs which link to the static version of zlib. These programs will have to be relinked against the fixed zlib package in order to remove the vulnerability. Such programs in the distribution were recompiled and are being updated through this advisory. "rpm" is such a case. In other cases, such as with the "vnc" package, the package was modified to use the dynamic version of the library, but it will have to be updated anyway. c) services or programs which, for one reason or the other, include and use their own copy of the zlib library instead of using the system provided one. In this case, that specific program or service will have to be patched and recompiled. Examples of this situation are rsync, gcc and the kernel. Another solution which is possible with some packages is to patch them to use, from now on, the system dynamic version of zlib. In any case, all such programs have to be updated individually, just updating the system zlib is again not enough. A few packages are not being updated through this advisory: kernel and netscape. Netscape will be updated as soon as a new binary version is released, and the kernel will be updated shortly. With the above scenarios in mind, we recommend the following update procedures: - apt-get users can proceed as usual. After apt upgrades the necessary packages, restart the services as described in a), and also restart any other service that was upgraded if it was already running. - users with a version of the distribution which does not support apt-get (CL < 6.0) will have to check which of the updated packages are installed on their systems and then download and update those packages manually. As with the previous case, all zlib dependant services will have to be restarted. Use the procedure described in a) to identify the running services dinamically linked to zlib, and also restart any service that is provided via this update if it is already running. If there is any doubt about which services have to be restarted, we recommend to reboot the machine. REFERENCES 1. http://www.zlib.org 2. http://www.kb.cert.org/vuls/id/368819 3. http://www.cert.org/advisories/CA-2002-07.html 4. http://bugzilla.gnome.org/show_bug.cgi?id=70594 5. http://www.gzip.org/zlib/advisory-2002-03-11.txt 6. http://online.securityfocus.com/bid/4267 7. http://online.securityfocus.com/bid/1739 8. http://bugs.debian.org/132272 DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/zlib-1.1.3-15U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/rsync-2.4.6-5U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/cvs-1.10.8-5U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/vnc-3.3.3-6U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/rpm-3.0.4-10U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/zlib-1.1.3-15U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/zlib-devel-1.1.3-15U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/zlib-devel-static-1.1.3-15U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/rsync-2.4.6-5U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/cvs-1.10.8-5U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/cvs-doc-1.10.8-5U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/vnc-3.3.3-6U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/rpm-3.0.4-10U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/rpm-devel-3.0.4-10U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/rpm-python-3.0.4-10U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/zlib-1.1.3-15U51_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/rsync-2.4.6-5U51_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/cvs-1.10.8-5U51_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/vnc-3.3.3-6U51_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/rpm-3.0.4-10U51_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/cvs-1.10.8-5U51_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/zlib-1.1.3-15U51_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/zlib-devel-1.1.3-15U51_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/zlib-devel-static-1.1.3-15U51_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/rsync-2.4.6-5U51_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/cvs-doc-1.10.8-5U51_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/vnc-3.3.3-6U51_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/rpm-3.0.4-10U51_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/rpm-devel-3.0.4-10U51_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/rpm-python-3.0.4-10U51_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/zlib-1.1.3-15U60_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/rsync-2.4.6-5U60_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/cvs-1.10.8-5U60_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/vnc-3.3.3-6U60_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/rpm-3.0.5-45U60_3cl.src.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/pngcrush-1.5.4-2U60_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/gcc-2.95.2-10U60_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/XFree86-4.0.1-35U60_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/zlib-1.1.3-15U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/rsync-2.4.6-5U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/zlib-devel-1.1.3-15U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/zlib-devel-static-1.1.3-15U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/cvs-1.10.8-5U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/cvs-doc-1.10.8-5U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/vnc-3.3.3-6U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/librpm-3.0.5-45U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/popt-1.5-45U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/popt-devel-1.5-45U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/popt-devel-static-1.5-45U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/popt-doc-1.5-45U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/rpm-3.0.5-45U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/rpm-build-3.0.5-45U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/rpm-devel-3.0.5-45U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/rpm-devel-static-3.0.5-45U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/rpm-doc-3.0.5-45U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/rpm2cpio-3.0.5-45U60_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/pngcrush-1.5.4-2U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/cpp-2.95.2-10U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gcc-2.95.2-10U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gcc-c++-2.95.2-10U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gcc-chill-2.95.2-10U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gcc-g77-2.95.2-10U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gcc-java-2.95.2-10U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gcc-objc-2.95.2-10U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/libgcj-2.95.2-10U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/libstdc++-2.95.2-10U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/libstdc++-devel-2.95.2-10U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/XFree86-devel-4.0.1-35U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/XFree86-Xvfb-4.0.1-35U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/XFree86-imstt-4.0.1-35U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/XFree86-Server-4.0.1-35U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/XFree86-4.0.1-35U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/XFree86-libs-4.0.1-35U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/XFree86-xfs-4.0.1-35U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/XFree86-Xnest-4.0.1-35U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/zlib-1.1.3-15U70_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/rsync-2.4.6-5U70_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/vnc-3.3.3-6U70_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/gcc-2.95.3-20U70_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/rpm-4.0.2-28U70_2cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/pngcrush-1.5.4-2U70_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/zlib-1.1.3-15U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/zlib-devel-1.1.3-15U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/zlib-devel-static-1.1.3-15U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/rsync-2.4.6-5U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/vnc-3.3.3-6U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cpp-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libgcj-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-c++-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-c++-doc-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-chill-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-chill-doc-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-doc-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-g77-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-g77-doc-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-java-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-java-doc-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-objc-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/gcc-objc-doc-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libgcj-devel-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libgcj-devel-static-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libgcj-doc-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/librpm-4.0.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/librpmbuild-4.0.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libstdc++-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libstdc++-devel-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libstdc++-doc-2.95.3-20U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/popt-1.6.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/popt-devel-1.6.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/popt-devel-static-1.6.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/popt-doc-1.6.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/python-rpm-4.0.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/rpm-4.0.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/rpm-build-4.0.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/rpm-devel-4.0.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/rpm-devel-static-4.0.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/rpm-doc-4.0.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/rpm2cpio-4.0.2-28U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/pngcrush-1.5.4-2U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-modules-xaa-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-i810-dri-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-sis-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-i128-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-dps-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-i740-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-modules-freetype-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-modules-fb-lowcolor-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-Xvfb-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-config-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-Xnest-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-GL-devel-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-modules-fb-multi-depths-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-trident-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-libs-Xaw6-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-siliconmotion-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/xterm-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-Xprt-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-chips-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-tseng-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-s3virge-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-mga-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-i810-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-devel-static-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-cirrus-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-glide-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-apm-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-xie-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-devel-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-common-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-xfs-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-modules-codeconv-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-libs-common-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-cyrix-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-misc-locales-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-vga-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-ark-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-modules-fb-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-libs-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-savage-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-modules-xtt-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-neomagic-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-modules-extended-input-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-vesa-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/rstart-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-tga-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-mga-dri-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-modules-afb-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-GL-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-bench-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-twm-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-libs-Xaw-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-rendition-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-progs-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-pex5-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-xdm-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-modules-cfb-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-manpages-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-ati-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-glint-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-Server-common-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-ati-dri-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-tdfx-dri-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-tdfx-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-proxy-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-fbdev-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-Server-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-nv-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-minimal-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/XFree86-xkb-4.0.3-26U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/zlib-1.1.3-15U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/rsync-2.4.6-5U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/cvs-1.10.8-5U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/vnc-3.3.3-6U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/rpm-3.0.4-10U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/zlib-1.1.3-15U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/zlib-devel-1.1.3-15U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/zlib-devel-static-1.1.3-15U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/rsync-2.4.6-5U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/cvs-1.10.8-5U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/cvs-doc-1.10.8-5U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/vnc-3.3.3-6U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/rpm-3.0.4-10U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/rpm-devel-3.0.4-10U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/rpm-python-3.0.4-10U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/zlib-1.1.3-15U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/rsync-2.4.6-5U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/cvs-1.10.8-5U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/vnc-3.3.3-6U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/rpm-3.0.4-10U50_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/zlib-1.1.3-15U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/zlib-devel-1.1.3-15U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/zlib-devel-static-1.1.3-15U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/rsync-2.4.6-5U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/cvs-1.10.8-5U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/cvs-doc-1.10.8-5U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/vnc-3.3.3-6U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/rpm-3.0.4-10U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/rpm-devel-3.0.4-10U50_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/rpm-python-3.0.4-10U50_1cl.i386.rpm ADDITIONAL INSTRUCTIONS Users of Conectiva Linux version 6.0 or higher may use apt to perform upgrades of RPM packages: - add the following line to /etc/apt/sources.list if it is not there yet (you may also use linuxconf to do this): rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates (replace 6.0 with the correct version number if you are not running CL6.0) - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions reagarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en - ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en - ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en - ------------------------------------------------------------------------- subscribe: conectiva-updates-subscribeat_private unsubscribe: conectiva-updates-unsubscribeat_private -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8kQed42jd0JmAcZARAqlzAJ4yz2Rrcb+xCICbi7WX822Dd00UGQCdEHDs slo5GsBpOBpvOOOwgduqm5s= =OwrD -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Thu Mar 14 2002 - 14:47:32 PST