Security Update: [CSSA-2002-007.0] Linux: Updated Caldera Public Keys

From: securityat_private
Date: Thu Mar 28 2002 - 17:18:24 PST

Next message: securityat_private: "Security Update: [CSSA-2002-012.0] Linux: OpenSSH channel code vulnerability"

Previous message: Alexander K. Yezhov: "Anonymizer, MSIE, images ..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: bugtraqat_private announceat_private linuxlistat_private security-alertsat_private

______________________________________________________________________________
		   Caldera International, Inc.  Security Advisory

Subject:		Linux: Updated Caldera Public Keys
Advisory number: 	CSSA-2002-007.0
Issue date: 		2002, March 13
Cross reference:
______________________________________________________________________________


1. Problem Description

   Caldera has generated new security keys. These keys are already in the
   3.1.1 product.


2. Vulnerable Supported Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux Server 3.1          All packages previous to      
                                 OpenLinux-newkeys-2002-1      
   
   OpenLinux Workstation 3.1     All packages previous to      
                                 OpenLinux-newkeys-2002-1      
   
   OpenLinux Server 3.1.1        n/a
   
   OpenLinux Workstation         n/a
   3.1.1                                                       
   


3. Solution

   Workaround

     none

   The proper solution is to upgrade to the latest packages.


4. OpenLinux 3.1 Server

    4.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS

   4.2 Verification

       850746580805193cdfc930e60ad30ab2  RPMS/OpenLinux-newkeys-2002-1.i386.rpm
       39d49b8e3a028181c1ec609a71b11e74  SRPMS/OpenLinux-newkeys-2002-1.src.rpm
       

   4.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh OpenLinux-newkeys-2002-1.i386.rpm
         

5. OpenLinux 3.1 Workstation

    5.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS

   5.2 Verification

       850746580805193cdfc930e60ad30ab2  RPMS/OpenLinux-newkeys-2002-1.i386.rpm
       39d49b8e3a028181c1ec609a71b11e74  SRPMS/OpenLinux-newkeys-2002-1.src.rpm
       

   5.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh OpenLinux-newkeys-2002-1.i386.rpm
         

6. OpenLinux 3.1.1 Server

    n/a

7. OpenLinux 3.1.1 Workstation

    n/a


8. References

   This and other Caldera security resources are located at:

   http://www.caldera.com/support/security/index.html

   This security fix closes Caldera's internal Problem Report sr860753.


9. Disclaimer

   Caldera International, Inc. is not responsible for the misuse of
   any of the information we provide on this website and/or through our
   security advisories. Our advisories are a service to our customers
   intended to promote secure installation and use of Caldera International
   products.

______________________________________________________________________________

application/pgp-signature attachment: stored

Next message: securityat_private: "Security Update: [CSSA-2002-012.0] Linux: OpenSSH channel code vulnerability"
Previous message: Alexander K. Yezhov: "Anonymizer, MSIE, images ..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Mar 29 2002 - 13:30:15 PST