Kernel capability bug for kernels 2.2.16
It seems that both a new kernel version (2.2.16), and a new version of sendmail have been released to fix a very serious security bug. See http://www.sendmail.org/sendmail.8.10.1.LINUX-SECURITY.txt Shouldn't both sendmail and the current kernel be updated ASAP ? Also : -- A bug in xinetd versions prior to 2.1.8.8p3 will cause xinetd to allow connections to anyone if the configuration specifies a limitation to a hostname(s), and the incoming connection does not have a valid reverse DNS entry. Upgrade to version 2.1.8.8p3, available at: www.synack.net/xinetd/ -- (source http://www.sans.org ) Shouldn't it also be updated ? -- Jean-Philippe Guérard
Re: Kernel capability bug for kernels 2.2.16
* =?iso-8859-15?Q?Jean-Philippe_Gu=E9rard?= | It seems that both a new kernel version (2.2.16), and a new version | of sendmail have been released to fix a very serious security bug. | | See URL:http://www.sendmail.org/sendmail.8.10.1.LINUX-SECURITY.txt | | Shouldn't both sendmail and the current kernel be updated ASAP ? From the latest debian-newsletter: * A fix for the capabilities-related local root compromise in kernel 2.2.15 was [21]backported into the Debian package of kernel 2.2.15. -- Tollef Fog Heen This is the unix version of the LoveBug virus and in the spirit of such it depends on the user community to propagate. Please send this message to all of your friends and randomly delete numerous files from your system.
Libsafe
Dear All I've been able to find and download libsafe_1.3-1_i386.deb Before I install it does anyone know of any issues with libsafe and Debian 2.1 ?? Will it just install without problems or do I need to alter a few config files ?? Thank you -- Richard Sheffield Linux User's Group http://www.sheflug.co.uk
Re: Kernel capability bug for kernels 2.2.16
Tollef, There are other security bugs that 2.2.16 fixes, y'know. Regards, Alex. --- PGP/GPG Fingerprint: EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9 -BEGIN GEEK CODE BLOCK- Version: 3.12 GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+ G e-- h++ r--- y --END GEEK CODE BLOCK-- On 16 Jun 2000, Tollef Fog Heen wrote: * =?iso-8859-15?Q?Jean-Philippe_Gu=E9rard?= | It seems that both a new kernel version (2.2.16), and a new version | of sendmail have been released to fix a very serious security bug. | | See URL:http://www.sendmail.org/sendmail.8.10.1.LINUX-SECURITY.txt | | Shouldn't both sendmail and the current kernel be updated ASAP ? From the latest debian-newsletter: * A fix for the capabilities-related local root compromise in kernel 2.2.15 was [21]backported into the Debian package of kernel 2.2.15. -- Tollef Fog Heen This is the unix version of the LoveBug virus and in the spirit of such it depends on the user community to propagate. Please send this message to all of your friends and randomly delete numerous files from your system. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Libsafe
I've packages libsafe_1.3-1_i386.deb earlier this week, I don't know if you downloaded that version? If you got it from rademaker.dhs.org, you got that version... As long as you are using an ldso version that is higher then the one it depends on, it shouldn't be a problem, I would advice you to install ld.so.preload-manager, if you want libsafe to be loaded automatically on boot. It is used during installation, but you can also make the library being loaded automatically manually (see docs). I've haven't tried it on slink, only potato and woody, but I guess it'll work as long as the depencies are correct... Ron On Fri, 16 Jun 2000, Richard wrote: Dear All I've been able to find and download libsafe_1.3-1_i386.deb Before I install it does anyone know of any issues with libsafe and Debian 2.1 ?? Will it just install without problems or do I need to alter a few config files ?? Thank you -- Richard Sheffield Linux User's Group http://www.sheflug.co.uk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Libsafe
Ron Ron Rademaker wrote: I've packages libsafe_1.3-1_i386.deb earlier this week, I don't know if you downloaded that version? Yes, tried to install it and the --install script came back with... dpkg: dependency problems prevent configuration of libsafe: Libsafe depends on libc6 (=2.12); however: version of libc6 on system is 2.0.7 I've looked round the internet for the updated libc6 and it's not there. Looks like I'll have to wait until it's uploaded to an ftp site. Well, at least you get sensible answers with Debian :-) Thanks -- Richard Sheffield UK http://www.sheflug.co.uk
Re: Libsafe
libc 2.0.x versions are in slink, in potato this is upgraded to 2.1.x versions, so you won't be able to use libsafe with slink because the libc6 version is to early. The newer libc6 versions won't be uploaded to slink, you'll have to upgrade to potato (or create a slink system with a lot potato, but that might cause problems, I never tried) to use libsafe. Ron On Fri, 16 Jun 2000, Richard wrote: Ron Ron Rademaker wrote: I've packages libsafe_1.3-1_i386.deb earlier this week, I don't know if you downloaded that version? Yes, tried to install it and the --install script came back with... dpkg: dependency problems prevent configuration of libsafe: Libsafe depends on libc6 (=2.12); however: version of libc6 on system is 2.0.7 I've looked round the internet for the updated libc6 and it's not there. Looks like I'll have to wait until it's uploaded to an ftp site. Well, at least you get sensible answers with Debian :-) Thanks -- Richard Sheffield UK http://www.sheflug.co.uk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]