[newbie] Red Hat Security Notices
Question: Can or should Mandrake 6.0 users install security patches from Red Hat, such as the one that was released this morning? The notice follows: Red Hat, Inc. Security Advisory Package in.telnetd Synopsis Denial of service attack in in.telnetd Advisory ID RHSA-1999:029-01 Issue Date 1999-08-19 Updated on Keywords telnet telnetd 1. Topic: A denial of service attack has been fixed in in.telnetd. 2. Bug IDs fixed: 4560 3. Relevant releases/architectures: Red Hat Linux 6.0, all architectures 4. Obsoleted by: None 5. Conflicts with: None 6. RPMs required: Intel: ftp://updates.redhat.com/6.0/i386/ telnet-0.10-29.i386.rpm Alpha: ftp://updates.redhat.com/6.0/alpha telnet-0.10-29.alpha.rpm SPARC: ftp://updates.redhat.com/6.0/sparc telnet-0.10-29.sparc.rpm Source: ftp://updates.redhat.com/6.0/SRPMS telnet-0.10-29.src.rpm Architecture neutral: ftp://updates.redhat.com/6.0/noarch/ 7. Problem description: in.telnetd attempts to negotiate a compatible terminal type between the local and remote host. By setting the TERM environment variable before connecting, a remote user could cause the system telnetd to open files it should not. Depending on the TERM setting used, this could lead to denial of service attacks. Thanks go to Michal Zalewski and the Linux Security Audit team for noting this vulnerability. 8. Solution: For each RPM for your particular architecture, run: rpm -Uvh where filename is the name of the RPM. 9. Verification: MD5 sum Package Name - 4360d47490f13d60b8737d28dc88825a i386/telnet-0.10-29.i386.rpm 90213fcdca41a3ed12ab7d92344e7286 alpha/telnet-0.10-29.alpha.rpm 277787dbc39dff8ea84d4b16dcb7a954 sparc/telnet-0.10-29.sparc.rpm 269783a0754d234f7bef0f4717a8dbc2 SRPMS/telnet-0.10-29.src.rpm These packages are also PGP signed by Red Hat Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig filename If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nopgp filename 10. References: Erik Gellatly Salem, Oregon
RE: [newbie] Red Hat Security Notices
I am not an expert but my initial thoughts would be that you might want to get the source files rather than the RPM's. My line on this one is that the RedHat RPM is compiled for the i386. I am assumming that there would be something in the configuration setup of the source for compiling it with i586 optimizations, thereby keeping it in line with the current philosophy of an operating system optimized for the i586. Just my thoughts. I welcome any corrections to this thinking anyone more knowledgeable might add to this. Also, one might want to check the Mandrake update list to see if this has possibly been handled and is available as an i586 RPM. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Erik Gellatly Sent: Friday, August 20, 1999 9:06 AM To: [EMAIL PROTECTED] Subject: [newbie] Red Hat Security Notices Question: Can or should Mandrake 6.0 users install security patches from Red Hat, such as the one that was released this morning? The notice follows: Red Hat, Inc. Security Advisory Package in.telnetd Synopsis Denial of service attack in in.telnetd Advisory ID RHSA-1999:029-01 Issue Date 1999-08-19 Updated on Keywords telnet telnetd 1. Topic: A denial of service attack has been fixed in in.telnetd. 2. Bug IDs fixed: 4560 3. Relevant releases/architectures: Red Hat Linux 6.0, all architectures 4. Obsoleted by: None 5. Conflicts with: None 6. RPMs required: Intel: ftp://updates.redhat.com/6.0/i386/ telnet-0.10-29.i386.rpm Alpha: ftp://updates.redhat.com/6.0/alpha telnet-0.10-29.alpha.rpm SPARC: ftp://updates.redhat.com/6.0/sparc telnet-0.10-29.sparc.rpm Source: ftp://updates.redhat.com/6.0/SRPMS telnet-0.10-29.src.rpm Architecture neutral: ftp://updates.redhat.com/6.0/noarch/ 7. Problem description: in.telnetd attempts to negotiate a compatible terminal type between the local and remote host. By setting the TERM environment variable before connecting, a remote user could cause the system telnetd to open files it should not. Depending on the TERM setting used, this could lead to denial of service attacks. Thanks go to Michal Zalewski and the Linux Security Audit team for noting this vulnerability. 8. Solution: For each RPM for your particular architecture, run: rpm -Uvh where filename is the name of the RPM. 9. Verification: MD5 sum Package Name - 4360d47490f13d60b8737d28dc88825a i386/telnet-0.10-29.i386.rpm 90213fcdca41a3ed12ab7d92344e7286 alpha/telnet-0.10-29.alpha.rpm 277787dbc39dff8ea84d4b16dcb7a954 sparc/telnet-0.10-29.sparc.rpm 269783a0754d234f7bef0f4717a8dbc2 SRPMS/telnet-0.10-29.src.rpm These packages are also PGP signed by Red Hat Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig filename If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nopgp filename 10. References: Erik Gellatly Salem, Oregon
Re: [newbie] Red Hat Security Notices
Erikthere's no need as that update (specifically for mdk 6.0) was on the mirror server I use this morning, see below: 08/20/99 01:03AM 56,757 telnet-0.12-10mdk.i586.rpm 08/20/99 01:03AM 26,002 telnet-server-0.12-10mdk.i586.rpm Just use the update icon on your KDE desktop and you'll get all the updates. Alan -Original Message- From: Erik Gellatly [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] Date: Friday, August 20, 1999 9:35 AM Subject: [newbie] Red Hat Security Notices Question: Can or should Mandrake 6.0 users install security patches from Red Hat, such as the one that was released this morning? The notice follows: Red Hat, Inc. Security Advisory Package in.telnetd Synopsis Denial of service attack in in.telnetd Advisory ID RHSA-1999:029-01 Issue Date 1999-08-19 Updated on Keywords telnet telnetd 1. Topic: A denial of service attack has been fixed in in.telnetd. 2. Bug IDs fixed: 4560 3. Relevant releases/architectures: Red Hat Linux 6.0, all architectures 4. Obsoleted by: None 5. Conflicts with: None 6. RPMs required: Intel: ftp://updates.redhat.com/6.0/i386/ telnet-0.10-29.i386.rpm Alpha: ftp://updates.redhat.com/6.0/alpha telnet-0.10-29.alpha.rpm SPARC: ftp://updates.redhat.com/6.0/sparc telnet-0.10-29.sparc.rpm Source: ftp://updates.redhat.com/6.0/SRPMS telnet-0.10-29.src.rpm Architecture neutral: ftp://updates.redhat.com/6.0/noarch/ 7. Problem description: in.telnetd attempts to negotiate a compatible terminal type between the local and remote host. By setting the TERM environment variable before connecting, a remote user could cause the system telnetd to open files it should not. Depending on the TERM setting used, this could lead to denial of service attacks. Thanks go to Michal Zalewski and the Linux Security Audit team for noting this vulnerability. 8. Solution: For each RPM for your particular architecture, run: rpm -Uvh where filename is the name of the RPM. 9. Verification: MD5 sum Package Name - 4360d47490f13d60b8737d28dc88825a i386/telnet-0.10-29.i386.rpm 90213fcdca41a3ed12ab7d92344e7286 alpha/telnet-0.10-29.alpha.rpm 277787dbc39dff8ea84d4b16dcb7a954 sparc/telnet-0.10-29.sparc.rpm 269783a0754d234f7bef0f4717a8dbc2 SRPMS/telnet-0.10-29.src.rpm These packages are also PGP signed by Red Hat Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig filename If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nopgp filename 10. References: Erik Gellatly Salem, Oregon
