Red Hat Linux 5.1 Errata

16-Apr-1999: NFS
16-Apr-1999: procmail
16-Apr-1999: lpr
01-Apr-1999: XFree86
01-Apr-1998: pine
01-Apr-1998: mutt
01-Apr-1998: zgv
01-Apr-1999: sysklog
19-Feb-1999: kernel
09-Feb-1999: wu-ftpd
09-Feb-1999: minicom
02-Feb-1999: Xconfigurator
19-Jan-1999: fvwm2
03-Jan-1999: pam
22-Dec-1998: ftp client
22-Dec-1998: Netscape
17-Nov-1998: samba
13-Nov-1998: libc5
06-Nov-1998: svgalib
23-Sep-1998: man
23-Sep-1998: rpm
09-Sep-1998: bash
28-Aug-1998: xscreensaver
28-Aug-1998: linuxconf
11-Aug-1998: apache
05-Aug-1998: imapd
05-Aug-1998: perl
30-Jul-1998: SysVinit
30-Jul-1998: REAL
30-Jul-1998: modutils and kernel (Sparc)
24-Jul-1998: ncurses
24-Jul-1998: initscripts
24-Jul-1998: fetchmail
24-Jul-1998: glint
24-Jul-1998: ispell
24-Jul-1998: tcp-wrappers
24-Jul-1998: inn
20-Jul-1998: am-utils
20-Jul-1998: sh-utils
15-Jul-1998: installing from tape (Sparc)
15-Jul-1998: tftpboot.img (Sparc)
15-Jul-1998: boot.img (Sparc)
15-Jul-1998: booting from CD-ROM (Sparc)
15-Jul-1998: install not seeing partitions (Sparc)
15-Jul-1998: ypserv
15-Jul-1998: glibc
08-Jul-1998: man (Alpha)
02-Jul-1998: libtermcap
02-Jul-1998: dosemu
30-Jun-1998: boot-disk
30-Jun-1998: tin
30-Jun-1998: slang
30-Jun-1998: bind
30-Jun-1998: metamail
30-Jun-1998: mailx
23-Jun-1998: elm
11-Jun-1998: dhcp
10-Jun-1998: patch
10-Jun-1998: tmpwatch
10-Jun-1998: libjpeg, et al
10-Jun-1998: emacs
10-Jun-1998: findutils
10-Jun-1998: kernelcfg
05-Jun-1998: fstool,usertool,cabaret
05-Jun-1998: netkit-base
02-Jun-1998: dhcpcd
01-Jun-1998: bootp
01-Jun-1998: xosview

Package: NFS
Updated: 16-Apr-1999
Problem:
- (16-Apr-1999)Update to the latest
  Same as before. We are moving NFS Updates to the top of the list and also updating it to the latest version. If you have an older version installed, please update.
- (03-Jan-1999)Security Fix -- Risk High
  Due to many reports of continued security breaches from NFS, we are moving the NFS update to the top of the list to make sure people update to it if they have not already.
- (16-Oct-1998)Notice: CERT has released a bulletin detailing this security hole. The fix released in August covered this problem. I don't know why it took CERT so long to catch up, but I am moving this to the top of the errata since many people have been confused by the delay.
- (28-Aug-1998)Security Fix: Potential security problems have been identified in all versions of nfs-server packages shipped with Red Hat Linux.
  Users of Red Hat Linux are recommended to upgrade to the new packages available under updates directory on our ftp site.
Solution:
- Intel: Upgrade to:
  nfs-server-2.2beta40-1.i386.rpm
  nfs-server-clients-2.2beta40-1.i386.rpm
- Alpha: Upgrade to:
  nfs-server-2.2beta40-1.alpha.rpm
  nfs-server-clients-2.2beta40-1.alpha.rpm
- SPARC: Upgrade to:
  nfs-server-2.2beta40-1.sparc.rpm
  nfs-server-clients-2.2beta40-1.sparc.rpm
Package: procmail
Updated: 16-Apr-1999
Problem:
- (16-Apr-1999):Security Fix
  
  Potential security problems have been identified in all the procmail packages shipped with Red Hat Linux. Currently Red Hat is not aware of any exploits built on these vulnerabilities.
  Red Hat would like to thank the members of the Bugtraq list for reporting these problems and the authors of procmail for quickly providing an update.
  Users of Red Hat Linux are recommended to upgrade to the new packages available under updates directory on our ftp site:
Solution:
- Intel: Upgrade to:
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/i386/procmail-3.13.1-1.i386.rpm
- Alpha: Upgrade to:
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/alpha/procmail-3.13.1-1.alpha.rpm
- SPARC: Upgrade to:
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/sparc/procmail-3.13.1-1.sparc.rpm
Package: lpr
Updated: 16-Apr-1999
Problem:
- (16-Apr-1999):Security Fix
  Security vulnerabilities have been found in the versions of lpr that ship with Red Hat Linux. Thanks go to the Linux Security Audit team for discovering the vulnerability. It is recommended that all users of Red Hat Linux upgrade to the new packages.
Solution:
- Intel: Upgrade to:
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/i386/lpr-0.35-0.5.2.i386.rpm
- Alpha: Upgrade to:
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/alpha/lpr-0.35-0.5.2.alpha.rpm
- SPARC: Upgrade to:
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/sparc/lpr-0.35-0.5.2.sparc.rpm
Package: XFree86
Updated: 01-Apr-1999
Problem:
- (01-Apr-1999) Security Fix:
  Security vulnerabilities have been identified in the XFree86 packages that ship with Red Hat Linux. This security problem can allow local users to get write access to directories that they are otherwise not able to write to.
  Red Hat would like to thank the members of the BUGTRAQ mailing list, the members of the Linux Security Audit team, and others. All users of Red Hat Linux are encouraged to upgrade to the new packages immediately. As always, these packages have been signed with the Red Hat PGP key.
- (22-Jan-1999)
  New RPMs for XFree86 3.3.3.1 (X11) are available for Red Hat Linux 4.2 and 5.x on all platforms. This new release is primarily a bugfix release. It corrects problems with a few drivers (especially the 3D Labs slowdown problem), fixes Russian KOI8 font support, and fixes the font server xfs, which was inadvertently broken in our release of XFree86 3.3.3. Please see the official release notes at http://www.xfree86.org/#news for further information.
Solution:
In some circumstances, you may be required to add --force and/or --nodeps to the rpm command line options to insure a proper upgrade. Add these options if the command line given gives an error. Also as with all newer RPM packages you will need to upgrade to the latest RPM before installing these packages.
- Intel:
  All updates can be found at ftp updates
  Required RPMS
  You will want one of the following RPMS for your video card.
  Server RPMS
  You might want one or more of these RPMS if you do development.
  Optional RPMS
  Further Instructions For instructions on upgrading users should read the Red Hat XFree86 upgrade howto. This document is in its initial drafts, but should be useful.
- Alpha: Upgrade to:
  All updates can be found at ftp updates
  1. Make sure that you are running RPM 2.5.3 or later before proceeding. Upgrade as follows:
    rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.1/en/os/alpha/rpm-2.5.3-5.1.alpha.rpm
  2. Upgrade your X server. The package you need is dependent on which video card you have. Get the server which matches your card.
  3. Upgrade your X libraries and base install
    rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/alpha/XFree86-libs-3.3.3.1-1.1.alpha.rpm rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/alpha/XFree86-3.3.3.1-1.1.alpha.rpm
  4. Optionally, upgrade the additional X packages, such as fonts, devel, etc.
- SPARC: Upgrade to:
  All updates can be found at ftp updates
  1. Make sure that you are running RPM 2.5.3 or later before proceeding. Upgrade as follows:
    rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.1/en/os/sparc/rpm-2.5.3-5.1.alpha.rpm
  2. Upgrade your X server. The package you need is dependent on which frame buffer your SPARC has. Get the server which matches your card.
  3. Upgrade your X libraries and base install:
    rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/sparc/XFree86-libs-3.3.3.1-1.1.sparc.rpm rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/sparc/XFree86-3.3.3.1-1.1.sparc.rpm
  4. Optionally, upgrade the additional X packages, such as fonts, devel, etc.
  5. If a link named /etc/X11/X does not exist, pointing at the proper X server that you use (for instance, /usr/X11R6/bin/Xsun), create it now.
Package: pine
Updated: 01-Apr-1999
Problem:
- (01-Apr-1999):Security Fix
  
  An problem in the mime handling code could allow a remote user to execute certain commands on a local system.
  Red Hat would like to thank the members of the BUGTRAQ mailing list, the members of the Linux Security Audit team, and others. All users of Red Hat Linux are encouraged to upgrade to the new packages immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
- Intel: Upgrade to
  rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.1/en/os/i386/pine-3.96-8.1.i386.rpm
- Alpha: Upgrade to
  rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.1/en/os/alpha/pine-3.96-8.1.alpha.rpm
- SPARC: Upgrade to
  rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.1/en/os/sparc/pine-3.96-8.1.sparc.rpm
Package: mutt
Updated: 01-Apr-1999
Problem:
- (01-Apr-1999):Security Fix
  
  An problem in the mime handling code could allow a remote user to execute certain commands on a local system.
  Red Hat would like to thank the members of the BUGTRAQ mailing list, the members of the Linux Security Audit team, and others. All users of Red Hat Linux are encouraged to upgrade to the new packages immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
- Intel: Upgrade to
  rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.1/en/os/i386/mutt-0.95.4us-0.i386.rpm
- Alpha: Upgrade to
  rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.1/en/os/alpha/mutt-0.95.4us-0.alpha.rpm
- SPARC: Upgrade to
  rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.1/en/os/sparc/mutt-0.95.4us-0.sparc.rpm
Package: zgv
Updated: 01-Apr-1999
Problem:
- (01-Apr-1999):Security Fix
  Local users could gain root access.
  Red Hat would like to thank the members of the BUGTRAQ mailing list, the members of the Linux Security Audit team, and others. All users of Red Hat Linux are encouraged to upgrade to the new packages immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
- Intel: Upgrade to:
  rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.1/en/os/i386/zgv-3.0-5.1.i386.rpm
Package: Sysklogd
Updated: 01-Apr-1999
Problem:
- (01-Apr-1999):Security Fix
  An overflow in the parsing code could lead to crashes of the system logger.
  Red Hat would like to thank the members of the BUGTRAQ mailing list, the members of the Linux Security Audit team, and others. All users of Red Hat Linux are encouraged to upgrade to the new packages immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
- Intel: Upgrade to:
  rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/i386/sysklogd-1.3.31-0.5.i386.rpm
- Alpha: Upgrade to:
  rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/alpha/sysklogd-1.3.31-0.5.alpha.rpm
- Sparc: Upgrade to:
  rpm -Uvh ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/sparc/sysklogd-1.3.31-0.5.sparc.rpm
Further Instructions
Once you have downloaded the sysklogd package for your architecture, you will need to do the following as root:
rpm -Uvh sysklogd*rpm /etc/rc.d/init.d/syslog restart
Package: Kernel
Updated: 19-Feb-1999
Problem:
- (19-Feb-1999):Update
  Updated to reflect RPM's on ftp site.
- (03-Jan-1999):New Drivers
  
  Red Hat has further patched the standard 2.0.36 kernel with updated drivers for the Adaptec 7xxx cards, NCR scsi, 3com 905B, and some other patches.
- (08-Dec-1998):Security Fix
  
  Several security holes were found in the Linux kernel and patched in the 2.0.36 kernel. Users should upgrade to patch these problems. The announcement can be found here.
  Important: You need to make sure you have the latest initscripts and SysVinit packages.
Solution:
- Intel: Upgrade to:
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/i386/kernel-2.0.36-3.i386.rpm ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/i386/kernel-ibcs-2.0.36-3.i386.rpm
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/i386/kernel-pcmcia-cs-2.0.36-3.i386.rpm
  
  Optional Packages
  kernel-headers-2.0.36-3.i386.rpm
  kernel-source-2.0.36-3.i386.rpm
- Alpha: Upgrade to:
  kernel-headers-2.0.36-3.alpha.rpm
  kernel-source-2.0.36-3.alpha.rpm
  
  You will need to recompile the source code for your platform.
- SPARC: Upgrade to:
  
  Due to differences between versioning, Red Hat has patched the 2.0.35 kernel with the security fixes that are in the 2.0.36 kernel.
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/sparc/kernel-headers-2.0.35-15.sparc.rpm
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/sparc/kernel-source-2.0.35-15.sparc.rpm
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/sparc/kernel-sparc-2.0.35-15.sparc.rpm (for 4c or non-smp 4m
  ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/sparc/kernel-sparc-smp-2.0.35-15.sparc.rpm (for smp sun4m boxes)
Further Instructions For instructions on upgrading users should read the Red Hat kernel upgrade howto. While the howto focuses on intel, there are sub chapters for upgrading alpha and sparc machines.
Package: wu-ftpd
Updated: 09-Feb-1999
Problem:
- (09-Feb-1999):Security Fix
  
  A security vulnerability has been identified in all versions of the wu-ftpd server binary shipped with Red Hat Linux. For more information, see http://www.netect.com/advisory_0209.html
  New packages are available, and all users of Red Hat Linux are encouraged to upgrade to the new wu-ftpd releases immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
- Intel: Upgrade to ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/i386/wu-ftpd-2.4.2b18-2.1.i386.rpm
- Alpha: Upgrade to ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/alpha/wu-ftpd-2.4.2b18-2.1.alpha.rpm
- Sparc: Upgrade to ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/sparc/wu-ftpd-2.4.2b18-2.1.sparc.rpm
Package: minicom
Updated: 09-Feb-1999
Problem:
- (09-Feb-1999) Security Fix:
  
  Current minicom packages have permissions set to allow all users to access a modem on a system. This update fixes this problem limiting users to those listed in the minicom configuration file.
  New packages are available for the supported versions of Red Hat Linux. All users of Red Hat Linux are encouraged to upgrade to the new minicom releases immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
- Intel: Upgrade to ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/i386/minicom-1.82-3.alpha.rpm
- Alpha: Upgrade to ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/alpha/minicom-1.82-3.alpha.rpm
- Sparc: Upgrade to ftp://archive.download.redhat.com/pub/redhat/linux/updates/5.2/en/os/sparc/minicom-1.82-3.sparc.rpm
Package: Xconfigurator
Updated: 17-Feb-1999
Problem:
- (17-Feb-1999):Important Notice
  The Xconfigurator rpm was not supposed to be released for 5.1 as it needs several 5.2 applications to work properly. We apologize for this mistake.
- (02-Feb-1999):Notice
  An updated version of Xconfigurator has been released to work with XFree86-3.3.3.1. Xconfigurator can be subsituted for XF86Setup in the setup stage of your video card.
Solution:
- Intel: Upgrade to:
  There is no version of Xconfigurator for 5.1
- Alpha: Upgrade to:
  There is no version of Xconfigurator for 5.1
- SPARC: Upgrade to:
  There is no version of Xconfigurator for 5.1
Package: FVWM2
Updated: 19-Jan-1999
Problem:
- (19-Jan-1999):Notice
  Users who update to the latest XFree86 also need to update to the latest FVWM2 rpms for AnotherLevel (Red Hat default window manager) to work.
Solution:
- Intel: Upgrade to:
  fvwm2-2.0.46-12.i386.rpm
  fvwm2-icons-2.0.46-12.i386.rpm
- Alpha: Upgrade to:
  fvwm2-2.0.46-12.alpha.rpm
  fvwm2-icons-2.0.46-12.alpha.rpm
- SPARC: Upgrade to:
  fvwm2-2.0.46-12.sparc.rpm
  fvwm2-icons-2.0.46-12.sparc.rpm
Package: pam
Updated: 02-Jan-1999
Problem:
- (02-Jan-1999)Security Fix:
  1. Risk level: SMALL
    
    The default configuration as shipped with the supported releases of Red Hat Linux is not vulnerable to this problem.
  2. Description
    
    A race condition that can be exploited under some particular scenarios has been identified in all versions of the Linux-PAM library shipped with all versions of Red Hat Linux. The vulnerability is exhibited in the pam_unix_passwd.so module included in Red Hat Linux, but *not* used by either of the 4.2 or 5.x releases. Red Hat Linux uses the pam_pwdb.so module for performing PAM authentication.
    You are at risk if you enabled pam_unix_passwd.so and are using it instead of the pam_pwdb.so module. An exploit occurs when an user with a umask setting of 0 is trying to change the login password.
    As of this release there are no known exploits of this security problem.
Solution:
- Intel: Upgrade to pam-0.64-4.i386.rpm
- Alpha: Upgrade to pam-0.64-4.alpha.rpm
- SPARC: Upgrade to pam-0.64-4.sparc.rpm
Package: FTP client
Updated: 22-Dec-1998
Problem:
- (22-Dec-1998):Security
  
  A security vulnerability has been identified in all versions of the ftp client binary shipped with Red Hat Linux. An exploit for this vulnerability would have to rely on getting the user to connect using passive mode to a server running a ftp daemon under the attacker's control. As of this release time there are no known exploits of this security problem.
  All users of Red Hat Linux are encouraged to upgrade to the new package releases immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
- Intel: Upgrade to:
  ftp-client (i386)
- Alpha: Upgrade to:
  ftp-client (alpha)
- SPARC: Upgrade to:
  ftp-client (sparc)
Further Instructions
Once you have downloaded the NetKit package for your architecture, you will need to do the following as root:
rpm -Uvh ftp-0.10-4*rpm
Package: Netscape
Updated: 22-Dec--1998
Problem:
- (22-Dec-1998) Security Update:
  
  Various security vulnerabilities have been found in versions of Netscape Navigator and Communicator as shipped with Red Hat Linux. More information on the security vulnerabilities is available at Netscape
  It is recommended that users of Red Hat Linux upgrade to the new packages available on our FTP site:
- (30-Aug-1998) Security Update:
  Updated versions of Netscape compiled with glibc libraries are available for download. These fix minor security problems with Java class libraries.
Package: samba
Updated: 17-Nov-1998
Problem:
- (17-Nov-1998) Security Fix:
  
  Following our announcement yesterday about new samba packages being available for our 5.2 release we have received reports that samba packages available for older releases of Red Hat Linux might be vulnerable as well.
  As a result of this concern we are making available new samba packages for all supported releases of Red Hat Linux. We apologize for not doing so yesterday, when we tried to address a specific reported vulnerability.
  Once again we express our thanks to Andrew Tridgell and the Samba team for their assistance in addressing this problem.
- (14-Jul-1998) Security Fix:
  Serious security problems have been found in all versions of Samba shipped with Red Hat Linux. All users of samba should upgrade to the latest version, and restart samba with: /etc/rc.d/init.d/smb stop; /etc/rc.d/init.d/smb start as soon as possible.
Solution:
- Alpha: Upgrade to samba-1.9.18p10-5.alpha.rpm
- Intel: Upgrade to samba-1.9.18p10-5.i386.rpm
- SPARC: Upgrade to samba-1.9.18p10-5.sparc.rpm
Further Instructions
Once you have downloaded the samba package for your architecture, you will need to do the following as root:
rpm -Uvh samba*rpm /etc/rc.d/init.d/smb restart
Package: libc5
Updated: 13-Nov-1998
Problem:
- (13-Nov-1998) Security Fix:
  A buffer overflow has been identified in all versions of the libc 5 packages shipped with Red Hat Linux. The most affected systems are those that are libc 5 based (Red Hat Linux 4.2 and older). Only Intel and Sparc architectures are affected.
  The Red Hat Linux 5.x releases are glibc (libc 6) based, and Red Hat does not ship any binaries linked against libc 5 that might be used for compromising the system's security. However, Red Hat Linux 5.x releases do include for backwards compatibility a package containg a vulnerable library.
  Users of Red Hat Linux are recommended to upgrade to the new packages available under updates directory on our ftp site:
  rpm -Uvh libc-5.3.12-28.i386.rpm
Solution:
- Intel: Upgrade to:
  libc-5.3.12-28.i386.rpm
Package: svgalib
Updated: 06-Nov-1998
Problem:
- (06-Nov-1998) Security Fix:
  svgalib has been found to leak file descriptors to /dev/mem. Red Hat would like to thank the users of the BUGTRAQ security list for identifying the problem and Kevin Vajk for providing a fix. Users of Red Hat Linux are recommended to upgrade to the new packages available under the updates directory on our ftp site: To upgrade this package use the rpm command:
```
         
          rpm -Uvh svgalib-1.2.13-6

          
```
- (27-Jun-1997) Security Fix:
  Minor security problems have been found by the Linux Security Auditing group in svgalib which allow users to make the console unuseable.
Solution:
- Intel: Upgrade to:
  svgalib-1.2.13-6.i386.rpm
  svgalib-devel-1.2.13-6.i386.rpm
man
Updated: 23-Sep-1998
Problem:
- This package fixed bad man page links.
Solution:
- Intel: Upgrade to man-1.5d-3.i386.rpm
- Alpha: Upgrade to man-1.5d-3.alpha.rpm
Package: rpm
Updated: 23-Sep-1998
Problem:
- (23-Sep-1998): Several small cosmetic fixes have been found to get the 2.5.3 version of RPM to work as older versions did. Users will need to do the following as root:
  1. several symbolic links will need to be made for glint and similar programs to work.
    cd /usr/lib ln -s rpm/rpmrc ./rpmrc ln -s rpm/rpmpopt ./rpmpopt
  2. In addition, users on older Red Hat systems (5.0, 4.2, ...) who wish to use rpm to recompile programs from src rpm's will need to insure that the file /usr/lib/rpm/rpmrc contains correct paths for the compression programs gzip and bzip2. The two lines in /usr/lib/rpm/rpmrc that tell rpm the location of these programs are typically
    gzipbin: /bin/gzip bzip2bin: /usr/bin/bzip2
- (10-Sep-1998): A newer version of RPM will be needed to upgrade security packages from now on. This version of rpm fixes various problems that were found in the previous version.
- (02-Jul-1998)
  RPM reports problems with failed trigger scripts.
Solution:
- Intel: Upgrade to:
  rpm-2.5.3-5.1.i386.rpm
  rpm-devel-2.5.3-5.1.i386.rpm
- Alpha: Upgrade to:
  rpm-2.5.3-5.1.alpha.rpm
  rpm-devel-2.5.3-5.1.alpha.rpm
- SPARC: Upgrade to:
  rpm-2.5.3-5.1.sparc.rpm
  rpm-devel-2.5.3-5.1.sparc.rpm
Package: bash
Updated: 09-Sep-1998
Problem:
- (09-Sep-1998) Security Fix:
  A security vulnerability has been identified in all versions of bash shipped with Red Hat Linux. Details on the nature of the bug have been posted recently to the BUGTRAQ security list.
  The bug is not immediately exploitable - it will require that a user with shell account on one machine create a carefully constructed directory structure and then wait for somebody else with a root account to cd into that directory.
  Red Hat would like to thank Joao Manuel Carolino , Fiji , and Razvan Dragomirescu for identifying this bug and Wichert Akkerman for providing an idea of a fix.
Solution:
- Intel: Upgrade to bash-1.14.7-11.i386.rpm
- Alpha: Upgrade to bash-1.14.7-11.alpha.rpm
- SPARC: Upgrade to bash-1.14.7-11.sparc.rpm
Package: xscreensaver
Updated: 29-Aug-1998
Problem:
- (29-Aug-1998) This update fixes problems with core dumps in the xlyap function of xscreensaver. Thanks to the many people reporting this on the redhat list.
- (10-Jun-1998) Security Fix:
  Various, minor security problems were found in this package. Thanks to Jamie Zawinski for fixing this.
Solution:
- Intel: Upgrade to xscreensaver-2.27-1.i386.rpm
- Alpha: Upgrade to xscreensaver-2.27-1.alpha.rpm
- SPARC: Upgrade to xscreensaver-2.27-1.sparc.rpm
Package: linuxconf
Updated: 28-Aug-1998
Problem:
- (28-Aug-1998) Security Fix:
  A potential security hole has been found and fixed in the linuxconf package in Red Hat Linux 5.1. No exploit is currently known. If the security hole is exploited, hosts that you explicitly trust to administer linuxconf could be capable of gaining root access. In older versions of linuxconf, the local ethernet network is trusted by default (except when configured via BOOTP or DHCP); in linuxconf-1.11r18-3rh, no hosts are trusted by default. The linuxconf-1.11r18-3rh package fixes the security hole, and also fixes a number of other small bugs that have been discovered since the last release. SPARC users: This release does NOT fix the bug that keeps linuxconf from displaying properly; the bug is in glibc, and a glibc update is waiting for unrelated sparc bugs in glibc to be fixed. For now, run the command "rpm -e gnome-linuxconf gecko" and you will be able to use linuxconf in its less-nice-looking native mode. Sorry. We will soon release a glibc update which will allow linuxconf to work correctly with gecko and gnome-linuxconf; in the meantime, you do want to upgrade linuxconf because of the potential security concern.
- (01-Jun-1998) Security Fix:
  The linuxconf package was setuid root. This creates the potential for security holes that allow attackers to gain root access to your machine.
  You can immediately remove the danger by logging in as root and running the command:
```
	chmod -s /bin/linuxconf
	
```
  We also recommend that you update to the latest version of linuxconf, linuxconf-1.11r11-rh3, which fixes this bug.
Solution:
- Intel: Upgrade to linuxconf-1.11r18-3rh.i386.rpm
- Alpha: Upgrade to linuxconf-1.11r18-3rh.alpha.rpm
Package: apache
Updated: 11-Aug-1998
Problem:
- (11-Aug-1998)Security Fix:
  A denial-of-service attack against the Apache web server has been found which lets remote sites disable your web server. This attack does not let remote users gain any sort of access to your computer, nor does it let local users gain any special access.
  Red Hat recommends upgrading apache on systems which are functioning as Internet servers.
  rpm -Uvh apache-1.2.6-5*rpm /etc/rc.d/init.d/httpd stop /etc/rc.d/init.d/httpd start
Solution:
- Intel: Upgrade to apache-1.2.6-5.i386.rpm
- Alpha: Upgrade to apache-1.2.6-5.alpha.rpm
Package: imapd
Updated: 05-Aug-1998
Problem:
- (05-Aug-1998)
  After upgrading to the new imapd, users should verify/do the following to get the imap servers functioning 100%. These commands will turn on the setgid permission to the server so that they can write to the standard /var/spool/mail directory.
  cd /usr/sbin ls -l imapd ipop2d ipop3d chgrp mail imapd ipop2d ipop3d chmod g+s imapd ipop2d ipop3d
- (15-Jul-1998)Security Fix:
  Serious security problems have been found in all versions of imap shipped with Red Hat Linux. If "rpm -q imap" shows that imap is installed on your system, please upgrade to these new imap releases immediately, or remove imap by running "rpm -e imap". Note that Red Hat's imap package also provides a POP server, so only remove it if you don't need to provide POP services. Thanks to everyone who helped find these problem, Olaf Kirch in particular.
Solution:
- Intel: Upgrade to imap-4.1.final-1.i386.rpm
- Alpha: Upgrade to imap-4.1.final-1.alpha.rpm
- SPARC: Upgrade to imap-4.1.final-1.sparc.rpm

Package: perl

Updated: 05-Aug-1998

Problem:

(05-Aug-1998)

Any perl program that tries to use the syslog module by doing use Sys::Syslog; will fails with the following messages:


     Can't locate stdarg.ph in @INC (did you run h2ph?) (@INC contains: 
     /usr/lib/perl5/i386-linux/5.00401 /usr/lib/perl5 
     /usr/lib/perl5/site_perl/i386-linux /usr/lib/perl5/site_perl .) at 
     /usr/lib/perl5/i386-linux/5.00401/sys/syslog.ph line 74.

Solution:



        cd `/usr/bin/gcc --print-file-name include`
        /usr/bin/h2ph *.h

Package: SysVinit
Updated: 30-Jul-1998
Problem:
- (30-Jul-1998)Security Fix:
  Update corrects a root-usable overflow in SysVInit allowed securelevels to be subverted.
- (20-Jul-1998)
  Fixes problems that caused certain machines to not remove /etc/nologin after reboot. The symptoms of this would be that only root can login after a shutdown -r now.
Solution:
- Intel: Upgrade to SysVinit-2.74-4.i386.rpm
- Alpha: Upgrade to SysVinit-2.74-4.alpha.rpm
- SPARC: Upgrade to SysVinit-2.74-4.sparc.rpm
Package: REAL
Updated: 30-Jul-1998
Problem:
- (30-Jul-1998)Security Fix:
  This update fixes the following problems:
  - UDP security exploit
  - Proxy host string in the Preferences dialog box has a bug where the first host in the comma separated list is ignored.
Solution:
- Server package
  To upgrade the Server package you will need to download pnserver-5.0.1-2.i386.rpm.rhmask
  and
  pnserver-docs-5.0.1-2.i386.rpm.rhmask to /tmp.
  You must copy the original pnserver-5.0-12.i386.rpm from the first CD and pnserver-docs-5.0-12.i386.rpm to /tmp and then issue the following commands while you are in /tmp:
```
 
  rhmask pnserver-5.0-12.i386.rpm pnserver-5.0.1-2.i386.rpm.rhmask
  rhmask pnserver-docs-5.0-12.i386.rpm pnserver-docs-5.0.1-2.i386.rpm.rhmask
  rpm -Uvh pnserver-5.0.1-2.i386.rpm 
  rpm -Uvh pnserver-docs-5.0.1-2.i386.rpm 
          
```
- Real Video Player package
  To upgrade the client package, you will need to download rvplayer-5.0-3.i386.rpm.rhmask to /tmp.
  Copy the rvplayer-5.0-1.i386.rpm to /tmp. Then issue the following commands:
```
 
rhmask rvplayer-5.0-1.i386.rpm rvplayer-5.0-3.i386.rpm.rhmask
rpm -Uvh rvplayer-5.0-3.i386.rpm
          
```
Package: modutils and kernel
Updated: 30-Jul-1998
Problem:
- (30-Jul-1998)
  Modules on the sparc may not be loadable or unloadable with the 2.0.35 kernel. This update has modules that can be loaded and a fixed set of modutils that can use them.
Solution:
- SPARC: Upgrade to
  kernel-sparc-2.0.35-4.sparc.rpm
  kernel-sparc-smp-2.0.35-4.sparc.rpm
  initscripts-3.67-1.sparc.rpm
  modutils-2.1.85-6.sparc.rpm
Package: ncurses
Updated: 24-Jul-1998
Problem:
- (24-Jul-1998) Potential security problems have been identified in all versions of ncurses packages shipped with Red Hat Linux. Users of Red Hat Linux are recommended to upgrade to the new packages available under updates directory on our ftp site:
Solution:
- Intel: Upgrade to
  ncurses-4.2-8.i386.rpm
  ncurses-devel-4.2-8.i386.rpm
  ncurses3-1.9.9e-6.i386.rpm
- Alpha: Upgrade to
  ncurses-4.2-8.alpha.rpm
  ncurses-devel-4.2-8.alpha.rpm
  ncurses3-1.9.9e-6.sparc.rpm
- SPARC: Upgrade to
  ncurses-4.2-8.sparc.rpm
  ncurses-devel-4.2-8.sparc.rpm
  ncurses3-1.9.9e-6.sparc.rpm
Package: initscripts
Updated: 24-Jul-1998
Problem:
- (24-Jul-1998)
  This update should fix various problems with non-LILO users having problems booting the 2.0.34/2.0.35 kernel.
  Note: People upgrading to this package need to also upgrade to the latest kernel for the scripts to correctly work.
- (02-Jun-1998) Security Fix:
  The /sbin/ipcalc binary in the Red Hat 5.1 initscripts had the setgid bit turned on inadvertently, which may give local users access to the root group (no exploit has been published yet). All users of Red Hat 5.1 should upgrade to the new initscripts package.
  This initscripts update also includes fixes for running locally compiled kernels with 5.1, and should fix the problems reported on various mailing lists.
  Thanks to Cesar Tascon Alvarez for finding this problem.
Solution:
- Intel: Upgrade to initscripts-3.67-1.i386.rpm
- Alpha: Upgrade to initscripts-3.67-1.alpha.rpm
Package: fetchmail
Updated: 23-Jul-1998
Problem:
- (23-Jul-1998)
  Updates fixes various problems in the RPM.
Solution:
- Intel: Upgrade to fetchmail-4.5.3-1.i386.rpm
- Alpha: Upgrade to fetchmail-4.5.3-1.alpha.rpm
- SPARC: Upgrade to fetchmail-4.5.3-1.sparc.rpm
Package: glint
Updated: 23-Jul-1998
Problem:
- (23-Jul-1998) Fixes some problems with glint not being able to deal with certain pacakges.
- (05-Jun-1998) Glint had some problems while attempting to install packages from a CR-ROM drive. This package fixes those problems.
Solution:
- Intel: Upgrade to glint-2.6.1-1.i386.rpm
- Alpha: Upgrade to glint-2.6.1-1.alpha.rpm
- SPARC: Upgrade to glint-2.6.1-1.sparc.rpm
Package: ispell
Updated: 23-Jul-1998
Problem:
- (23-Jul-1998)
  Added to errata.
- (30-Jun-1998)
  Updates fixes various problems in the RPM.
Solution:
- Intel: Upgrade to ispell-3.1.20-9.i386.rpm
- Alpha: Upgrade to ispell-3.1.20-9.alpha.rpm
- SPARC: Upgrade to ispell-3.1.20-9.sparc.rpm
Package: tcp-wrappers
Updated: 23-Jul-1998
Problem:
- (23-Jul-1998)
  Added to errata.
- (30-Jun-1998)
  Updates fixes various problems in the RPM.
Solution:
- Intel: Upgrade to tcp_wrappers-7.6-4.i386.rpm
- Alpha: Upgrade to tcp_wrappers-7.6-4.alpha.rpm
- SPARC: Upgrade to tcp_wrappers-7.6-4.sparc.rpm
Package: inn
Updated: 23-Jul-1998
Problem:
- (23-Jul-1998) This fixes the documentation that was lost due to rpm bug in the build environment.
- (10-Jun-1998) This package fixes a path problem with the startinnfeed program.
Solution:
- Intel: Upgrade to inn-1.7.2-13.i386.rpm
- Intel: Upgrade to inn-devel-1.7.2-13.i386.rpm
- Alpha: Upgrade to inn-1.7.2-13.alpha.rpm
- Alpha: Upgrade to inn-devel-1.7.2-13.alpha.rpm
- SPARC: Upgrade to inn-1.7.2-13.sparc.rpm
- SPARC: Upgrade to inn-devel-1.7.2-13.sparc.rpm
Package: am-utils
Updated: 20-Jul-1998
Problem:
- (20-Jul-1998)
  This update should fix problems that NIS users were having with the amd automount program and utilities.
Solution:
- Intel: Upgrade to am-utils-6.0a16-2.i386.rpm
- Alpha: Upgrade to am-utils-6.0a16-2.alpha.rpm
- SPARC: Upgrade to am-utils-6.0a16-2.sparc.rpm
Package: sh-utils
Updated: 20-Jul-1998
Problem:
- (20-Jul-1998)
  This update should fix problems that some users were experiencing with who core dumping on them after a certain number of users had logged in. This problem only affected some machines, and was very hard to duplicate, thus the time to release this fix.
Solution:
- Intel: Upgrade to sh-utils-1.16-14.i386.rpm
- Alpha: Upgrade to sh-utils-1.16-14.alpha.rpm
- SPARC: Upgrade to sh-utils-1.16-14.sparc.rpm
Problem: installing from tape (Sparc)
Updated: 15-Jul-1998
Solution:
- (15-Jul-1998)
  The installation of Red Hat Linux/Sparc can be started from the tape drive if you can not boot from cdrom, floppy, do a or tftp network boot. To accomplish this, you will need to write the tftpboot.img to a scsi tape drive using the following method:
  dd if=tftpboot.img of=/dev/st0 conv=sync mt rewind # to rewind the tape
  then booting the sparc with the equivalent "boot tape" command for the Sparc model.
  Note: You will still need to have the RPMS available either via network or cdrom.
Package: tftpboot.img (Sparc)
Updated: 15-Jul-1998
Problem:
- (15-Jul-1998)
  Certain Sparc 4c systems have had problems using the tftpboot.img due to PROM bugs causing buffers not to be flushed. This newer tftpboot.img fixes that problem.
Solution:
- SPARC: Download tftpboot.img from tftpboot.img
Package: boot.img (Sparc)
Updated: 15-Jul-1998
Problem:
- (15-Jul-1998)
  Floppy boot images are now available for the SPARC platform. Users who can boot from floppy and are having problems installing via tftpboot or cdrom should get the boot.img and ramdisk.img for installation. To "cut" these items to floppy, one can use dd or the dos rawrite command. From unix, the dd command can be used as follows:
  dd if=boot.img of=/dev/fd0 bs=72k change floppies and label. dd if=ramdisk.img of=/dev/fd0 bs=72k
Solution:
- SPARC: Download boot.img from boot.img and ramdisk.img from ramdisk.img
Problem: booting from CD-ROM (Sparc)
Updated: 15-Jul-1998
Problem:
- (15-Jul-1998)
  Sparc 4c's are not able to install directly from cdrom due to the wrong kernel (4m SMP kernel) being on the cdrom. Red Hat is remastering the CD-ROMs and when they are available will update this page with instructions on how purchasers of Official Red Hat Linux/Sparc Boxed Set will be able to obtain the correct cdrom.
Solution:
Problem: install not seeing partitions (Sparc)
Updated: 15-Jul-1998
Problem:
- (15-Jul-1998) The install is not able to see more than the first 4 partitions on certain drives. If you are experiencing this problem, you will need to use the new tftpboot.img or boot.img/ramdisk.img to install Red Hat Linux 5.1 onto your system.
Solution:
- SPARC:
  - For floppy installation download boot.img from boot.img and ramdisk.img from ramdisk.img
  - For tftpboot installation download tftpboot.img from tftpboot.img
Package: ypserv
Updated: 15-Jul-1998
Problem:
- (15-Jul-1998)
  fixed the problems users have been reporting about the YP Makefile. It is also linked against gdbm instead of db - gdbm is both faster and more reliable (or at least the yp server linked against gdbm is more reliable)
  After upgrading the rpm (rpm -Uvh ypserv-1.3.4-1), you will need to remake your YP/NIS databases. (cd /var/yp ; make )
Solution:
- Intel: Upgrade to ypserv-1.3.4-1.i386.rpm
- Alpha: Upgrade to ypserv-1.3.4-1.alpha.rpm
- SPARC: Upgrade to ypserv-1.3.4-1.sparc.rpm
Package: glibc
Updated: 15-Jul-1998
Problem:
- (15-Jul-1998)Security Fix:
  many fixes, including but not limited to: RPC security patches, timezone fixes, environment security fixes, lots of paranoia and exploit-prevention enhancements, fixed threading, resolver code security fixes This should fix the problems people have been having with BRU not working.
Solution:
- Intel: Upgrade to:
  glibc-2.0.7-19.i386.rpm
  glibc-debug-2.0.7-19.i386.rpm
  glibc-devel-2.0.7-19.i386.rpm
  glibc-profile-2.0.7-19.i386.rpm
- Alpha: Upgrade to
  glibc-2.0.7-19.alpha.rpm
  glibc-debug-2.0.7-19.alpha.rpm
  glibc-devel-2.0.7-19.alpha.rpm
  glibc-profile-2.0.7-19.alpha.rpm
- SPARC: Upgrade to
  glibc-2.0.7-19.sparc.rpm
  glibc-debug-2.0.7-19.sparc.rpm
  glibc-devel-2.0.7-19.sparc.rpm
  glibc-profile-2.0.7-19.sparc.rpm
Package: man (Alpha)
Updated: 08-Jul-1998
Problem:
- (08-Jul-1998)
  The version of man that was shipped with 5.1 had a bug which caused core dumps. This package version fixes that.
Solution:
- Alpha: Upgrade to man-1.5d-3.alpha.rpm
Package: libtermcap
Updated: 02-Jul-1998
Problem:
- (02-Jul-1998) Security Fix:
  Security problems have been found that allow local users to gain root access. All Red Hat users should upgrade.
Solution:
- Intel: Upgrade to libtermcap-2.0.8-9.i386.rpm
- Alpha: Upgrade to libtermcap-2.0.8-9.alpha.rpm
- SPARC: Upgrade to libtermcap-2.0.8-9.sparc.rpm
Package: dosemu
Updated: 02-Jul-1998
Problem:
- (02-Jul-1998) Security Fix:
  Various security holes have been found that allow root access. All Red Hat users that use Dosemu, should upgrade.
Solution:
- Intel: Upgrade to dosemu-0.66.7-7.i386.rpm
Package: boot-disk
Updated: 30-Jun-1998
Problem:
- (30-Jun-1998)
  New boot disk and supplemental disk images have been made based on the 2.0.34 kernel. These images fix both the kickstart mode and the PCI-PCMCIA bridge problems.
Solution:
Package: tin
Updated: 30-Jun-1998
Problem:
- (30-Jun-1998) Security Fix:
  Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
Solution:
- Intel: Upgrade to tin-1.22-11.i386.rpm
- Alpha: Upgrade to tin-1.22-11.alpha.rpm
- SPARC: Upgrade to tin-1.22-11.sparc.rpm
Package: slang
Updated: 30-Jun-1998
Problem:
- (30-Jun-1998) Security Fix:
  Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
Solution:
- Intel: Upgrade to slang-0.99.38-7.i386.rpm
- Alpha: Upgrade to slang-0.99.38-7.alpha.rpm
- SPARC: Upgrade to slang-0.99.38-7.sparc.rpm
Package: bind
Updated: 30-Jun-1998
Problem:
- (30-Jun-1998) Security Fix:
  Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
Solution:
- Intel: Upgrade to bind-4.9.7-1.i386.rpm
- Alpha: Upgrade to bind-4.9.7-1.alpha.rpm
- SPARC: Upgrade to bind-4.9.7-1.sparc.rpm
Package: metamail
Updated: 30-Jun-1998
Problem:
- (30-Jun-1998) Security Fix:
  More problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
- (23-Jun-1998) Security Fix:
  Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
- (01-Jun-1998) Security Fix:
  The metamail package has security problems. Thanks to Chris Evans for finding this problem.
Solution:
- Intel: Upgrade to metamail-2.7-17.i386.rpm
- Alpha: Upgrade to metamail-2.7-17.alpha.rpm
- SPARC: Upgrade to metamail-2.7-17.sparc.rpm
Package: mailx
Updated: 30-Jun-1998
Problem:
- (30-Jun-1998) Security Fix:
  More problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
- (23-Jun-1998) Security Fix:
  Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
- (12-Jun-1998) Security Fix:
  /tmp races have been found in the mailx package. All users of Red Hat Linux should upgrade this package.
Solution:
- Intel: Upgrade to mailx-8.1.1-3.i386.rpm
- Alpha: Upgrade to mailx-8.1.1-3.alpha.rpm
- SPARC: Upgrade to mailx-8.1.1-3.sparc.rpm
Package: elm
Updated: 23-Jun-1998
Problem:
- (23-Jun-1998) Security Fix:
  Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
Solution:
- Intel: Upgrade to elm-2.4.25-14.i386.rpm
- Alpha: Upgrade to elm-2.4.25-14.alpha.rpm
- SPARC: Upgrade to elm-2.4.25-14.sparc.rpm
Package: dhcp
Updated: 11-Jun-1998
Problem:
- (11-Jun-1998) Security Fix:
  Security vulnerabilities have been found in the dhcp server. Machines using this daemon should be have their dhcp daemon updated to this new version as soon as possible. After updating the dhcp package, it's important to restart the daemon with:
```
	/etc/rc.d/init.d/dhcp stop; /etc/rc.d/init.d/dhcp start
	
```
  Thanks to Chris Evans for finding this problem and the fix.
- (02-Jun-1998) Security Fix:
  A new version of the ISC dhcp daemon is now available, which fixes many security concerns. Users of Red Hat 5.0 with the package called dhcpd should upgrade to the new release immediately. After upgrading, be sure to restart the dhcp daemon with the following command:
```
        /etc/rc.d/init.d/dhcpd restart
        
```
  Thanks to Chris Evans for pointing out these problems and to the ISC for the fix.
Solution:
- Intel: Upgrade to dhcp-2.0b1pl1-2.i386.rpm
- Alpha: Upgrade to dhcp-2.0b1pl1-2.alpha.rpm
Package: patch
Updated: 10-Jun-1998
Problem:
- (10-Jun-1998) This update fixes some core dumps that can cause a lot of frustration during compilations.
Solution:
- Intel: Upgrade to patch-2.5-4.i386.rpm
- Alpha: Upgrade to patch-2.5-4.alpha.rpm
Package: tmpwatch
Updated: 10-Jun-1998
Problem:
- (10-Jun-1998) Fixes the cron script to be executable.
Solution:
- Intel: Upgrade to tmpwatch-1.5.1-2.i386.rpm
- Alpha: Upgrade to tmpwatch-1.5.1-2.alpha.rpm
- SPARC: Upgrade to tmpwatch-1.5.1-2.sparc.rpm
Package: libjpeg, et al
Updated: 10-Jun-1998
Problem:
- (10-Jun-1998) libjpeg was shipped with an improper soname which could cause problems with binaries not shipped with Red Hat Linux 5.1. In addition, binaries built against libjpeg on Red Hat Linux 5.1 might have problems running on non Red Hat systems. Problems also occur when packages are built on a machine with these libraries.
  The giflib shared libraries were incorrectly built, and the sources were buggy.
  People who do not develop packages on their machine, use GNOME apps, or apps from places other than the Red Hat CD do NOT need to upgrade, all others need to do so.
Solution:
- libjpeg/libgif updates
Package: emacs
Updated: 10-Jun-1998
Problem:
Solution:
- Intel: Upgrade to emacs-20.2-10.i386.rpm
- Alpha: Upgrade to emacs-20.2-10.alpha.rpm
- SPARC: Upgrade to emacs-20.2-10.sparc.rpm
Package: findutils
Updated: 10-Jun-1998
Problem:
- (10-Jun-1998) Security Fix:
  Various, minor security problems were found in this package. Thanks to Kevin Vajk and Emmanuel Galanos for helping out with these.
Solution:
- Intel: Upgrade to findutils-4.1-24.i386.rpm
- Alpha: Upgrade to findutils-4.1-24.alpha.rpm
Package: kernelcfg
Updated: 10-Jun-1998
Problem:
- (10-Jun-1998) Finds module-info file that is correctly linked against the new Red Hat kernel version naming scheme.
Solution:
- Intel: Upgrade to kernelcfg-0.5-2.i386.rpm
Packages: fstool ,usercfg ,cabaret
Updated: 05-Jun-1998
Problem:
- (05-Jun-1998) Due to procedural errors, the cabaret, fstool, and usercfg packages were included in Red Hat 5.1. All three of these packages are considered obsolete as LinuxConf is a more comprehensive and robust replacement for these three tools.
Solution:
Package: netkit-base
Updated: 05-Jun-1998
Problem:
- (05-Jun-1998) A bug has been found in the way in which upgrades are handled for the netkit-base package. In the original 5.1 RPMS, /etc/inetd.conf is not tagged as a config file. This causes it to not get backed up as a rpm.saved file during an upgrade.
  Thanks to Mike Shaver for finding this problem.
Solution:
Package: dhcpcd
Updated: 05-Jun-1998
Problem:
- (01-Jun-1998) Security Fix:
  The dhcpcd package has security problems. Thanks to Chris Evans for finding this problem. After upgrading, you must either reboot your machine or restart the daemon:
```
	/etc/rc.d/init.d/network restart 
	
```
Solution:
- Intel: Upgrade to dhcpcd-0.65-3.i386.rpm
- Alpha: Upgrade to dhcpcd-0.65-3.alpha.rpm
Package: bootp
Updated: 01-Jun-1998
Problem:
- (01-Jun-1998) Security Fix:
  The bootp package has security problems. Thanks to Chris Evans for finding this problem.
Solution:
- Intel: Upgrade to bootp-2.4.3-7.i386.rpm
- Alpha: Upgrade to bootp-2.4.3-7.alpha.rpm
Package: xosview
Updated: 01-Jun-1998
Problem:
- (01-Jun-1998) Security Fix:
  The xosview package was setuid root.
  xosview is not available on the alpha.
Solution:
- Intel: Upgrade to xosview-1.5.1-4.i386.rpm

Select Your Language

Red Hat Linux 5.1 Errata

Risk level: SMALL

Description

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Red Hat Linux 5.1 Errata

Risk level: SMALL

Description

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links