Red Hat Linux 4.0 Errata
- 04-Oct-1996: dialog, tetex
- 04-Oct-1996: rdate
- 15-Oct-1996: sh-utils
- 15-Oct-1996: rpm
- 15-Oct-1996: PCMCIA install fails with TCIC controller
- 16-Oct-1996: LILO won't work when doing an FTP install
- 18-Oct-1996: Upgrading Prior Versions of Red Hat Linux
- 18-Oct-1996: dev
- 18-Oct-1996: netcfg, pythonlib
- 18-Oct-1996: multimedia
- 21-Oct-1996: mh
- 21-Oct-1996: ghostscript
- 21-Oct-1996: screen
- 21-Oct-1996: gzip
- 22-Oct-1996: wtmp is missing
- 23-Oct-1996: kernel
- 23-Oct-1996: taper
- 23-Oct-1996: SysVinit
- 23-Oct-1996: tar
- 23-Oct-1996: Correction: Module Parameters
- 25-Oct-1996: lpr
- 25-Oct-1996: setup
- 25-Oct-1996: gpm
- 25-Oct-1996: ncurses
- 25-Oct-1996: TheNextLevel
- 28-Oct-1996: mingetty
- 31-Oct-1996: ``Can't log in'' or other password problems
- 19-Nov-1996: MAKEDEV
- 19-Nov-1996: initscripts
- 19-Nov-1996: ical
- 25-Nov-1996: SuperProbe is setuid
- 18-Dec-1996: Mitsumi CD-ROM drives
- 18-Dec-1996: libc
- 18-Dec-1996: doom
- 18-Dec-1996: vixie-cron
- 20-Dec-1996: Correction: Building a Modular Kernel
- 20-Dec-1996: Correction: Running Red Hat Linux from the CD-ROM
- 22-Jan-1997: sendmail
- 27-Jun-1997: svgalib
- 28-Jan-1997: Install fails with some SCSI adaptors
- 17-Feb-1997: wu-ftpd
- 03-Mar-1997: imap
- 23-Mar-1997: cmu-snmp
- 01-Apr-1997: pam, util-linux, NetKit-B
- 02-Apr-1997: inn
- 09-Apr-1997: amd
- 24-Apr-1997: perl
- 28-Apr-1997: metamail
- 15-May-1997: elm
- 05-Jun-1997: XFree86, X11R6.1
- 18-Jul-1997: ld.so
- 21-Jul-1997: bind
- Sparc SILO Installation
- Sparc Hard Disk Install
- Sparc: X won't start
- Sparc and IPX Networking
- Packages: dialog, tetex
Updated: 04-Oct-1996
Problem:
- (04-Oct-1996) The dialog package is broken.
- (04-Oct-1996) texconfig doesn't work properly.
Solution:
- Intel: Upgrade to
dialog-0.6-7.i386.rpm
tetex-0.3.4-4.i386.rpm
tetex-afm-0.3.4-4.i386.rpm
tetex-dvilj-0.3.4-4.i386.rpm
tetex-dvips-0.3.4-4.i386.rpm
tetex-latex-0.3.4-4.i386.rpm
tetex-xdvi-0.3.4-4.i386.rpm
- Alpha: Upgrade to
dialog-0.6-7.axp.rpm
tetex-0.3.4-4.axp.rpm
tetex-afm-0.3.4-4.axp.rpm
tetex-dvilj-0.3.4-4.axp.rpm
tetex-dvips-0.3.4-4.axp.rpm
tetex-latex-0.3.4-4.axp.rpm
tetex-xdvi-0.3.4-4.axp.rpm
- SPARC: Upgrade to
dialog-0.6-7.sparc.rpm
tetex-0.3.4-4.sparc.rpm
tetex-afm-0.3.4-4.sparc.rpm
tetex-dvilj-0.3.4-4.sparc.rpm
tetex-dvips-0.3.4-4.sparc.rpm
tetex-latex-0.3.4-4.sparc.rpm
tetex-xdvi-0.3.4-4.sparc.rpm
- Package: rdate
Updated: 04-Oct-1996
Problem:
- (04-Oct-1996) rdate as shipped with Red Hat Linux 4.0 isn't 64-bit clean.
Note:
- (04-Oct-1996) The old rdate package was built with an
incorrect version number which rpm thinks is newer than this
update. Before upgrading, you should first uninstall rdate
using the following command:
rpm -ev rdate
Solution:
- Intel: Upgrade to rdate-0.960923-1.i386.rpm
- Alpha: Upgrade to rdate-0.960923-1.axp.rpm
- SPARC: Upgrade to rdate-0.960923-1.sparc.rpm
- PCMCIA install fails with TCIC controller
Updated: 15-Oct-1996
Problem:
- (15-Oct-1996) The boot image shipped with Red Hat Linux/Intel 4.0 doesn't initialize the TCIC PCMCIA controller properly.
Solution:
- Intel: Use the following boot image instead:
boot.img
- Package: sh-utils
Updated: 15-Oct-1996
Problem:
- (15-Oct-1996) The `suspend' shell command doesn't work properly from su'd environments (the shell hangs).
Solution:
- Intel: Upgrade to sh-utils-1.12-10.i386.rpm
- Alpha: Upgrade to sh-utils-1.12-10.axp.rpm
- SPARC: Upgrade to sh-utils-1.12-10.sparc.rpm
- Package: rpm
Updated: 15-Oct-1996
Problem:
- (15-Oct-1996) The linux-2.1.x kernel breaks rpm.
Solution:
- Intel: Upgrade to rpm-2.2.7-1.i386.rpm
- Alpha: Upgrade to rpm-2.2.7-1.axp.rpm
- SPARC: Upgrade to rpm-2.2.7-1.sparc.rpm
- LILO won't work when doing an FTP install
Updated: 16-Oct-1996
Problem:
- (16-Oct-1996) FTP installs fail at the LILO step; cpio errors appear on tty5 (switch to tty5 using [Alt-F5]).
Solution:
- Intel: Reinstall using the following supplemental image:
supp.img
- Upgrading Prior Versions of Red Hat Linux
Updated: 18-Oct-1996
Problem:
- (18-Oct-1996) Explicit upgrade instructions were omitted from the Red Hat Linux 4.0 User's Guide. This is covered briefly in the chapter ``Installation in Detail''.
Solution:
- To upgrade prior versions of Red Hat Linux based on RPM
technology (2.0 and later), use the boot disk included with the
Red Hat Linux 4.0 boxed set (or make a boot disk with boot.img
on it from your installation medium). After answering some
initial questions you will be asked if you want to upgrade an
existing system or install a new system. Select Upgrade
to begin the process; this has the same effect as running
./upgrade in prior versions of Red Hat Linux.
Versions of Red Hat Linux earlier than 2.0 cannot be upgraded in place; a complete reinstallation is necessary.
- Package: dev
Updated: 18-Oct-1996
Problem:
- (18-Oct-1996) /dev/zero has incorrect permissions; should be mode 0666 (rw-rw-rw-), not 0664 (rw-rw-r--).
Solution:
- Intel: Upgrade to dev-2.4-1.i386.rpm
- Alpha: Upgrade to dev-2.4-1.axp.rpm
- SPARC: Upgrade to dev-2.4-1.sparc.rpm
- Packages: netcfg, pythonlib
Updated: 18-Oct-1996
Problem:
- (06-Oct-1996) Editing a PPP connection: netcfg dies when trying to edit a PPP connection created by old (1.x) versions of netcfg from earlier versions of Red Hat Linux. This should only affect users with PPP connections who have upgraded from earlier versions of Red Hat Linux.
- (18-Oct-1996) Spaces in phone numbers, etc.: netcfg doesn't handle spaces properly in modem init strings, phone numbers, and possibly other places (quoting didn't happen).
- (18-Oct-1996) netcfg creates /etc/resolv.conf with mode 0600 (rw-------).
Note:
- You need to upgrade both packages listed below.
After upgrading, fix the permissions of
/etc/resolv.conf using the following command:
chmod 0644 /etc/resolv.conf
Solution:
- Intel: Upgrade to
netcfg-2.12-1.i386.rpm
pythonlib-1.9-1.i386.rpm
- Alpha: Upgrade to
netcfg-2.12-1.axp.rpm
pythonlib-1.9-1.axp.rpm
- SPARC: Upgrade to
netcfg-2.12-1.sparc.rpm
pythonlib-1.9-1.sparc.rpm
- Package: multimedia
Updated: 18-Oct-1996
Problem:
- (18-Oct-1996) The multimedia package is missing xmdb and xg3.
- (18-Oct-1996) Some of these apps segv on Red Hat Linux/Alpha.
Solution:
- Intel: Upgrade to multimedia-2.1-3.i386.rpm
- Alpha: Upgrade to multimedia-2.1-3.axp.rpm
- SPARC: Upgrade to multimedia-2.1-3.sparc.rpm
- Package: mh
Updated: 21-Oct-1996
Problem:
- (21-Oct-1996) MH causes problems with csh/tcsh logins.
Solution:
- Intel: Upgrade to mh-6.8.3-13.i386.rpm
- Alpha: Upgrade to mh-6.8.3-13.axp.rpm
- SPARC: Upgrade to mh-6.8.3-13.sparc.rpm
- Package: ghostscript
Updated: 21-Oct-1996
Problem:
- (06-Oct-1996) ghostscript can't find its fonts.
- (21-Oct-1996) ghostscript is missing the dfax output driver, used by the efax package.
Solution:
- Intel: Upgrade to
ghostscript-3.33-3.i386.rpm
ghostscript-fonts-4.0-2.i386.rpm
- Alpha: Upgrade to
ghostscript-3.33-3.axp.rpm
ghostscript-fonts-4.0-2.axp.rpm
- SPARC: Upgrade to
ghostscript-3.33-3.sparc.rpm
ghostscript-fonts-4.0-2.sparc.rpm
- Package: screen
Updated: 21-Oct-1996
Problem:
- (21-Oct-1996) screen should be suid root and won't work otherwise.
Solution:
- Intel: Upgrade to screen-3.7.1-2.i386.rpm
- Alpha: Upgrade to screen-3.7.1-2.axp.rpm
- SPARC: Upgrade to screen-3.7.1-2.sparc.rpm
- Package: gzip
Updated: 21-Oct-1996
Problem:
- (21-Oct-1996) zless looks for zcat in /usr/bin, but zcat lives in /bin.
Solution:
- Intel: Upgrade to gzip-1.2.4-6.i386.rpm
- Alpha: Upgrade to gzip-1.2.4-6.axp.rpm
- SPARC: Upgrade to gzip-1.2.4-6.sparc.rpm
- wtmp is missing
Updated: 22-Oct-1996
Problem:
- (22-Oct-1996) /var/log/wtmp doesn't get created when you do a clean install. This file stores login accounting information and is used by last, among other programs.
Solution:
- log in as root and perform the following
command:
touch /var/log/wtmp
- Correction: Module Parameters
Updated: 23-Oct-1996
Problem:
- (23-Oct-1996) The Red Hat Linux 4.0 User's Guide, Appendix B: Module Parameters lists some incorrect module parameters, while other module parameters are missing.
Correction:
- For the Sony CDU31a CDROM, the I/O address argument is cdu31a_port (not cdu31a), and the IRQ argument is cdu31a_irq;
- For the Adaptec 154x SCSI adaptor, the I/O address argument is bases.
- For the Seagate module, which drives Seagate ST0x and
Future Domain TMC8xx and TMC9xx SCSI adaptors, use these
arguments:
controller_type=type base_address=shmemaddr irq=irq
where:
type is 1 for Seagate, or 2 for Future Domain;
shmemaddr is the address of the shared memory segment (for example, 0xCA000);
and irq is the number of the IRQ line.
- Package: kernel
Updated: 23-Oct-1996
Problem:
- (23-Oct-1996) Ping bug: All Linux kernels have a major bug which allows pinging them with bad frames to crash the system.
Solution:
- Intel: If you are running a system based on the kernel
that was originally installed by Red Hat Linux 4.0:
- Upgrade to kernel-2.0.18-6.i386.rpm
- Run /sbin/lilo.
- Reboot.
- Upgrade to kernel-source-2.0.18-6.i386.rpm
- Rebuild your kernel.
- Upgrade to kernel-2.0.18-6.i386.rpm
- Alpha:
- Upgrade to kernel-source-2.0.18-6.axp.rpm
- Build a kernel.
- Upgrade to kernel-source-2.0.18-6.axp.rpm
- SPARC:
- Upgrade to:
kernel-sparc-2.0.22-2.sparc.rpm
kernel-modules-2.0.22-2.sparc.rpm
(Since this is a new version of the kernel, new modules are also necessary.) - Reboot.
- If you wish, upgrade kernel header and source packages:
kernel-headers-2.0.22-2.sparc.rpm
kernel-source-2.0.22-2.sparc.rpm
- Upgrade to:
- Package: taper
Updated: 23-Oct-1996
Problem:
- (23-Oct-1996) package is missing bg_backup and bg_restore.
Solution:
- Intel: Upgrade to taper-6.7.4-2.i386.rpm
- Alpha: Upgrade to taper-6.7.4-2.axp.rpm
- SPARC: Upgrade to taper-6.7.4-2.sparc.rpm
- Package: SysVinit
Updated: 23-Oct-1996
Problem:
- (23-Oct-1996) The SysVinit package is missing wall, as well as man pages for both wall and inittab.
Solution:
- Intel: Upgrade to SysVinit-2.64-3.i386.rpm
- Alpha: Upgrade to SysVinit-2.64-3.axp.rpm
- SPARC: Upgrade to SysVinit-2.64-3.sparc.rpm
- Package: tar
Updated: 23-Oct-1996
Problem:
- (23-Oct-1996) tar seg faults when trying to create multivolume archives.
Solution:
- Intel: Upgrade to tar-1.11.8-9.i386.rpm
- Alpha: Upgrade to tar-1.11.8-9.axp.rpm
- SPARC: Upgrade to tar-1.11.8-9.sparc.rpm
- Package: lpr
Updated: 25-Oct-1996
Problem:
- (21-Oct-1996) lpr doesn't do serial hardware handshaking properly. Doesn't unlink files when printing to remote host if -s -r is used. Address of mail lpd tries to send is incorrect.
- (25-Oct-1996) Security Fix: There is a major security hole in all versions of BSD lpr (as shipped with all versions of Red Hat Linux and most other Linux distributions) which allows any user to gain root access to your system.
Solution:
- Intel: Upgrade to lpr-0.13-1.i386.rpm
- Alpha: Upgrade to lpr-0.13-1.axp.rpm
- SPARC: Upgrade to lpr-0.13-1.sparc.rpm
- Package: setup
Updated: 25-Oct-1996
Problem:
- (15-Oct-1996) csh and tcsh don't source .cshrc/.tcshrc/.login files properly.
- (25-Oct-1996) Logging in with csh or tcsh results in a terminal type of `vt100' instead of `linux'.
- (25-Oct-1996) www/http is not listed in /etc/services.
Solution:
- Intel: Upgrade to setup-1.7-1.i386.rpm
- Alpha: Upgrade to setup-1.7-1.axp.rpm
- SPARC: Upgrade to setup-1.7-1.sparc.rpm
- Package: gpm
Updated: 25-Oct-1996
Problem:
- (21-Oct-1996) gpm gives errors if /etc/sysconfig/mouse is missing.
- (25-Oct-1996) gpm emacs lisp files are placed in /usr/lib instead of /usr/share, where they should be.
Solution:
- Intel: Upgrade to
gpm-1.10-7.i386.rpm
gpm-devel-1.10-7.i386.rpm
- Alpha: Upgrade to
gpm-1.10-7.axp.rpm
gpm-devel-1.10-7.axp.rpm
- SPARC: Upgrade to
gpm-1.10-7.sparc.rpm
gpm-devel-1.10-7.sparc.rpm
- Package: ncurses
Updated: 25-Oct-1996
Problem:
- (25-Oct-1996) telnetd core dumps when an unknown TERM setting is used.
Solution:
- Intel: Upgrade to
ncurses-1.9.9e-3.i386.rpm
ncurses-devel-1.9.9e-3.i386.rpm
- Alpha: Upgrade to
ncurses-1.9.9e-3.axp.rpm
ncurses-devel-1.9.9e-3.axp.rpm
- SPARC: Upgrade to
ncurses-1.9.9e-3.sparc.rpm
ncurses-devel-1.9.9e-3.sparc.rpm
- Package: TheNextLevel
Updated: 25-Oct-1996
Problem:
- (25-Oct-1996) The default desktop doesn't work properly when started from xdm instead of startx (control-panel doesn't start, for example).
Solution:
- Intel: Upgrade to TheNextLevel-1.0-2.i386.rpm
- Alpha: Upgrade to TheNextLevel-1.0-2.axp.rpm
- SPARC: Upgrade to TheNextLevel-1.0-2.sparc.rpm
- Package: mingetty
Updated: 28-Oct-1996
Problem:
- (28-Oct-1996) mingetty does not allow some characters in user names. For instance, if you try to log in with a valid user name which includes a `-' character, mingetty aborts the login attempt, keeping users with `-' characters in their login names from logging in at the console.
Solution:
- Intel: Upgrade to mingetty-0.9.4-2.i386.rpm
- Alpha: Upgrade to mingetty-0.9.4-2.axp.rpm
- SPARC: Upgrade to mingetty-0.9.4-2.sparc.rpm
- ``Can't log in'' or other password problems
Updated: 31-Oct-1996
Problem:
- (31-Oct-1996) If you can't log in, or some other authentication fails, it may be a problem with /etc/pam.conf, the PAM configuration file. This problem appears most often when upgrading from Rembrandt, a beta-test version of Red Hat Linux, but it appears to occur in other instances as well.
Solution:
- If you are unable to log in, reboot Linux in single-user mode (at the LILO boot: prompt, type linux single).
- run the following command:
rpm --qf '%{POSTIN}' $(rpm -q --whatrequires pamconfig) | sh -x
- If you booted in single-user mode, exit from the shell (type exit or press control-D) to continue the boot process into the normal multi-user mode.
- Package: MAKEDEV
Updated: 19-Nov-1996
Problem:
- (19-Nov-1996) MAKEDEV doesn't create mcdx devices
Solution:
- Intel: Upgrade to MAKEDEV-2.2-7.i386.rpm
- Alpha: Upgrade to MAKEDEV-2.2-7.axp.rpm
- SPARC: Upgrade to MAKEDEV-2.2-7.sparc.rpm
- Package: initscripts
Updated: 19-Nov-1996
Problem:
- (04-Oct-1996) IP aliasing: The initscripts package has a bug in its support of IP aliasing. This only affects users who use IP aliasing. (If you don't understand the previous sentence, then you probably don't need this bugfix.)
- (19-Nov-1996) Another bug causes IP aliasing still not to work.
- (19-Nov-1996) Comments are not allowed to be added to the static-routes file.
- (19-Nov-1996) Doesn't support BOOTP (netcfg already allows you to set BOOTP support).
Solution:
- Intel: Upgrade to initscripts-2.77-1.i386.rpm
- Alpha: Upgrade to initscripts-2.77-1.axp.rpm
- SPARC: Upgrade to initscripts-2.77-1.sparc.rpm
- Package: ical
Updated: 19-Nov-1996
Problem:
- (19-Nov-1996) Doesn't save calendar file in home directories correctly.
Solution:
- Intel: Upgrade to ical-2.0p2-8.i386.rpm
- Alpha: Upgrade to ical-2.0p2-8.axp.rpm
- SPARC: Upgrade to ical-2.0p2-8.sparc.rpm
- SuperProbe is setuid
Updated: 25-Nov-1996
Problem:
- (25-Nov-1996) Security Fix: SuperProbe as shipped is setuid to root. This may be a possible security problem.
Solution:
- Perform the following command as root:
chmod u-s /usr/X11R6/bin/SuperProbe
- Mitsumi CD-ROM drives
Updated: 18-Dec-1996
Problem:
- Some non-ATAPI (non-IDE) Mitsumi CD-ROM drives don't work with the regular install.
Note:
- Please read ftp://archive.download.redhat.com/pub/redhat/linux/updates/4.0/en/os/i386/images/README.mcd.
Solution:
- Intel: Use the following boot image:
bootmcd.img
- Package: libc
Updated: 18-Dec-1996
Problem:
- (18-Dec-1996) Security Fix: A security hole potentially allows users root access to a system.
Solution:
- Intel: Upgrade to
libc-5.3.12-17.i386.rpm
libc-debug-5.3.12-17.i386.rpm
libc-devel-5.3.12-17.i386.rpm
libc-profile-5.3.12-17.i386.rpm
libc-static-5.3.12-17.i386.rpm
- Alpha: Red Hat Linux/Alpha is not affected (uses glibc).
- SPARC: Upgrade to
libc-5.3.12-17.sparc.rpm
libc-debug-5.3.12-17.sparc.rpm
libc-devel-5.3.12-17.sparc.rpm
libc-profile-5.3.12-17.sparc.rpm
libc-static-5.3.12-17.sparc.rpm
- Package: doom
Updated: 18-Dec-1996
Problem:
- (18-Dec-1996) Security Fix: A security hole allows users root access to a system.
Solution:
- Intel: Upgrade to doom-1.8-7.i386.rpm
- Alpha: Red Hat Linux/Alpha is not affected.
- SPARC: Red Hat Linux/SPARC is not affected.
- Package: vixie-cron
Updated: 18-Dec-1996
Problem:
- (18-Dec-1996) Security Fix: A security hole allows users root access to a system. An exploit has been widely distributed.
Solution:
- Intel: Upgrade to vixie-cron-3.0.1-12.i386.rpm
- Alpha: Upgrade to vixie-cron-3.0.1-12.axp.rpm
- SPARC: Upgrade to vixie-cron-3.0.1-12.sparc.rpm
- Correction: Building a Modular Kernel
Updated: 20-Dec-1996
Problem:
- The Red Hat Linux 4.0 User's Guide is missing a step in Section 5.2.1: Building a modularized kernel.
Note:
- This applies only to Red Hat Linux/Intel and Red Hat Linux/SPARC; Alpha users must build a monolithic kernel.
Correction:
- The correct steps for building a modularized kernel are:
- make xconfig (or make menuconfig or make config)
- make boot (make zImage only works on Linux/Intel)
- make modules
rm -rf /lib/modules/2.0.18-old
mv /lib/modules/2.0.18 /lib/modules/2.0.18-old
(This is the step that was omitted)- make modules_install
- Copy the newly built kernel image to /boot:
- For Linux/Intel:
cp /usr/src/linux/arch/i386/boot/zImage /boot/vmlinuz-2.0.18-custom
ln -sf vmlinuz-2.0.18-custom /boot/vmlinuz
- For Linux/SPARC:
gzip -9 /usr/src/linux/vmlinux
cp /usr/src/linux/vmlinux.gz /boot/vmlinux-2.0.18-custom.gz
ln -sf vmlinux-2.0.18-custom.gz /boot/vmlinux.gz
- For Linux/Intel:
- Modify your /etc/lilo.conf (if required)
- /sbin/lilo
- Correction: Running Red Hat Linux from the CD-ROM
Updated: 20-Dec-1996
Problem:
- The Red Hat Linux 4.0 User's Guide, Section 1.4: Running Directly off the CD-ROM contains incorrect information about running Red Hat Linux from the ``live'' filesystem on the CD-ROM.
Correction:
- Unfortunately, the ``live'' capability was not included in Red Hat Linux 4.0. With the modular kernel, adding live boot capabilities has become too complex and is no longer supported. We apologize for the inconvenience.
- Package: sendmail
Updated: 22-Jan-1997
Problem:
- (04-Oct-1996) Security Fix: Several security holes exist in sendmail-8.7.5.
- (19-Nov-1996) Security Fix: All publically released versions of sendmail (through version 8.8.2) have a major security hole which allows any user of your system to gain root access. This is an architecture independent problem, with a single exploit working on all systems which use sendmail. Red Hat Linux 4.0 users are encouraged to upgrade immediately.
- (18-Dec-1996) Security Fix: A security hole allows users access to the sendmail group.\
- (22-Jan-1997) Security Fix: There are some major security bugs in sendmail 8.8.4 and earlier which allow remote users to gain root access to systems running it. Sendmail 8.8.5 contains this fix along with some other minor fixes.
Note:
- (02-Dec-1996) On some machines, sendmail appears to pause
when booting up. To fix this, either:
- Use netcfg to change the hostname from localhost to localhost.localdomain, or
- edit /etc/sysconfig/network and change the line
which reads:
to read:HOSTNAME=localhost
HOSTNAME=localhost.localdomain
Solution:
- Intel: Upgrade to
sendmail-8.8.5-1.i386.rpm
sendmail-cf-8.8.5-1.i386.rpm
sendmail-doc-8.8.5-1.i386.rpm
- Alpha: Upgrade to
sendmail-8.8.5-1.axp.rpm
sendmail-cf-8.8.5-1.axp.rpm
sendmail-doc-8.8.5-1.axp.rpm
- SPARC: Upgrade to
sendmail-8.8.5-1.sparc.rpm
sendmail-cf-8.8.5-1.sparc.rpm
sendmail-doc-8.8.5-1.sparc.rpm
- Install fails with some SCSI adaptors
Updated: 28-Jan-1997
Problem:
- (25-Oct-1996) In the current Linux kernels, some SCSI drivers do not work as modules. This causes various severe problems, all of which prevent installation. The most common manifestation of this problem is for the card to be detected, but no other SCSI devices found.
Solution:
- Intel: In order to fix the problem, we have created boot
disks which include kernels with the problematic SCSI drivers
linked directly into the kernel. This requires a few more
steps on your part than a standard installation:
First, you need to choose one boot image:
boot1542.img.gz Adaptec 1542 adaptors that need parameters boot1740.img.gz Adaptec 1740/1742 adaptors bootaic7xxx.img.gz Adaptec 2740, 2840, 2940, 3940, and friends bootaic7xxx-alt.img.gz Alternate aic7xxx driver if the normal one fails boot2940au.img.gz Adaptec 2940AU adaptor bootadvansys.img.gz All supported Advansys adaptors bootFlashPoint.img.gz *Beta-test* BusLogic FlashPoint adaptors booteata_dma.img.gz DPT EATA-DMA adaptors boot53c8xx.img.gz NCR/Symbios 53c8xx adaptor bootpas16.img.gz ProAudioSpectrum 16 SCSI bootultrastor24.img.gz UltraStor 24F adaptor bootwd7000.img.gz Western Digital 7000 FASST adapters
These boot images are all available from ftp://archive.download.redhat.com/pub/redhat/linux/updates/4.0/en/os/i386/images/scsi/.
The boot image bootaic7xxx-alt.img.gz is built with the aic7xxx driver from the linux-2.0.12 kernel. Some aic7xxx cards which do not work with the current aic7xxx driver worked with the old one, so if the new one does not work for you, you can try the old one.
The boot image boot2940au.img.gz is built with the aic7xxx driver and the pci driver from the Linux-2.0.27 kernel. The Adaptec AHA-2940AU has a different programming interface than earlier 2940 cards, and requires a new driver. We hope this version works, but we don't have a 2940AU to test it with, and so we can't be sure. See README.2940au.
The Adaptec 1542 driver is not affected by the bug, but the 1542 driver cannot take command-line arguments when it is compiled as a module. Normally, it needs no arguments, but if you need to pass it arguments, you will need to use this boot disk.
The BusLogic driver is not affected by the bug; however, this BETA-test update provides FlashPoint support, and needs to be installed in the same way as the other drivers here. (FlashPoint adaptors are not supported by the standard kernel.) This is a BETA-quality driver.
Use these steps to take advantage of the correct boot image for you:
- Download the appropriate boot image in binary mode.
- Use gunzip to uncompress it.
- Use dd (or rawrite) to write it to a floppy disk, creating your new boot floppy.
- Boot it and do a normal installation or upgrade.
- When the installation or upgrade has finished and the
computer reboots, put the boot floppy in the drive and boot off
it with the boot command:
where "sd??" is the root partition (/) on which you installed Linux.linux root=/dev/sd?? load_ramdisk=0 prompt_ramdisk=0
- After booting, mount the boot floppy, probably like this:
mount -t ext2 /dev/fd0 /mnt/floppy
- Then copy the kernel image from the floppy over the
default one provided with the system:
cp /mnt/floppy/vmlinuz /boot/vmlinuz
- Re-run lilo:
/sbin/lilo
- Shutdown and reboot:
/sbin/shutdown -r now
At this point, you should have a working Linux system.
- Package: wu-ftpd
Updated: 17-Feb-1997
Problem:
- (17-Jan-1997) Security Fix: The signal handling code in wu-ftpd has some security problems which could allow users to read all files on your Red Hat Linux system.
- (17-Feb-1997) Security Fix: Red Hat Linux 4.0 and Red Hat Linux 4.1 both were shipped with wu-ftpd 2.4 beta11, which has a few important security holes, and a few minor ones. These were fixed in wu-ftpd 2.4 beta12.
- (17-Feb-1997) The ftpcount utility gave unusual output in the wu-ftpd-2.4.2b12-1 package. This has been fixed in wu-ftpd-2.4.2b12-1a.
Note:
- (17-Jan-1997) wu-ftpd-2.4b11-9 uses the same fix posted to redhat-list@redhat.com earlier by Savochkin Andrey Vladimirovich.
- (17-Feb-1997) These fixes supercede the ones provided in wu-ftpd-2.4.2b11-9, which was previously released to solve some, but not all, of the vulnerabilities present in wu-ftpd 2.4 beta11.
Solution:
- Intel: Upgrade to wu-ftpd-2.4.2b12-1a.i386.rpm
- Alpha: Upgrade to wu-ftpd-2.4.2b12-1a.axp.rpm
- SPARC: Upgrade to wu-ftpd-2.4.2b12-1a.sparc.rpm
- Package: imap
Updated: 03-Mar-1997
Problem:
- (03-Mar-1997) Security Fix: The IMAP servers included with all versions of Red Hat Linux have a buffer overrun which allow remote users to gain root access on systems which run them. imap-4.1.BETA-3 closes this security hole.
Note:
- (03-Mar-1997) Because the Alpha package was built using a
recent version of rpm, Linux/Alpha users need to
upgrade using the following command:
If you don't use the --ignorearch option, rpm will complain that the package is for the incorrect architecture.rpm -Uvh --ignorearch imap-4.1.BETA-3.alpha.rpm
Solution:
- Intel: Upgrade to imap-4.1.BETA-3.i386.rpm
- Alpha: Upgrade to imap-4.1.BETA-3.alpha.rpm
- SPARC: Upgrade to imap-4.1.BETA-3.sparc.rpm
- Package: cmu-snmp
Updated: 23-Mar-1997
Problem:
- (23-Mar-1997) Security Fix: The SNMP services in cmu-snmp are misconfigured and allow all remote systems read access to networking information machines which are running snmpd. It is also straightforward to gain write access to networking information due to these misconfigurations, which enables simple denial of service attacks. Fixed in cmu-snmp-3.3-1.
Note:
- (23-Mar-1997) New versions of cmu-snmp-devel and
cmu-snmp-tools are available for completeness. They do
not need to be installed to fix this problem; only the main
cmu-snmp package is necessary.
Because the Alpha package was built using a recent version of rpm, Linux/Alpha users need to upgrade using the following command:
If you don't use the --ignorearch option, rpm will complain that the package is for the incorrect architecture.rpm -Uvh --ignorearch cmu-snmp-3.3-1.alpha.rpm
Solution:
- Intel: Upgrade to
cmu-snmp-3.3-1.i386.rpm
cmu-snmp-devel-3.3-1.i386.rpm
cmu-snmp-utils-3.3-1.i386.rpm
- Alpha: Upgrade to
cmu-snmp-3.3-1.alpha.rpm
cmu-snmp-devel-3.3-1.alpha.rpm
cmu-snmp-utils-3.3-1.alpha.rpm
- SPARC: Upgrade to
cmu-snmp-3.3-1.sparc.rpm
cmu-snmp-devel-3.3-1.sparc.rpm
cmu-snmp-utils-3.3-1.sparc.rpm
- Packages: pam, util-linux, NetKit-B
Updated: 01-Apr-1997
Problem:
- (04-Oct-1996) pam: Securetty checking: There's a problem with securetty checking and multiple superuser accounts. This only affects users with multiple superuser accounts who want securetty checking for all superuser accounts.
- (15-Oct-1996) pam: adduser/passwd fails after changing passwords once.
- (15-Oct-1996) util-linux: chfn and chsh require root user to enter password.
- (15-Oct-1996) util-linux: when zsh is used as a login shell and [Ctrl-C] is pressed at the shell prompt, the shell exits.
- (21-Oct-1996) NetKit-B: telnet disconnects when too much traffic is thrown at it.
- (25-Oct-1996) pam, util-linux, NetKit-B: Support for the /etc/nologin file is missing.
- (25-Oct-1996) NetKit-B: talk was broken by an earlier fix.
- (25-Oct-1996) NetKit-B: Various permissions are broken (notably rpcinfo).
- (26-Oct-1996) pam: Security Fix: allows users to use the passwd program to create a 0 length password file. We recommend that all users of Red Hat Linux 4.0 upgrade as soon as possible.
- (28-Oct-1996) NetKit-B: rlogind in some cases puts the wrong machine name in utmp, causing utilities like `w' to incorrectly report what remote machine users are logged in from.
- (19-Nov-1996) pam: Strict password checking: Strict password checking cannot be disabled.
- (24-Mar-1997) NetKit-B: Security Fix: There is a small security hole in the in.tftpd daemon which allows remote users to read all files on systems which run tftp from inetd, even if the server is supposed to be run with a restricted directory path (note that all versions of Red Hat have tftp support off by default). NetKit-B-0.09-1 includes a patch to fix this problem.
Note:
- (15-Oct-1996) pam: If passwd was failing, your
/etc/passwd file may still be locked after upgrading
PAM. Use the following command to unlock it:
rm -f /etc/.pwd.lock
- (19-Nov-1996) pam: PAM now automatically disables
strict password checking for the root user, and it allows the
root user to turn off strict password checking altogether by
giving the strict=false argument to the
pam_unix_passwd module:
This enables system administrators to relax password security on their systems.passwd password required /lib/security/pam_unix_passwd.so strict=false
- (24-Mar-1997) NetKit-B: NetKit-B-0.09-1 won't work on Red Hat Linux/Alpha 4.0; Linux/Alpha users are encouraged to either upgrade to 4.1 or disable tftp support on their machines.
- (01-Apr-1997) NetKit-B: when upgrading to
NetKit-B-0.09-1, users may encounter a message from
rpm indicating that pam-0.54 or greater is
required. Users of Red Hat Linux 4.0 may safely ignore that
message, and can upgrade NetKit-B using:
rpm --nodeps
Solution:
- Check the version of PAM you have installed:
If you are upgrading from a version of PAM earlier than pam-0.50-20, remove all the entries for login, rsh, rlogin, and rexec from /etc/pam.conf. You can use the following script to do so; simply cut and paste:rpm -q pam
#!/bin/sh gawk 'BEGIN {RS="\n\n+"} $0 ~ / login authorization/ { next } $0 ~ / rlogin authorization/ { next } $0 ~ / rsh authorization/ { next } $0 ~ / rexec authorization/ { next } { print ; printf "\n" }' < /etc/pam.conf > /tmp/pam.conf cat /tmp/pam.conf > /etc/pam.conf rm /tmp/pam.conf
Or, simply remove the equivalent entries by hand using your favorite text editor. - Upgrade to the following packages:
- Package: inn
Updated: 02-Apr-1997
Problem:
- (19-Feb-1997) Security Fix: inn-1.5.1-3 contains an important security fix.
- (26-Feb-1997) inn-1.5.1-3 continues to have miscellaneous problems which inn-1.5.1-5 fixes.
- (02-Apr-1997) Security Fix: inn contains a critical security hole; this hole is closed in inn-1.5.1-6.
Note:
- (02-Apr-1997) Because the Alpha package was built using a
recent version of rpm, Linux/Alpha users need to
upgrade using the following command:
If you don't use the --ignorearch option, rpm will complain that the package is for the incorrect architecture.rpm -Uvh --ignorearch inn-1.5.1-6.alpha.rpm
Solution:
- Intel: Upgrade to inn-1.5.1-6.i386.rpm
- Alpha: Upgrade to inn-1.5.1-6.alpha.rpm
- SPARC: Upgrade to inn-1.5.1-6.sparc.rpm
- Package: amd
Updated: 09-Apr-1997
Problem:
- (09-Apr-1997) Security Fix: amd doesn't handle the nodev option properly, creating potential security problems. amd-920824upl102-8 fixes this problem.
Solution:
- Intel: Upgrade to amd-920824upl102-8.i386.rpm
- Alpha: amd doesn't work on Red Hat Linux/Alpha 4.0.
- SPARC: Upgrade to amd-920824upl102-8.sparc.rpm
- Package: perl
Updated: 24-Apr-1997
Problem:
- (18-Oct-1996) Security Fix: The perl RPM shipped with Red Hat Linux 4.0 allows all users to gain root group access. This is not the same as root user access and not nearly as large a security risk. Due to Red Hat's user/group scheme, however, it is an important problem, and we recommend upgrading all Red Hat Linux 4.0 systems immediately.
- (24-Apr-1997) Security Fix: There is a critical security hole in perl (specifically /usr/bin/sperl); a new version, perl-5.003-8, is now available which closes this security hole.
Note:
- (24-Apr-1997) Because the Alpha package was built using a
recent version of rpm, Linux/Alpha users need to
upgrade using the following command:
If you don't use the --ignorearch option, rpm will complain that the package is for the incorrect architecture.rpm -Uvh --ignorearch perl-5.003-8.alpha.rpm
Solution:
- Intel: Upgrade to perl-5.003-8.i386.rpm
- Alpha: Upgrade to perl-5.003-8.alpha.rpm
- SPARC: Upgrade to perl-5.003-8.sparc.rpm
- Package: metamail
Updated: 28-Apr-1997
Problem:
- (28-Apr-1997) Security Fix: There is a security hole in metamail which affects all versions of Red Hat Linux. metamail-2.7-7 closes this security hole.
Note:
- (28-Apr-1997) Because the Alpha package was built using a
recent version of rpm, Linux/Alpha users need to
upgrade using the following command:
If you don't use the --ignorearch option, rpm will complain that the package is for the incorrect architecture.rpm -Uvh --ignorearch metamail-2.7-7.alpha.rpm
- (28-Apr-1997) Versions of rpm prior to 2.3.10 will complain about an improper signature on this packages. As long as the ``pgp'' report from --checksig (-K) is in lower case, the PGP signature has verified properly. We suggest upgrading to rpm-2.3.10 to avoid this problem in the future.
Solution:
- Intel: Upgrade to metamail-2.7-7.i386.rpm
- Alpha: Upgrade to metamail-2.7-7.alpha.rpm
- SPARC: Upgrade to metamail-2.7-7.sparc.rpm
- Package: elm
Updated: 15-May-1997
Problem:
- (15-May-1997) Security Fix: The version of elm shipped with all releases of Red Hat Linux has a security vulnerability which allows users on systems to read, delete, and forge other users' mail by gaining access to the mail group. elm-2.4.25-8 fixes this vulnerability.
Note:
- (15-May-1997) Because the Alpha package was built using a
recent version of rpm, Linux/Alpha users need to
upgrade using the following command:
If you don't use the --ignorearch option, rpm will complain that the package is for the incorrect architecture.rpm -Uvh --ignorearch elm-2.4.25-8.alpha.rpm
Solution:
- Intel: Upgrade to elm-2.4.25-8.i386.rpm
- Alpha: Upgrade to elm-2.4.25-8.alpha.rpm
- SPARC: Upgrade to elm-2.4.25-8.sparc.rpm
- Packages: XFree86, X11R6.1
Updated: 29-May-1997
Problem:
- (29-May-1997) Security Fix: A buffer overflow has
been found in one of the X11 libraries, allowing local
users to gain unathorized root access to a system through
any setuid root application linked against libX11. This
problem affects all Red Hat Linux machines with X Windows
installed.
Applications which are dynamically linked may be fixed by upgrading to the X...-libs package appropriate for your architecture.
If you have any statically linked setuid X programs you must recompile them against the new libX11.a contained in the X...-devel package for your architecture. Red Hat Linux does not include any statically linked X applications, so this only a problem if you've hand installed statically linked setuid applications (we don't know of any applications likely to be installed in this configuration).
- (05-Jun-1997) Security Fix: More buffer overflows
have been found in one of the X11 libraries, allowing local
users to gain unathorized root access to a system through
any setuid root application linked against libX11. This
problem affects all Red Hat Linux machine with X Windows
installed.
Applications which are dynamically linked may be fixed by upgrading to the X...-libs X package appropriate for your architecture.
If you have any statically linked setuid X programs you must recompile them against the new libX11.a contained in the X...-devel package for your architecture. Red Hat Linux does not include any statically linked X applications so this only a problem if you've hand installed statically linked setuid applications (we don't know of any applications likely to be installed in this configuration).
Note:
- The upcoming release of XFree86-3.3 is not vulnerable to this problem; users may safely install release 3.3 once it is available. The XFree86-3.2A beta release, however, is vulnerable.
Solution:
- Intel: Upgrade to
XFree86-libs-3.3-1.i386.rpm
XFree86-devel-3.3-1.i386.rpm
- Alpha: This fix is not available for Red Hat Linux/Alpha 4.0
- SPARC: Upgrade to
X11R6.1-devel-pl1-23.sparc.rpm
X11R6.1-libs-pl1-23.sparc.rpm
- (29-May-1997) Security Fix: A buffer overflow has
been found in one of the X11 libraries, allowing local
users to gain unathorized root access to a system through
any setuid root application linked against libX11. This
problem affects all Red Hat Linux machines with X Windows
installed.
- Package: svgalib
Updated: 27-Jun-1997
Problem:
- (27-Jun-1997) Security Fix: A major security problem has been found in the svgalib library. This problem affects all releases of Red Hat Linux on Intel platforms. svgalib-1.2.10-3 fixes this security hole.
Solution:
- Intel: Upgrade to
svgalib-1.2.10-3.i386.rpm
svgalib-devel-1.2.10-3.i386.rpm
- Package: ld.so
Updated: 18-Jul-1997
Problem:
- (18-Jul-1997) Security Fix: There is a buffer overflow in Linux's ELF program loader on Intel and SPARC platforms. New versions of the ld.so and ld.so-sparc packages are available which fix the problem.
Solution:
- Intel: Upgrade to ld.so-1.7.14-5.i386.rpm
- Alpha: Red Hat Linux/Alpha doesn't use ld.so
- SPARC: Upgrade to ld.so-sparc-1.8.3-3.sparc.rpm
- Package: bind
Updated: 21-Jul-1997
Problem:
- (10-Mar-1997) Security Fix: There is a possibility for a denial of service attack in bind-4.9.5 which allows users to render nameservers inoperative. bind-4.9.5p1-1 includes a patch to fix this behaviour.
- (21-Jul-1997) Security Fix: Version 4.9.6 of the bind DNS name server is now available. It fixes security vulnerabilities which allowed third parties to alter DNS queries from previous versions of the name server. All Red Hat Linux systems running bind are vulnerable to this problem.
Note:
- (21-Jul-1997) Because the Alpha package was built using a
recent version of rpm, Linux/Alpha users need to
upgrade using the following command:
If you don't use the --ignorearch option, rpm will complain that the package is for the incorrect architecture.rpm -Uvh --ignorearch bind-4.9.6-1.alpha.rpm
Solution:
- Intel: Upgrade to bind-4.9.6-1.i386.rpm
- Alpha: Upgrade to bind-4.9.6-1.alpha.rpm
- SPARC: Upgrade to bind-4.9.6-1.sparc.rpm
- SILO Installation
The install program will prompt you to install other operating systems to be bootable from SILO. Unfortunately, this option is broken and should not be used.
Fix: You should only setup SILO to boot Linux. If you need to boot SunOS or Solaris, you can add support for that after installing and booting your system for the first time. See /usr/doc/silo-0.6.5-1/README for details on how to modify /etc/silo.conf for booting Solaris and SunOS.
You may still be able to boot SunOS by issuing the following at the SILO boot: prompt:
boot: /boot/old.b
You should still be able to boot Solaris using the PROM prompt. To get out of SILO type:boot: halt
- Hard Disk Setup
If you are doing a CD-ROM install without a floppy (ie you put the CD in the local drive and did a boot cdrom from the PROM prompt) you will not be able to install across multiple partitions.
Fix: You must use one large partition to hold everything. This is due to a bug in the install program. Because it is burnt on the CD, there is no way to fix it until we go to a new release.
You can install to multiple partitions if you boot via the floppy or if you do an NFS install. It even works if you do an NFS rooted install from the CD-ROM mounted on an NFS server.
- X windows won't start.
The kernel as shipped with Red Hat Linux/SPARC 4.0 can not share the mouse device between programs. The gpm package as installed will start gpm at boot time. You can not start X until you kill gpm.
Fix: Kill gpm using the following command:
/etc/rc.d/init.d/gpm stop
You can then start gpm again when you aren't running X by:/etc/rc.d/init.d/gpm start
If you would like to remove gpm from the startup scripts so that it does not start at boot time, but you would still like to be able to start it when you wish, simply do:rm -f /etc/rc.d/rc?.d/S*gpm
Then start and stop gpm with the above commands when you need to use it. If you would like to remove gpm entirely and never use it, first stop it and then run:rpm -e gpm
- IPX networking
The kernel as shipped with Red Hat Linux/SPARC 4.0 can not handle IPX networking properly. If your machine is connected to a network where IPX traffic exists, Linux will load the IPX module, and your machine will enventually crash.
Fix: Remove the offending module so that it cannot load, using the following command:
rmmod ipx rm -f /lib/modules/2.0.18/misc/ipx.o
Then add the following line to /etc/conf.modules:alias net-pf-4 off
Finally, restart kerneld:killall kerneld /sbin/kerneld
23-Oct-1996
Note: IPX networking works properly on Red Hat Linux/SPARC 4.0 with the most recent kernel-sparc fix
- Hard Disk Setup