Bugtraq mailing list archives
SECURITY: new nfs-server packages available (fwd)
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Fri, 28 Aug 1998 03:53:07 +0100
Expect similar announces from other Linux vendors to follow this one. The bug is in code that as far as I can tell in Linux specific portmap code so this is unlikely to affect non Linux portmappers. I'll post an explanation once the other vendor announcements are out. Alan
-----BEGIN PGP SIGNED MESSAGE----- Potential security problems have been identified in all versions of nfs-server packages shipped with Red Hat Linux. Users of Red Hat Linux are recommended to upgrade to the new packages available under updates directory on our ftp site: * Red Hat Linux 5.1 and 5.0: ============================ alpha: - ------ rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/5.1/alpha/nfs-server-2.2beta29-7.alpha.rpm rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/5.1/alpha/nfs-server-clients-2.2beta29-7.alpha.rpm i386: - ----- rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/5.1/i386/nfs-server-2.2beta29-7.i386.rpm rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/5.1/i386/nfs-server-clients-2.2beta29-7.i386.rpm sparc: - ------ rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/5.1/sparc/nfs-server-2.2beta29-7.sparc.rpm rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/5.1/sparc/nfs-server-clients-2.2beta29-7.sparc.rpm Source RPM: - ----------- rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/5.1/SRPMS/nfs-server-2.2beta29-7.src.rpm * Red Hat Linux 4.2: ==================== alpha: - ------ rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/4.2/alpha/nfs-server-2.2beta16-9.alpha.rpm rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/4.2/alpha/nfs-server-clients-2.2beta16-9.alpha.rpm i386: - ----- rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/4.2/i386/nfs-server-2.2beta16-9.i386.rpm rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/4.2/i386/nfs-server-clients-2.2beta16-9.i386.rpm sparc: - ------ rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/4.2/sparc/nfs-server-2.2beta16-9.sparc.rpm rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/4.2/sparc/nfs-server-clients-2.2beta16-9.sparc.rpm Source RPM: - ----------- rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/updates/4.2/SRPMS/nfs-server-2.2beta16-9.src.rpm -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNeYMBPGvxKXU9NkBAQEBrAP9EdR+axrR0AIO2NleNuSw/2WF/4two4lg RKwwQekrlTU0FjxOqmzhkuwyVHflWWu39wybto12y9XFIyptLJFdFvzwBiPczI5V f88L+acQcaAZtZmIARMMsOFCyGMmXoTNULFIkmtVlmIxcsIT3/heJtGC1WTYboE9 00fnNdehNFQ= =Spdn -----END PGP SIGNATURE----- Cristian -- ---------------------------------------------------------------------- Cristian Gafton -- gafton () redhat com -- Red Hat Software, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ UNIX is user friendly. It's just selective about who its friends are.
Current thread:
- Re: News DoS using sendsys, (continued)
- Re: News DoS using sendsys Scott Gifford (Aug 26)
- Re: News DoS using sendsys Russ Allbery (Aug 26)
- Re: News DoS using sendsys Andrew V. Kovalev (Aug 27)
- Re: News DoS using sendsys Charlesw (Aug 27)
- Re: News DoS using sendsys David Shaw (Aug 27)
- SV: SV: Serious Security Hole in Hotmail (URL to sourcecode) Jonathan James (Aug 27)
- Re: News DoS using sendsys Julian Cowley (Aug 27)
- Re: News DoS using sendsys Russ Allbery (Aug 27)
- Seyon Security Vulnerability SGI Security Coordinator (Aug 27)
- Re: Seyon Security Vulnerability Alan Cox (Aug 27)
- SECURITY: new nfs-server packages available (fwd) Alan Cox (Aug 27)
- Re: SECURITY: new nfs-server packages available (fwd) Paul Boehm (Aug 27)
- Cisco response re PIX fragmentation issue Cisco Product Security Incident Response Team (Aug 27)
- NFS fix - TurboLinux 2.0 Scott Stone (Aug 27)
- StackGuard-protected Linux and a New StackGuard Compiler Crispin Cowan (Aug 27)
- Re: News DoS using sendsys Andrew V. Kovalev (Aug 27)
- Re: News DoS using sendsys Don Lewis (Aug 27)