United States (change)
Shortcuts: Downloads Fedora Red Hat Network
The following are known problems with Red Hat Linux 5.1 on multiple platforms. Updates are available for FTP from:
Please note that newer versions of some of these packages may be available in the same location; any new versions which are made available will fix all of the bugs older versions did, so you can use the latest version with no problems.
We are no longer seperating the errata into general and platform specific
errata If you are unsure whether an errata update is for your system, the
following information should help:
Intel and Intel-based platform specific rpms will have the i386 extension,
Sparc rpms will have the sparc extension, and rpms for the Alpha systems
will have the alpha extension. This extension is before .rpm. For example:
foo.1.2-3.i386.rpm would be for the Intel systems
foo.1.2-3.sparc.rpm would be for Sparc systems
foo.1.2-3.alpha.rpm would be for Alpha systems
If you experience problems downloading the RPMS using Netscape or Internet Explorer, you will need to explicitely download to file versus opening in a window. The problem you are encountering is that both browsers think that .rpm files are text files and thus try to show the contents. In netscape, you can Shift-Click to correctly download the file.
Updated: 16-Apr-1999
Problem:
Same as before. We are moving NFS Updates to the top of the list and also updating it to the latest version. If you have an older version installed, please update.
Due to many reports of continued security breaches from NFS, we are moving the NFS update to the top of the list to make sure people update to it if they have not already.
Users of Red Hat Linux are recommended to upgrade to the new packages available under updates directory on our ftp site.
Solution:
Updated: 16-Apr-1999
Problem:
Potential security problems have been identified in all the procmail packages shipped with Red Hat Linux. Currently Red Hat is not aware of any exploits built on these vulnerabilities.
Red Hat would like to thank the members of the Bugtraq list for reporting these problems and the authors of procmail for quickly providing an update.
Users of Red Hat Linux are recommended to upgrade to the new packages available under updates directory on our ftp site:
Solution:
Updated: 16-Apr-1999
Problem:
Solution:
Updated: 01-Apr-1999
Problem:
Security vulnerabilities have been identified in the XFree86 packages that ship with Red Hat Linux. This security problem can allow local users to get write access to directories that they are otherwise not able to write to.
Red Hat would like to thank the members of the BUGTRAQ mailing list, the members of the Linux Security Audit team, and others. All users of Red Hat Linux are encouraged to upgrade to the new packages immediately. As always, these packages have been signed with the Red Hat PGP key.
New RPMs for XFree86 3.3.3.1 (X11) are available for Red Hat Linux 4.2 and 5.x on all platforms. This new release is primarily a bugfix release. It corrects problems with a few drivers (especially the 3D Labs slowdown problem), fixes Russian KOI8 font support, and fixes the font server xfs, which was inadvertently broken in our release of XFree86 3.3.3. Please see the official release notes at http://www.xfree86.org/#news for further information.
Solution:
In some circumstances, you may be required to add --force and/or --nodeps to the rpm command line options to insure a proper upgrade. Add these options if the command line given gives an error. Also as with all newer RPM packages you will need to upgrade to the latest RPM before installing these packages.
Required RPMS
You will want one of the following RPMS for your video
card.
Server RPMS
You might want one or more of these RPMS if you do
development.
Optional RPMS
Further Instructions For instructions on upgrading users should read the Red Hat XFree86 upgrade howto. This document is in its initial drafts, but should be useful.
rpm -Uvh ftp://updates.redhat.com/5.1/alpha/rpm-2.5.3-5.1.alpha.rpm
rpm -Uvh ftp://updates.redhat.com/5.2/en/os/alpha/XFree86-libs-3.3.3.1-1.1.alpha.rpm
rpm -Uvh ftp://updates.redhat.com/5.2/en/os/alpha/XFree86-3.3.3.1-1.1.alpha.rpm
rpm -Uvh ftp://updates.redhat.com/5.1/sparc/rpm-2.5.3-5.1.alpha.rpm
rpm -Uvh ftp://updates.redhat.com/5.2/en/os/sparc/XFree86-libs-3.3.3.1-1.1.sparc.rpm
rpm -Uvh ftp://updates.redhat.com/5.2/en/os/sparc/XFree86-3.3.3.1-1.1.sparc.rpm
Updated: 01-Apr-1999
Problem:
An problem in the mime handling code could allow a remote user to execute certain commands on a local system.
Red Hat would like to thank the members of the BUGTRAQ mailing list, the members of the Linux Security Audit team, and others. All users of Red Hat Linux are encouraged to upgrade to the new packages immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
Updated: 01-Apr-1999
Problem:
An problem in the mime handling code could allow a remote user to execute certain commands on a local system.
Red Hat would like to thank the members of the BUGTRAQ mailing list, the members of the Linux Security Audit team, and others. All users of Red Hat Linux are encouraged to upgrade to the new packages immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
Updated: 01-Apr-1999
Problem:
Red Hat would like to thank the members of the BUGTRAQ mailing list, the members of the Linux Security Audit team, and others. All users of Red Hat Linux are encouraged to upgrade to the new packages immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
Updated: 01-Apr-1999
Problem:
An overflow in the parsing code could lead to crashes of the system logger.
Red Hat would like to thank the members of the BUGTRAQ mailing list, the members of the Linux Security Audit team, and others. All users of Red Hat Linux are encouraged to upgrade to the new packages immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
Further Instructions
Once you have downloaded the sysklogd package for your architecture, you will need to do the following as root:
rpm -Uvh sysklogd*rpm
/etc/rc.d/init.d/syslog restart
Updated: 19-Feb-1999
Problem:
Red Hat has further patched the standard 2.0.36 kernel with updated drivers for the Adaptec 7xxx cards, NCR scsi, 3com 905B, and some other patches.
Several security holes were found in the Linux kernel and patched in the 2.0.36 kernel. Users should upgrade to patch these problems. The announcement can be found here.
Solution:
You will need to recompile the source code for your platform.
Due to differences between versioning, Red Hat has patched
the 2.0.35 kernel with the security fixes that are in the
2.0.36 kernel.
ftp://updates.redhat.com/5.2/en/os/sparc/kernel-headers-2.0.35-15.sparc.rpm
ftp://updates.redhat.com/5.2/en/os/sparc/kernel-source-2.0.35-15.sparc.rpm
ftp://updates.redhat.com/5.2/en/os/sparc/kernel-sparc-2.0.35-15.sparc.rpm (for 4c or non-smp 4m
ftp://updates.redhat.com/5.2/en/os/sparc/kernel-sparc-smp-2.0.35-15.sparc.rpm (for smp sun4m boxes)
Further Instructions For instructions on upgrading users should read the Red Hat kernel upgrade howto. While the howto focuses on intel, there are sub chapters for upgrading alpha and sparc machines.
Updated: 09-Feb-1999
Problem:
A security vulnerability has been identified in all versions of the wu-ftpd server binary shipped with Red Hat Linux. For more information, see http://www.netect.com/advisory_0209.html
New packages are available, and all users of Red Hat Linux are encouraged to upgrade to the new wu-ftpd releases immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
Updated: 09-Feb-1999
Problem:
Current minicom packages have permissions set to allow all users to access a modem on a system. This update fixes this problem limiting users to those listed in the minicom configuration file.
New packages are available for the supported versions of Red Hat Linux. All users of Red Hat Linux are encouraged to upgrade to the new minicom releases immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
Updated: 17-Feb-1999
Problem:
Solution:
Updated: 19-Jan-1999
Problem:
Solution:
Updated: 02-Jan-1999
Problem:
The default configuration as shipped with the supported releases of Red Hat Linux is not vulnerable to this problem.
A race condition that can be exploited under some particular scenarios has been identified in all versions of the Linux-PAM library shipped with all versions of Red Hat Linux. The vulnerability is exhibited in the pam_unix_passwd.so module included in Red Hat Linux, but *not* used by either of the 4.2 or 5.x releases. Red Hat Linux uses the pam_pwdb.so module for performing PAM authentication.
You are at risk if you enabled pam_unix_passwd.so and are using it instead of the pam_pwdb.so module. An exploit occurs when an user with a umask setting of 0 is trying to change the login password.
As of this release there are no known exploits of this security problem.
Solution:
Updated: 22-Dec-1998
Problem:
A security vulnerability has been identified in all versions of the ftp client binary shipped with Red Hat Linux. An exploit for this vulnerability would have to rely on getting the user to connect using passive mode to a server running a ftp daemon under the attacker's control. As of this release time there are no known exploits of this security problem.
All users of Red Hat Linux are encouraged to upgrade to the new package releases immediately. As always, these packages have been signed with the Red Hat PGP key.
Solution:
Further Instructions
Once you have downloaded the NetKit package for your architecture, you will need to do the following as root:
rpm -Uvh ftp-0.10-4*rpm
Updated: 22-Dec--1998
Problem:
Various security vulnerabilities have been found in versions of Netscape Navigator and Communicator as shipped with Red Hat Linux. More information on the security vulnerabilities is available at Netscape
It is recommended that users of Red Hat Linux upgrade to the new packages available on our FTP site:
Updated versions of Netscape compiled with glibc libraries are available for download. These fix minor security problems with Java class libraries.
Updated: 17-Nov-1998
Problem:
Following our announcement yesterday about new samba packages being available for our 5.2 release we have received reports that samba packages available for older releases of Red Hat Linux might be vulnerable as well.
As a result of this concern we are making available new samba packages for all supported releases of Red Hat Linux. We apologize for not doing so yesterday, when we tried to address a specific reported vulnerability.
Once again we express our thanks to Andrew Tridgell and the Samba team for their assistance in addressing this problem.
Serious security problems have been found in all versions of Samba shipped with Red Hat Linux. All users of samba should upgrade to the latest version, and restart samba with: /etc/rc.d/init.d/smb stop; /etc/rc.d/init.d/smb start as soon as possible.
Solution:
Further Instructions
Once you have downloaded the samba package for your architecture, you will need to do the following as root:
rpm -Uvh samba*rpm
/etc/rc.d/init.d/smb restart
Updated: 13-Nov-1998
Problem:
A buffer overflow has been identified in all versions of the libc 5 packages shipped with Red Hat Linux. The most affected systems are those that are libc 5 based (Red Hat Linux 4.2 and older). Only Intel and Sparc architectures are affected.
The Red Hat Linux 5.x releases are glibc (libc 6) based, and Red Hat does not ship any binaries linked against libc 5 that might be used for compromising the system's security. However, Red Hat Linux 5.x releases do include for backwards compatibility a package containg a vulnerable library.
Users of Red Hat Linux are recommended to upgrade to the new packages available under updates directory on our ftp site:
rpm -Uvh libc-5.3.12-28.i386.rpm
Solution:
Updated: 06-Nov-1998
Problem:
svgalib has been found to leak file descriptors to /dev/mem.
Red Hat would like to thank the users of the BUGTRAQ security
list for identifying the problem and Kevin Vajk
Minor security problems
have been found by the Linux Security Auditing group in
svgalib which allow users to make the console
unuseable.
rpm -Uvh svgalib-1.2.13-6
Solution:
Updated: 23-Sep-1998
Problem:
Solution:
Updated: 23-Sep-1998
Problem:
cd /usr/lib
ln -s rpm/rpmrc ./rpmrc
ln -s rpm/rpmpopt ./rpmpopt
gzipbin: /bin/gzip
bzip2bin: /usr/bin/bzip2
RPM reports problems with failed trigger scripts.
Solution:
Updated: 09-Sep-1998
Problem:
A security vulnerability has been identified in all versions of bash shipped with Red Hat Linux. Details on the nature of the bug have been posted recently to the BUGTRAQ security list.
The bug is not immediately exploitable - it will require that a user with shell account on one machine create a carefully constructed directory structure and then wait for somebody else with a root account to cd into that directory.
Red Hat would like to thank Joao Manuel Carolino
Solution:
Updated: 29-Aug-1998
Problem:
Various, minor security problems were found in this package. Thanks to Jamie Zawinski for fixing this.
Solution:
Updated: 28-Aug-1998
Problem:
A potential security hole has been found and fixed in the linuxconf package in Red Hat Linux 5.1. No exploit is currently known. If the security hole is exploited, hosts that you explicitly trust to administer linuxconf could be capable of gaining root access. In older versions of linuxconf, the local ethernet network is trusted by default (except when configured via BOOTP or DHCP); in linuxconf-1.11r18-3rh, no hosts are trusted by default. The linuxconf-1.11r18-3rh package fixes the security hole, and also fixes a number of other small bugs that have been discovered since the last release. SPARC users: This release does NOT fix the bug that keeps linuxconf from displaying properly; the bug is in glibc, and a glibc update is waiting for unrelated sparc bugs in glibc to be fixed. For now, run the command "rpm -e gnome-linuxconf gecko" and you will be able to use linuxconf in its less-nice-looking native mode. Sorry. We will soon release a glibc update which will allow linuxconf to work correctly with gecko and gnome-linuxconf; in the meantime, you do want to upgrade linuxconf because of the potential security concern.
The linuxconf package was setuid root. This creates the potential for security holes that allow attackers to gain root access to your machine.
You can immediately remove the danger by logging in as root and running the command:
chmod -s /bin/linuxconf
We also recommend that you update to the latest version of linuxconf, linuxconf-1.11r11-rh3, which fixes this bug.
Solution:
Updated: 11-Aug-1998
Problem:
A denial-of-service attack against the Apache web server has been found which lets remote sites disable your web server. This attack does not let remote users gain any sort of access to your computer, nor does it let local users gain any special access.
Red Hat recommends upgrading apache on systems which are functioning as Internet servers.
rpm -Uvh apache-1.2.6-5*rpm
/etc/rc.d/init.d/httpd stop
/etc/rc.d/init.d/httpd start
Solution:
Updated: 05-Aug-1998
Problem:
After upgrading to the new imapd, users should verify/do the following to get the imap servers functioning 100%. These commands will turn on the setgid permission to the server so that they can write to the standard /var/spool/mail directory.
cd /usr/sbin
ls -l imapd ipop2d ipop3d
chgrp mail imapd ipop2d ipop3d
chmod g+s imapd ipop2d ipop3d
Serious security problems have been found in all versions of imap shipped with Red Hat Linux. If "rpm -q imap" shows that imap is installed on your system, please upgrade to these new imap releases immediately, or remove imap by running "rpm -e imap". Note that Red Hat's imap package also provides a POP server, so only remove it if you don't need to provide POP services. Thanks to everyone who helped find these problem, Olaf Kirch in particular.
Solution:
Updated: 05-Aug-1998
Problem:
Any perl program that tries to use the syslog module by doing use Sys::Syslog; will fails with the following messages:
Can't locate stdarg.ph in @INC (did you run h2ph?) (@INC contains:
/usr/lib/perl5/i386-linux/5.00401 /usr/lib/perl5
/usr/lib/perl5/site_perl/i386-linux /usr/lib/perl5/site_perl .) at
/usr/lib/perl5/i386-linux/5.00401/sys/syslog.ph line 74.
Solution:
cd `/usr/bin/gcc --print-file-name include`
/usr/bin/h2ph *.h
Updated: 30-Jul-1998
Problem:
Update corrects a root-usable overflow in SysVInit allowed securelevels to be subverted.
Fixes problems that caused certain machines to not remove /etc/nologin after reboot. The symptoms of this would be that only root can login after a shutdown -r now.
Solution:
Updated: 30-Jul-1998
Problem:
This update fixes the following problems:
Solution:
Note:
Since the pnserver package and rvplayer package share some
common libs, you will need to upgrade both packages if you have
them installed.
These packages are distributed as a rhmask file to comply with our agreement with Real Networks. To use them, you need to use rhmask which is a part of Red Hat Linux. The new packages can be found on ftp.redhat.com in /pub/redhat/updates/real/i386.
To upgrade the Server package you will need to download
pnserver-5.0.1-2.i386.rpm.rhmask
and
pnserver-docs-5.0.1-2.i386.rpm.rhmask
to /tmp.
You must copy the original pnserver-5.0-12.i386.rpm from the first CD and pnserver-docs-5.0-12.i386.rpm to /tmp and then issue the following commands while you are in /tmp:
rhmask pnserver-5.0-12.i386.rpm pnserver-5.0.1-2.i386.rpm.rhmask
rhmask pnserver-docs-5.0-12.i386.rpm pnserver-docs-5.0.1-2.i386.rpm.rhmask
rpm -Uvh pnserver-5.0.1-2.i386.rpm
rpm -Uvh pnserver-docs-5.0.1-2.i386.rpm
To upgrade the client package, you will need to download rvplayer-5.0-3.i386.rpm.rhmask to /tmp.
Copy the rvplayer-5.0-1.i386.rpm to /tmp. Then issue the following commands:
rhmask rvplayer-5.0-1.i386.rpm rvplayer-5.0-3.i386.rpm.rhmask
rpm -Uvh rvplayer-5.0-3.i386.rpm
Updated: 30-Jul-1998
Problem:
Modules on the sparc may not be loadable or unloadable with the 2.0.35 kernel. This update has modules that can be loaded and a fixed set of modutils that can use them.
Solution:
Updated: 24-Jul-1998
Problem:
Solution:
Updated: 24-Jul-1998
Problem:
This update should fix various problems with non-LILO users having
problems booting the 2.0.34/2.0.35 kernel.
Note: People upgrading to this package need to also upgrade
to the latest kernel for the scripts to correctly work.
The /sbin/ipcalc binary in the Red Hat 5.1 initscripts had the setgid bit turned on inadvertently, which may give local users access to the root group (no exploit has been published yet). All users of Red Hat 5.1 should upgrade to the new initscripts package.
This initscripts update also includes fixes for running locally compiled kernels with 5.1, and should fix the problems reported on various mailing lists.
Thanks to Cesar Tascon Alvarez for finding this problem.
Solution:
Updated: 23-Jul-1998
Problem:
Updates fixes various problems in the RPM.
Solution:
Updated: 23-Jul-1998
Problem:
Solution:
Updated: 23-Jul-1998
Problem:
Added to errata.
Updates fixes various problems in the RPM.
Solution:
Updated: 23-Jul-1998
Problem:
Added to errata.
Updates fixes various problems in the RPM.
Solution:
Updated: 23-Jul-1998
Problem:
Solution:
Updated: 20-Jul-1998
Problem:
This update should fix problems that NIS users were having with the amd automount program and utilities.
Solution:
Updated: 20-Jul-1998
Problem:
This update should fix problems that some users were experiencing with who core dumping on them after a certain number of users had logged in. This problem only affected some machines, and was very hard to duplicate, thus the time to release this fix.
Solution:
Updated: 15-Jul-1998
Solution:
The installation of Red Hat Linux/Sparc can be started from the tape drive if you can not boot from cdrom, floppy, do a or tftp network boot. To accomplish this, you will need to write the tftpboot.img to a scsi tape drive using the following method:
dd if=tftpboot.img of=/dev/st0 conv=sync
mt rewind # to rewind the tape
Updated: 15-Jul-1998
Problem:
Certain Sparc 4c systems have had problems using the tftpboot.img due to PROM bugs causing buffers not to be flushed. This newer tftpboot.img fixes that problem.
Solution:
Updated: 15-Jul-1998
Problem:
Floppy boot images are now available for the SPARC platform. Users who can boot from floppy and are having problems installing via tftpboot or cdrom should get the boot.img and ramdisk.img for installation. To "cut" these items to floppy, one can use dd or the dos rawrite command. From unix, the dd command can be used as follows:
dd if=boot.img of=/dev/fd0 bs=72k
change floppies and label.
dd if=ramdisk.img of=/dev/fd0 bs=72k
Solution:
Updated: 15-Jul-1998
Problem:
Sparc 4c's are not able to install directly from cdrom due to the wrong kernel (4m SMP kernel) being on the cdrom. Red Hat is remastering the CD-ROMs and when they are available will update this page with instructions on how purchasers of Official Red Hat Linux/Sparc Boxed Set will be able to obtain the correct cdrom.
Solution:
Until a fix is available, the following options are available for certain machines:
Updated: 15-Jul-1998
Problem:
Solution:
Updated: 15-Jul-1998
Problem:
fixed the problems users have been reporting about the YP Makefile. It is also linked against gdbm instead of db - gdbm is both faster and more reliable (or at least the yp server linked against gdbm is more reliable)
After upgrading the rpm (rpm -Uvh ypserv-1.3.4-1),
you will need to remake your YP/NIS databases.
(cd /var/yp ; make )
Solution:
Updated: 15-Jul-1998
Problem:
many fixes, including but not limited to: RPC security patches, timezone fixes, environment security fixes, lots of paranoia and exploit-prevention enhancements, fixed threading, resolver code security fixes This should fix the problems people have been having with BRU not working.
Solution:
Updated: 08-Jul-1998
Problem:
The version of man that was shipped with 5.1 had a bug which caused core dumps. This package version fixes that.
Solution:
Updated: 02-Jul-1998
Problem:
Security problems have been found that allow local users to gain root access. All Red Hat users should upgrade.
Solution:
Updated: 02-Jul-1998
Problem:
Various security holes have been found that allow root access. All Red Hat users that use Dosemu, should upgrade.
Solution:
Updated: 30-Jun-1998
Problem:
New boot disk and supplemental disk images have been made based on the 2.0.34 kernel. These images fix both the kickstart mode and the PCI-PCMCIA bridge problems.
Solution:
boot.img
supp.img
To create a disk from either one of these images, use the following commands:
From a DOS command prompt, using the rawrite.exe command located on the CD in the dosutils directory.
rawrite -f boot.img -d a:
rawrite -f supp.img -d a:
If you have access to a Linux/Unix workstation, you can use the dd command instead:
dd if=boot.img of=/dev/fd0 bs=72k
dd if=supp.img of=/dev/fd0 bs=72k
Updated: 30-Jun-1998
Problem:
Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
Solution:
Updated: 30-Jun-1998
Problem:
Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
Solution:
Updated: 30-Jun-1998
Problem:
Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
Solution:
/etc/rc.d/init.d/named start
Updated: 30-Jun-1998
Problem:
More problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
The metamail package has security problems. Thanks to Chris Evans for finding this problem.
Solution:
Updated: 30-Jun-1998
Problem:
More problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
/tmp races have been found in the mailx package. All users of Red Hat Linux should upgrade this package.
Solution:
Updated: 23-Jun-1998
Problem:
Various problems have been found by the Linux Security Auditing Team. All Red Hat users should upgrade.
Solution:
Updated: 11-Jun-1998
Problem:
Security vulnerabilities have been found in the dhcp server. Machines using this daemon should be have their dhcp daemon updated to this new version as soon as possible. After updating the dhcp package, it's important to restart the daemon with:
/etc/rc.d/init.d/dhcp stop; /etc/rc.d/init.d/dhcp start
Thanks to Chris Evans for finding this problem and the fix.
A new version of the ISC dhcp daemon is now available, which fixes many security concerns. Users of Red Hat 5.0 with the package called dhcpd should upgrade to the new release immediately. After upgrading, be sure to restart the dhcp daemon with the following command:
/etc/rc.d/init.d/dhcpd restart
Thanks to Chris Evans for pointing out these problems and to the ISC for the fix.
Solution:
Updated: 10-Jun-1998
Problem:
Solution:
Updated: 10-Jun-1998
Problem:
Solution:
Updated: 10-Jun-1998
Problem:
The giflib shared libraries were incorrectly built, and the sources were buggy.
People who do not develop packages on their machine, use GNOME apps, or apps from places other than the Red Hat CD do NOT need to upgrade, all others need to do so.
Solution:
Updated: 10-Jun-1998
Problem:
Solution:
Updated: 10-Jun-1998
Problem:
Various, minor security problems were found in this package. Thanks to Kevin Vajk and Emmanuel Galanos for helping out with these.
Solution:
Updated: 10-Jun-1998
Problem:
Solution:
Updated: 05-Jun-1998
Problem:
Solution:
rpm -e fstool usercfg cabaret
Updated: 05-Jun-1998
Problem:
Thanks to Mike Shaver for finding this problem.
Solution:
Updated: 05-Jun-1998
Problem:
The dhcpcd package has security problems. Thanks to Chris Evans for finding this problem. After upgrading, you must either reboot your machine or restart the daemon:
/etc/rc.d/init.d/network restart
Solution:
Updated: 01-Jun-1998
Problem:
The bootp package has security problems. Thanks to Chris Evans for finding this problem.
Solution:
Updated: 01-Jun-1998
Problem:
The xosview package was setuid root.
xosview is not available on the alpha.
Solution: