[1864] in Release_7.7_team
Athena 8.2.20 patch release *SHORT NOTICE*
daemon@ATHENA.MIT.EDU (Jonathon Weiss)
Wed Jul 14 14:26:35 1999
Message-Id: <199907141826.OAA26867@speaker-for-the-dead.mit.edu>
From: Jonathon Weiss <jweiss@MIT.EDU>
To: release-announce@MIT.EDU
Date: Wed, 14 Jul 1999 14:26:09 -0400
After carefully considering the issues, the Athena Release Team has
decided that the risk that someone will try to exploit is great enough
for us to push out this patch release more quickly than our normal
procedure would allow.
Athena 8.2.20 will be released tonight (for Solaris only).
------- Forwarded Message
From: Jonathon Weiss <jweiss@MIT.EDU>
To: release-announce@MIT.EDU
Subject: Athena 8.2.20 patch release *SHORT NOTICE*
Date: Wed, 14 Jul 1999 05:27:21 EDT
Sender: jweiss@MIT.EDU
Sometime soon, possibly as soon as, Wednesday night 7/14/1999
(tonight) the Athena patch release 8.2.20 will be deployed for Solaris
(8.2.20 will not exist for IRIX). Mail will be sent this afternoon
with a definate time for the patch release. This release only
introduces one change:
* The cmsd service will be turned off in /etc/inet/inetd.conf.
The reason for this release and the reason that it is being put out
with short notice is that a remotely accessable root exploit has been
discovered in the cmsd service. This bug does not does not exist in
IRIX which is why there is no 8.2.20 release for the SGIs.
If you are not prepared to take this patch release when it is
released, it is strongly suggested that you comment out the cmsd
service by hand. If you take the 8.2.20 release, the following is
unnecessary. To do this:
1) as root edit /etc/inet/inetd.conf, and find the following line:
100068/2-4 dgram rpc/udp wait root /usr/openwin/bin/rpc.cmsd rpc.cmsd
and add a '#' at the beginning of it, yielding:
#100068/2-4 dgram rpc/udp wait root /usr/openwin/bin/rpc.cmsd rpc.cmsd
and save the file
2) sent the native solaris inetd (athena machines also run an athena
inetd) a HUP signal. One possible command (as root) that will do this is:
ps -ef |grep /usr/sbin/inetd |grep -v grep |awk '{print $2}' |xargs kill -HUP
Questions and comments should go to release-team@mit.edu.
------- End of Forwarded Message
