[3591] in Release_7.7_team
Re: Athena 9.0.29 security patch release
daemon@ATHENA.MIT.EDU (Christine Moulen)
Thu Nov 14 15:45:30 2002
Message-Id: <5.1.0.14.2.20021114153754.02d2c420@po11.mit.edu>
Date: Thu, 14 Nov 2002 15:42:47 -0500
To: release-team@mit.edu
From: Christine Moulen <orbitee@MIT.EDU>
In-Reply-To: <200211142013.PAA27330@error-messages.mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
My department has a couple of private workstations that are still running
Athena 8.4.
You're not building any patches for versions that old anymore are you? Can
you tell me if those machines would be vulnerable? I don't think we will
be able to update these 2 machines to the current Athena software until
after the end of the term.
Thanks,
Christine
At 03:13 PM 11/14/2002 -0500, you wrote:
>There will be an Athena 9.0 patch release this evening to correct
>recently discovered security holes in BIND. There are no changes
>other than a fixed /etc/athena/named binary.
>
>(Athena 9.1 machines are unaffected by the security holes, since they
>use a newer and unaffected version of BIND, and since they don't
>listen on the network for name service requests.)
>
>If you have a machine set AUTOUPDATE=false, you can update it manually
>after the release goes out by doing a console login as root and
>running "update_ws".
>
>Please send any questions or comments to release-team@mit.edu.
Christine Moulen
Library Systems Manager
MIT Libraries, 14-0330 (New room number!)
617-253-0757, fax 617-253-8894
orbitee@mit.edu