[608] in linux-security and linux-alert archive
[linux-alert] SECURITY FIX: New kbd RPM available on ftp.redhat.com
daemon@ATHENA.MIT.EDU (Marc Ewing)
Thu Feb 8 19:18:19 1996
Resent-From: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
Resent-To: linux-alert@tarsier.cv.nrao.edu
From: Marc Ewing <marc@redhat.com>
To: redhat-announce-list@redhat.com
Cc: alex@bach.cis.temple.edu, Andries.Brouwer@cwi.nl, okir@monad.swb.de,
davem+@andrew.cmu.edu, juphoff@tarsier.cv.nrao.edu
Date: Tue, 06 Feb 1996 15:26:03 -0500
Reply-To: linux-security@tarsier.cv.nrao.edu
[Mod: Apologies for the delays on some of the recent messages: I'm
having minor mail delivery problems here. --Jeff]
-----BEGIN PGP SIGNED MESSAGE-----
Content-Type: text/plain; charset=us-ascii
There is a security hole in the kbd package as shipped with Red Hat Linux
2.0 and 2.1, both Intel and Alpha platforms. The hole allows any user
to gain root privileges. All users should upgrade immediately:
Intel:
rpm -Uvh ftp://ftp.redhat.com/pub/redhat-2.1/i386/updates/RPMS/kbd-0.91-1.i386.
rpm
Alpha:
rpm -Uvh ftp://ftp.redhat.com/pub/redhat-2.1/axp-beta/updates/RPMS/kbd-0.91-1.a
xp.rpm
MD5 sums:
34b5f96e57f4cfcb29c22f4908582086 kbd-0.91-1.i386.rpm
90fff35ba5e9ca003e4cd4d3370be2aa kbd-0.91-1.axp.rpm
- -Marc
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMRe5WkRxU2iCv8ftAQEkmAP/WDrFnHKb/Byyf/7CMJy8pa1a/pN5UcRO
NRT6ISidNv589C20RadnVLv7HKfpjzLsnB1gF6V7EO9JGI1iOzXLVEgyLiOlYi4z
o1hRLHHVqHpVutvvxDkI+QgIO/ICdh+c/dFrWwVPVydQm4TZ44LVomXqX0Qcj81y
qD6LwZYBpHA=
=2/65
-----END PGP SIGNATURE-----
