[7782] in bugtraq
SECURITY: new nfs-server packages available (fwd)
daemon@ATHENA.MIT.EDU (Alan Cox)
Thu Aug 27 22:26:17 1998
Date: Fri, 28 Aug 1998 03:53:07 +0100
Reply-To: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
To: BUGTRAQ@NETSPACE.ORG
Expect similar announces from other Linux vendors to follow this one. The
bug is in code that as far as I can tell in Linux specific portmap code
so this is unlikely to affect non Linux portmappers. I'll post an explanation
once the other vendor announcements are out.
Alan
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Potential security problems have been identified in all versions of
> nfs-server packages shipped with Red Hat Linux.
>
> Users of Red Hat Linux are recommended to upgrade to the new packages
> available under updates directory on our ftp site:
>
>
> * Red Hat Linux 5.1 and 5.0:
> ============================
>
> alpha:
> - ------
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/5.1/alpha/nfs-server-2.2beta29-7.alpha.rpm
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/5.1/alpha/nfs-server-clients-2.2beta29-7.alpha.rpm
>
> i386:
> - -----
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/5.1/i386/nfs-server-2.2beta29-7.i386.rpm
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/5.1/i386/nfs-server-clients-2.2beta29-7.i386.rpm
>
> sparc:
> - ------
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/5.1/sparc/nfs-server-2.2beta29-7.sparc.rpm
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/5.1/sparc/nfs-server-clients-2.2beta29-7.sparc.rpm
>
> Source RPM:
> - -----------
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/5.1/SRPMS/nfs-server-2.2beta29-7.src.rpm
>
>
> * Red Hat Linux 4.2:
> ====================
>
> alpha:
> - ------
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/4.2/alpha/nfs-server-2.2beta16-9.alpha.rpm
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/4.2/alpha/nfs-server-clients-2.2beta16-9.alpha.rpm
>
> i386:
> - -----
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/4.2/i386/nfs-server-2.2beta16-9.i386.rpm
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/4.2/i386/nfs-server-clients-2.2beta16-9.i386.rpm
>
> sparc:
> - ------
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/4.2/sparc/nfs-server-2.2beta16-9.sparc.rpm
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/4.2/sparc/nfs-server-clients-2.2beta16-9.sparc.rpm
>
> Source RPM:
> - -----------
> rpm -Uvh \
> ftp://ftp.redhat.com/pub/redhat/updates/4.2/SRPMS/nfs-server-2.2beta16-9.src.rpm
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
>
> iQCVAwUBNeYMBPGvxKXU9NkBAQEBrAP9EdR+axrR0AIO2NleNuSw/2WF/4two4lg
> RKwwQekrlTU0FjxOqmzhkuwyVHflWWu39wybto12y9XFIyptLJFdFvzwBiPczI5V
> f88L+acQcaAZtZmIARMMsOFCyGMmXoTNULFIkmtVlmIxcsIT3/heJtGC1WTYboE9
> 00fnNdehNFQ=
> =Spdn
> -----END PGP SIGNATURE-----
>
> Cristian
> --
> ----------------------------------------------------------------------
> Cristian Gafton -- gafton@redhat.com -- Red Hat Software, Inc.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> UNIX is user friendly. It's just selective about who its friends are.
