Published:
26 October 1997
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-97.132 -- Red Hat Linux Bulletin groff, rhs-printfilters, tetex, metamail fixes 27 October 1997 =========================================================================== Red Hat Software, Inc. has released the following advisory concerning numerous security holes in several programs. The following security bulletin is provided as a service to AUSCERT's members. As AUSCERT did not write this document, AUSCERT has had no control over its content. As such, the decision to use any or all of this information is the responsibility of each user or organisation, and should be done so in accordance with site policies and procedures. Contact information for Red Hat Software is included in the Security Bulletin below. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/information/advisories.html If you believe that your system has been compromised, contact AUSCERT or your representative in FIRST (Forum of Incident Response and Security Teams). Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 4477 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AUSCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for emergencies. - --------------------------BEGIN INCLUDED TEXT-------------------- Date: Fri, 24 Oct 1997 10:38:16 -0400 (EDT) From: Erik Troan <ewt@redhat.com> To: redhat-announce-list@redhat.com Subject: SECURITY: groff, rhs-printfilters, tetex, metamail fixes - -----BEGIN PGP SIGNED MESSAGE----- Numerous security holes have recentely been fixed. Only one of these is at all serious, most are minor problems with possible /tmp exploits. These fixes apply to all users of Red Hat 4.x releases. Similiar fixes for the Thunderbird and Mustang beta glibc releases will show up in the devel tree on ftp.redhat.com overnight. Note that many of these fixes now require the mktemp package, which is also available as an update for Red Hat 4.2. Erik i386 - - ---- rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/groff-1.10-8.1.i386.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/metamail-2.7-7.1.i386.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/mktemp-0.9-1.i386.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/rhs-printfilters-1.41.1-1.i386.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/tetex-dvips-0.4pl8-5.1.i386.rpm SPARC - - ----- rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/groff-1.10-8.1.sparc.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/mktemp-0.9-1.sparc.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/rhs-printfilters-1.41.1-1.sparc.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/tetex-dvips-0.4pl8-5.1.sparc.rpm Alpha - - ----- rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/groff-1.10-8.1.alpha.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/metamail-2.7-7.1.alpha.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/mktemp-0.9-1.alpha.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/rhs-printfilters-1.41.1-1.alpha.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/tetex-dvips-0.4pl8-5.1.alpha.rpm - -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNFCy3qUg6PHLopv5AQH51gP9G/quEqhwX275oBtw/C7U+gFHiBTYJVHj lMY4Vg9WsDyZBOhKxONAQkjPwu8wzXcK2/xrV7a1tTBc2JE275HhGZ3j/PQlkYQ8 2j1/6KaSss/Be8jlCDf3SK4GlQ549yG8I6jC9smsWehCNm8bIEWKY+VWGRrVqqWl fefwebS23uk= =UOeD - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key iQCVAwUBNFR3BSh9+71yA2DNAQExqAP/YA/iAR5QOZ6gOnmrq2Kjtj+GMnSlk5bD 8R0eGA6l/3yU9iWljXGLrUMU6hp+g02DNw/sBLfAAxKtlKuLjoU6wgFkLi02vkRD hGkgSYXrtaL85p6O10qyaZfr/liC4AV+vyyazgfvWAEJI1Xi3tNIblxrKYo78ts5 vbY0t0sA86o= =oFjl -----END PGP SIGNATURE-----