Published:
26 October 1997
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-97.132 -- Red Hat Linux Bulletin
groff, rhs-printfilters, tetex, metamail fixes
27 October 1997
===========================================================================
Red Hat Software, Inc. has released the following advisory concerning
numerous security holes in several programs.
The following security bulletin is provided as a service to AUSCERT's
members. As AUSCERT did not write this document, AUSCERT has had no
control over its content. As such, the decision to use any or all of this
information is the responsibility of each user or organisation, and should
be done so in accordance with site policies and procedures.
Contact information for Red Hat Software is included in the Security
Bulletin below. If you have any questions or need further information,
please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/information/advisories.html
If you believe that your system has been compromised, contact AUSCERT or your
representative in FIRST (Forum of Incident Response and Security Teams).
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 4477
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AUSCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for emergencies.
- --------------------------BEGIN INCLUDED TEXT--------------------
Date: Fri, 24 Oct 1997 10:38:16 -0400 (EDT)
From: Erik Troan <ewt@redhat.com>
To: redhat-announce-list@redhat.com
Subject: SECURITY: groff, rhs-printfilters, tetex, metamail fixes
- -----BEGIN PGP SIGNED MESSAGE-----
Numerous security holes have recentely been fixed. Only one of these
is at all serious, most are minor problems with possible /tmp exploits.
These fixes apply to all users of Red Hat 4.x releases. Similiar fixes
for the Thunderbird and Mustang beta glibc releases will show up in
the devel tree on ftp.redhat.com overnight.
Note that many of these fixes now require the mktemp package, which is
also available as an update for Red Hat 4.2.
Erik
i386
- - ----
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/groff-1.10-8.1.i386.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/metamail-2.7-7.1.i386.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/mktemp-0.9-1.i386.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/rhs-printfilters-1.41.1-1.i386.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/tetex-dvips-0.4pl8-5.1.i386.rpm
SPARC
- - -----
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/groff-1.10-8.1.sparc.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/mktemp-0.9-1.sparc.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/rhs-printfilters-1.41.1-1.sparc.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/tetex-dvips-0.4pl8-5.1.sparc.rpm
Alpha
- - -----
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/groff-1.10-8.1.alpha.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/metamail-2.7-7.1.alpha.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/mktemp-0.9-1.alpha.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/rhs-printfilters-1.41.1-1.alpha.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/tetex-dvips-0.4pl8-5.1.alpha.rpm
- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNFCy3qUg6PHLopv5AQH51gP9G/quEqhwX275oBtw/C7U+gFHiBTYJVHj
lMY4Vg9WsDyZBOhKxONAQkjPwu8wzXcK2/xrV7a1tTBc2JE275HhGZ3j/PQlkYQ8
2j1/6KaSss/Be8jlCDf3SK4GlQ549yG8I6jC9smsWehCNm8bIEWKY+VWGRrVqqWl
fefwebS23uk=
=UOeD
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key
iQCVAwUBNFR3BSh9+71yA2DNAQExqAP/YA/iAR5QOZ6gOnmrq2Kjtj+GMnSlk5bD
8R0eGA6l/3yU9iWljXGLrUMU6hp+g02DNw/sBLfAAxKtlKuLjoU6wgFkLi02vkRD
hGkgSYXrtaL85p6O10qyaZfr/liC4AV+vyyazgfvWAEJI1Xi3tNIblxrKYo78ts5
vbY0t0sA86o=
=oFjl
-----END PGP SIGNATURE-----