Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections: Developer - High Performance - Infrastructure - IT Management - Security - Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs

Partner Sites
JustLinux.com
Linux Planet
PHPBuilder
Technology Jobs

Top White Papers

  • Implementing a new ERP system can be the answer to your prayers, or your worst nightmare. Stay aware of the pitfalls with this up-to-date white paper....
    Download
  • The number, complexity, and diversity of cyber threats are soaring. Businesses are increasingly concerned about the risks they face and 91% of organizations...
    Download

Current Newswire:

More on LinuxToday

Applications Management Engineer Sr (NYC)
Next Step Systems
US-NY-New York

Justtechjobs.com Post A Job | Post A Resume

Caldera updates bash package

Apr 28, 1999, 10:37 (1 Talkback[s]) 
1. Problem Description

   Commands in directory names may get executed via the prompt string
   

2. Vulnerable Versions

   Systems:     OpenLinux 1.0, 1.1, 1.2, 1.3, 2.2.
   Packages:    previous to bash-1.14.7-10


3. Solutions


   The proper solution is to upgrade to the bash-1.14.7-10 package. 


4. Location of Fixed Packages

   The upgrade packages can be found on Caldera's FTP site at:

   ftp://ftp.calderasystems.com/pub/OpenLinux/updates/2.2/current/RPMS/
   
   The corresponding source code package can be found at:

   ftp://ftp.calderaystems.com/pub/OpenLinux/updates/2.2/current/SRPMS
   

5. Installing Fixed Packages

   Upgrade the affected packages with the following commands:

   rpm -q bash && rpm -i bash-1.14.7-10.i386.rpm


6. Verification

   The MD5 checksums (from the "md5sum" command) for these packages are:
   
   bda0872dcdb51e12ef8ccd10b201936d  README
   06fe5807ce8873b424738078f1dedf3f  RPMS/bash-1.14.7-10.i386.rpm
   46c483b3ecbd0ee3cc6ae1387ab7f12b  SRPMS/bash-1.14.7-10.src.rpm


7. References

   This and other Caldera security resources are located at: