Caldera updates COAS package
Apr 28, 1999, 10:37 (0 Talkback[s])
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
1. Problem Description
/etc/shadow may get world readable
2. Vulnerable Versions
Systems: OpenLinux 2.2.
Packages: previous to coas-1.0-8
The proper solution is to upgrade to the coas-1.0-8 package.
If /etc/shadow is world-readable, this is fixed with
chmod 600 /etc/shadow
4. Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
The corresponding source code package can be found at:
5. Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -q coas && rpm -U coas-1.0-8.i386.rpm
The MD5 checksums (from the "md5sum" command) for these packages are:
This and other Caldera security resources are located at:
Additional documentation on this problem can be found in:
This security fix closes Caldera's internal Problem Report 4544.
Caldera Systems, Inc. is not responsible for the misuse of any of the
information we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended to
promote secure installation and use of Caldera OpenLinux.