Date: Mon, 29 Jan 2001 15:12:23 +0100
From: Trustix Secure Linux Team tsl@TRUSTIX.COM
Subject: Trustix Security Advisory - bind, openldap
Trustix today released security updates for the following
Trustix specific: no
Distribution versions: All
A remote hole in bind allows for the environment of the server
process to be leaked to an attacker.
Trustix specific: yes
Distribution versions: 1.2 from jan. 19. 2000
A silly bug in the rpm spec file for openldap makes the server run
by default, which violates Trustix' standard of no running services
by default. Note that there are no known remote security holes in
openldap as shipped by Trustix.
People who have this version of openldap installed on their
systems without intentions of using it should run this set of
# chkconfig ldap off
# service ldap stop
1.2 users who have installed the optional SWUP-package (from
ftp://ftp.trustix.com/pub/Trustix/software/swup/) can use ftp://ftp.trustix.com/pub/Trustix/software/swup/)
can use 'swup --upgrade' to automatically download and install the
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.