______________________________________________________________________
Mandrake Linux Update Advisory
______________________________________________________________________
Package name: devfsd
Advisory ID: MDKA-2003:007
Date: May 1st, 2003
Affected versions: 9.1
______________________________________________________________________
Problem Description:
A problem in devfsd as released with Mandrake Linux 9.1 allowed users
to mount filesystems from rd raid disks, but prevented them from
regenerating the LILO mbr. Devfsd provides compatibility links on
the devfs filesystem for new device names, and for /dev/rd/* devices,
it provided partition links and whole disk links. The latter were
broken, but not the former. Because of this, mounting would work
because the filesystem links were correct, but running lilo would fail
because the disk links were broken.
This new devfsd corrects the problem, however users will have to
manually remove the broken links otherwise devfsd will "remember"
the old, broken links. To do this, execute, as root:
rm -rf /lib/dev-state/rd
This update also fixes /dev/hd not appearing for root on the first
login, and also a minilogd/initlog deadlock that sometimes appears
during the bootstrap. The /dev/log entry is created by the log
daemon, but devfsd may restore it on bootup making minilogd believe
that the log daemon is up and running when in fact it is not.
Updated initscripts packages also help with the minilogd/initlog
deadlock issue.
______________________________________________________________________
References:
______________________________________________________________________
Updated Packages:
Mandrake Linux 9.1:
10aca835637aed13732625dd82270221 9.1/RPMS/devfsd-1.3.25-27.1mdk.i586.rpm
f5f446311413d3fca308514c5a1ad5f8 9.1/RPMS/initscripts-7.06-12.1mdk.i586.rpm
f227d69f2493200d12ccee3d0738dae9 9.1/SRPMS/devfsd-1.3.25-27.1mdk.src.rpm
90f61964ae72b08870cb1bc530d87522 9.1/SRPMS/initscripts-7.06-12.1mdk.src.rpm
Mandrake Linux 9.1/PPC:
4da9a69fcf7cd4540e39dcf8eb0703d5 ppc/9.1/RPMS/devfsd-1.3.25-27.1mdk.ppc.rpm
b21ee7f5f5b033563178e371176c8797 ppc/9.1/RPMS/initscripts-7.06-12.1mdk.ppc.rpm
f227d69f2493200d12ccee3d0738dae9 ppc/9.1/SRPMS/devfsd-1.3.25-27.1mdk.src.rpm
90f61964ae72b08870cb1bc530d87522 ppc/9.1/SRPMS/initscripts-7.06-12.1mdk.src.rpm
______________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
______________________________________________________________________
To upgrade automatically, use MandrakeUpdate. The verification of md5
checksums and GPG signatures is performed automatically for you.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm". A list of
FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig <filename>
All packages are signed by MandrakeSoft for security. You can obtain
the GPG public key of the Mandrake Linux Security Team from:
https://www.mandrakesecure.net/RPM-GPG-KEYS
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other update advisories for Mandrake Linux at:
http://www.mandrakesecure.net/en/advisories/
MandrakeSoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
______________________________________________________________________
Mandrake Linux Update Advisory
______________________________________________________________________
Package name: drakxtools
Advisory ID: MDKA-2003:008
Date: May 1st, 2003
Affected versions: 9.1
______________________________________________________________________
Problem Description:
More bugs have been found in the drakxtools package for Mandrake Linux
9.1. With the release of the ldetect update (MDKA-2003:004), harddrake
needed to be rebuilt due to the changes.
As well, if one cancelled the installation of required packages for
display managers, drakxtools now returns to the display manager menu.
The DrakSec logic during the installation of Mandrake Linux is to hide
the very low and paranoid security levels to prevent a user from making
his system completely insecure or unuseable, however this same logic is
not required for the installed system. Now DrakSec makes these levels
available, post-install.
______________________________________________________________________
References:
______________________________________________________________________
Updated Packages:
Mandrake Linux 9.1:
48df6096f427529922d6e5e78c53ee31 9.1/RPMS/drakxtools-9.1-31.2mdk.i586.rpm
518e5c312950b0b720f40da5af8d3396 9.1/RPMS/drakxtools-http-9.1-31.2mdk.i586.rpm
7bf51eca0822f47a39f6c6812f790e17 9.1/RPMS/drakxtools-newt-9.1-31.2mdk.i586.rpm
1f15c5f0e249f052ead034108a7917a1 9.1/RPMS/harddrake-9.1-31.2mdk.i586.rpm
66606b62f07647531e40af32b7a513aa 9.1/RPMS/harddrake-ui-9.1-31.2mdk.i586.rpm
867325d6536d7c071410de73475efcdd 9.1/SRPMS/drakxtools-9.1-31.2mdk.src.rpm
Mandrake Linux 9.1/PPC:
2b088789baf5b74e8603060583956fa7 ppc/9.1/RPMS/drakxtools-9.1-31.2mdk.ppc.rpm
bd2a1e5e54c2917179d7044d16285dbd ppc/9.1/RPMS/drakxtools-http-9.1-31.2mdk.ppc.rpm
91441b305235adb4fd30a231eee4e067 ppc/9.1/RPMS/drakxtools-newt-9.1-31.2mdk.ppc.rpm
aa19517c5a79bc7ea61e5fb2c7c7ea8f ppc/9.1/RPMS/harddrake-9.1-31.2mdk.ppc.rpm
2204cfe217e47843c52c52d30a5580a5 ppc/9.1/RPMS/harddrake-ui-9.1-31.2mdk.ppc.rpm
867325d6536d7c071410de73475efcdd ppc/9.1/SRPMS/drakxtools-9.1-31.2mdk.src.rpm
______________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
3701 -
______________________________________________________________________
To upgrade automatically, use MandrakeUpdate. The verification of md5
checksums and GPG signatures is performed automatically for you.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm". A list of
FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig <filename>
All packages are signed by MandrakeSoft for security. You can obtain
the GPG public key of the Mandrake Linux Security Team from:
https://www.mandrakesecure.net/RPM-GPG-KEYS
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other update advisories for Mandrake Linux at:
http://www.mandrakesecure.net/en/advisories/
MandrakeSoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
______________________________________________________________________
Mandrake Linux Update Advisory
______________________________________________________________________
Package name: openldap
Advisory ID: MDKA-2003:009
Date: May 1st, 2003
Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
The OpenLDAP packages in Mandrake Linux 9.1 did not properly
migrate data from previous versions. This update provides a fix
that corrects this issue.
The updated packages also correct a problem that has been persistent
in Mandrake Linux for some time. Previously, attempting to use
OpenLDAP for authentication would result in strange system behaviour
because OpenLDAP was using a MD5 hash internally that was incompatible
with the system crypt(3) MD5 hash. This would result in authentication
working with nss_ldap, but not with pam_ldap. If one used ldappasswd
to change a password, authentication would work with pam_ldap but not
nss_ldap. The OpenLDAP packages have been updated to use the crypt(3)
MD5 hash at all times.
As well, if OpenLDAP was used for authentication on Mandrake Linux 9.1,
sshd would segfault when attempting to login as an LDAP user. The
new pam_ldap and nss_ldap packages correct this problem.
WARNING: Users who are currently using pam_ldap with OpenLDAP, and who
have used ldappasswd to change user passwords may have the MD5 hash
that is not compatible with crypt(3) used to store the userPassword.
If this is the case, updating to these packages may require you to, as
root, change the password for each user with a now incompatible
password.
______________________________________________________________________
References:
______________________________________________________________________
Updated Packages:
Corporate Server 2.1:
228062e8f7c51897b28eaeb64f05eb6a corporate/2.1/RPMS/libldap2-2.0.25-7.2mdk.i586.rpm
d38b4c1cb2232ef5e00673ccaacbc0ef corporate/2.1/RPMS/libldap2-devel-2.0.25-7.2mdk.i586.rpm
959b4cee440aa432f4609fe2a6e94833 corporate/2.1/RPMS/libldap2-devel-static-2.0.25-7.2mdk.i586.rpm
2a4debaa1a3bc1c1b7e758331c36e1c2 corporate/2.1/RPMS/openldap-2.0.25-7.2mdk.i586.rpm
4e4bf480f21493f5fa62e1a8d520cbf0 corporate/2.1/RPMS/openldap-back_dnssrv-2.0.25-7.2mdk.i586.rpm
78d24da1251dc2560c4aec810866c17f corporate/2.1/RPMS/openldap-back_ldap-2.0.25-7.2mdk.i586.rpm
d392d2b1350967efa98c02a1a3b232ce corporate/2.1/RPMS/openldap-back_passwd-2.0.25-7.2mdk.i586.rpm
5e747e02a1105d3816155348a387f222 corporate/2.1/RPMS/openldap-back_sql-2.0.25-7.2mdk.i586.rpm
8d55caae1ce7aa03b9c1df62deec5a9d corporate/2.1/RPMS/openldap-clients-2.0.25-7.2mdk.i586.rpm
5d845d76ee6bbd3a0516b7263be299d4 corporate/2.1/RPMS/openldap-guide-2.0.25-7.2mdk.i586.rpm
20cccb296beb5b57286e2f52f04388f3 corporate/2.1/RPMS/openldap-migration-2.0.25-7.2mdk.i586.rpm
a8c118bb205d7ddf54bb5b424f50fdae corporate/2.1/RPMS/openldap-servers-2.0.25-7.2mdk.i586.rpm
00adf85f89898912f3f892bd740808c3 corporate/2.1/SRPMS/openldap-2.0.25-7.2mdk.src.rpm
Mandrake Linux 8.2:
81152a500eba55ac00a6bbade73e8eed 8.2/RPMS/libldap2-2.0.21-4.2mdk.i586.rpm
3d5f6b84cb1fc5c968f1446b5fac03c2 8.2/RPMS/libldap2-devel-2.0.21-4.2mdk.i586.rpm
699e296d6e096e2577f54c20e2b40a0a 8.2/RPMS/libldap2-devel-static-2.0.21-4.2mdk.i586.rpm
b89bfacb5aec5cbe21be0b100c8ae4db 8.2/RPMS/openldap-2.0.21-4.2mdk.i586.rpm
bb2c2e5abdc55cedc9039d8093c4abc8 8.2/RPMS/openldap-back_dnssrv-2.0.21-4.2mdk.i586.rpm
6e62517341700b30ba7cd22ab9e441ce 8.2/RPMS/openldap-back_ldap-2.0.21-4.2mdk.i586.rpm
8d99170673fd6091132c40e57a9d4d2e 8.2/RPMS/openldap-back_passwd-2.0.21-4.2mdk.i586.rpm
437e79c044f9ca9100115e07688a6c8a 8.2/RPMS/openldap-back_sql-2.0.21-4.2mdk.i586.rpm
c13459596a37f2db4f88a1768beb19ac 8.2/RPMS/openldap-clients-2.0.21-4.2mdk.i586.rpm
d50672996002d3934cf3d9a646f12cf0 8.2/RPMS/openldap-guide-2.0.21-4.2mdk.i586.rpm
84bafab30b6fce090855b8f1f4d38dd9 8.2/RPMS/openldap-migration-2.0.21-4.2mdk.i586.rpm
dc09fbe20346172136b8db79aae92723 8.2/RPMS/openldap-servers-2.0.21-4.2mdk.i586.rpm
b36e43857a114a79c46312d19b1f78b0 8.2/SRPMS/openldap-2.0.21-4.2mdk.src.rpm
Mandrake Linux 8.2/PPC:
8d1f3829ff437eb7dc578e04b3121fa7 ppc/8.2/RPMS/libldap2-2.0.21-4.2mdk.ppc.rpm
b47b3498f787ece9a6794d000cdbc334 ppc/8.2/RPMS/libldap2-devel-2.0.21-4.2mdk.ppc.rpm
30046c2c0293dfe6b29da0c1348b08e6 ppc/8.2/RPMS/libldap2-devel-static-2.0.21-4.2mdk.ppc.rpm
5a39af47c4e8305b942a7b8645157b13 ppc/8.2/RPMS/openldap-2.0.21-4.2mdk.ppc.rpm
75c7e21bf9955677f21e87103c8b23f9 ppc/8.2/RPMS/openldap-back_dnssrv-2.0.21-4.2mdk.ppc.rpm
2caf422c849325fa6225980a131b314b ppc/8.2/RPMS/openldap-back_ldap-2.0.21-4.2mdk.ppc.rpm
85d53c254e8f2bf292b2eb6f5e2658a4 ppc/8.2/RPMS/openldap-back_passwd-2.0.21-4.2mdk.ppc.rpm
063ff5de0735751e1ce28304eba9d787 ppc/8.2/RPMS/openldap-back_sql-2.0.21-4.2mdk.ppc.rpm
2f3394214ac49796ab55ab18924213b9 ppc/8.2/RPMS/openldap-clients-2.0.21-4.2mdk.ppc.rpm
b72e626a45ee45e483521ec4eecd568d ppc/8.2/RPMS/openldap-guide-2.0.21-4.2mdk.ppc.rpm
5c6965074fb258f70c449ed3efb780cd ppc/8.2/RPMS/openldap-migration-2.0.21-4.2mdk.ppc.rpm
addad7f22155332a1b4bc11e0af70bcb ppc/8.2/RPMS/openldap-servers-2.0.21-4.2mdk.ppc.rpm
b36e43857a114a79c46312d19b1f78b0 ppc/8.2/SRPMS/openldap-2.0.21-4.2mdk.src.rpm
Mandrake Linux 9.0:
228062e8f7c51897b28eaeb64f05eb6a 9.0/RPMS/libldap2-2.0.25-7.2mdk.i586.rpm
d38b4c1cb2232ef5e00673ccaacbc0ef 9.0/RPMS/libldap2-devel-2.0.25-7.2mdk.i586.rpm
959b4cee440aa432f4609fe2a6e94833 9.0/RPMS/libldap2-devel-static-2.0.25-7.2mdk.i586.rpm
2a4debaa1a3bc1c1b7e758331c36e1c2 9.0/RPMS/openldap-2.0.25-7.2mdk.i586.rpm
4e4bf480f21493f5fa62e1a8d520cbf0 9.0/RPMS/openldap-back_dnssrv-2.0.25-7.2mdk.i586.rpm
78d24da1251dc2560c4aec810866c17f 9.0/RPMS/openldap-back_ldap-2.0.25-7.2mdk.i586.rpm
d392d2b1350967efa98c02a1a3b232ce 9.0/RPMS/openldap-back_passwd-2.0.25-7.2mdk.i586.rpm
5e747e02a1105d3816155348a387f222 9.0/RPMS/openldap-back_sql-2.0.25-7.2mdk.i586.rpm
8d55caae1ce7aa03b9c1df62deec5a9d 9.0/RPMS/openldap-clients-2.0.25-7.2mdk.i586.rpm
5d845d76ee6bbd3a0516b7263be299d4 9.0/RPMS/openldap-guide-2.0.25-7.2mdk.i586.rpm
20cccb296beb5b57286e2f52f04388f3 9.0/RPMS/openldap-migration-2.0.25-7.2mdk.i586.rpm
a8c118bb205d7ddf54bb5b424f50fdae 9.0/RPMS/openldap-servers-2.0.25-7.2mdk.i586.rpm
00adf85f89898912f3f892bd740808c3 9.0/SRPMS/openldap-2.0.25-7.2mdk.src.rpm
Mandrake Linux 9.1:
881f08c3c26a7007cf53df5f3493e0c2 9.1/RPMS/libldap2-2.0.27-5.3mdk.i586.rpm
8778e8c43c57c217eac05ae52457634c 9.1/RPMS/libldap2-devel-2.0.27-5.3mdk.i586.rpm
38ed2b492286e3b9931907d5447c10d4 9.1/RPMS/libldap2-devel-static-2.0.27-5.3mdk.i586.rpm
a503690c93eeaafdeb85c74459031e78 9.1/RPMS/nss_ldap-204-1.1mdk.i586.rpm
9ddbdc978bc53cc4f47329066340c997 9.1/RPMS/openldap-2.0.27-5.3mdk.i586.rpm
e93d209e416d98921fba0d194efd351d 9.1/RPMS/openldap-back_dnssrv-2.0.27-5.3mdk.i586.rpm
37a9e9f02ed5b7d2d77b20523d18f15b 9.1/RPMS/openldap-back_ldap-2.0.27-5.3mdk.i586.rpm
fbcf0db8fd69f74934175e310f2cda81 9.1/RPMS/openldap-back_passwd-2.0.27-5.3mdk.i586.rpm
7ce7fa324d32730f483919456763120a 9.1/RPMS/openldap-back_sql-2.0.27-5.3mdk.i586.rpm
42e1621795dd0275dfce2cd3a2b26210 9.1/RPMS/openldap-clients-2.0.27-5.3mdk.i586.rpm
5f5b67698144010868de879f1953577b 9.1/RPMS/openldap-guide-2.0.27-5.3mdk.i586.rpm
f134c9ddad9682206413a87877f6681e 9.1/RPMS/openldap-migration-2.0.27-5.3mdk.i586.rpm
f594ce9f9a2e14d52ad582f30b26cb38 9.1/RPMS/openldap-servers-2.0.27-5.3mdk.i586.rpm
215808a6f3f2039a7b66996c098682db 9.1/RPMS/pam_ldap-161-1.1mdk.i586.rpm
d721a84c3f699bd52156a40825113386 9.1/SRPMS/nss_ldap-204-1.1mdk.src.rpm
f25a960ab5dacf247dcb09974db6dba6 9.1/SRPMS/openldap-2.0.27-5.3mdk.src.rpm
Mandrake Linux 9.1/PPC:
fdf3b03329e6ef324203bc26f445f29f ppc/9.1/RPMS/libldap2-2.0.27-5.3mdk.ppc.rpm
672b0827760098e441d4cc1a473e88bd ppc/9.1/RPMS/libldap2-devel-2.0.27-5.3mdk.ppc.rpm
0cbe6bbc86b40666d778fe4806d10d75 ppc/9.1/RPMS/libldap2-devel-static-2.0.27-5.3mdk.ppc.rpm
4bd40abc6bfd515c20a86cd14690ec03 ppc/9.1/RPMS/nss_ldap-204-1.1mdk.ppc.rpm
b01f7a882e3671e00998a9ace2266a21 ppc/9.1/RPMS/openldap-2.0.27-5.3mdk.ppc.rpm
803a4f82739f14fcc0ba8cac6535c81a ppc/9.1/RPMS/openldap-back_dnssrv-2.0.27-5.3mdk.ppc.rpm
82901bfc19b5d5b72ec122451df14ad9 ppc/9.1/RPMS/openldap-back_ldap-2.0.27-5.3mdk.ppc.rpm
fffac70593b316b52fb7bd5c06e751cf ppc/9.1/RPMS/openldap-back_passwd-2.0.27-5.3mdk.ppc.rpm
eb1682c1cdbb1299f35bd94905d66f1f ppc/9.1/RPMS/openldap-back_sql-2.0.27-5.3mdk.ppc.rpm
a4da26feb72ab155fc97c650233d9d25 ppc/9.1/RPMS/openldap-clients-2.0.27-5.3mdk.ppc.rpm
d4681c4aae54b2f5334734f5f9a58cf4 ppc/9.1/RPMS/openldap-guide-2.0.27-5.3mdk.ppc.rpm
95df74cec38deea5eeb7f5a275b24099 ppc/9.1/RPMS/openldap-migration-2.0.27-5.3mdk.ppc.rpm
55edbff6830379c4364dda37892e5ffc ppc/9.1/RPMS/openldap-servers-2.0.27-5.3mdk.ppc.rpm
600f30573d85b798545c5592c19c62c2 ppc/9.1/RPMS/pam_ldap-161-1.1mdk.ppc.rpm
d721a84c3f699bd52156a40825113386 ppc/9.1/SRPMS/nss_ldap-204-1.1mdk.src.rpm
f25a960ab5dacf247dcb09974db6dba6 ppc/9.1/SRPMS/openldap-2.0.27-5.3mdk.src.rpm
Multi Network Firewall 8.2:
81152a500eba55ac00a6bbade73e8eed mnf8.2/RPMS/libldap2-2.0.21-4.2mdk.i586.rpm
b36e43857a114a79c46312d19b1f78b0 mnf8.2/SRPMS/openldap-2.0.21-4.2mdk.src.rpm
______________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
______________________________________________________________________
To upgrade automatically, use MandrakeUpdate. The verification of md5
checksums and GPG signatures is performed automatically for you.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm". A list of
FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig <filename>
All packages are signed by MandrakeSoft for security. You can obtain
the GPG public key of the Mandrake Linux Security Team from:
https://www.mandrakesecure.net/RPM-GPG-KEYS
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other update advisories for Mandrake Linux at:
http://www.mandrakesecure.net/en/advisories/
MandrakeSoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
Mandrake Linux Advisories: devfsd, drakxtools, openldap
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis