Date: Sun, 21 Jan 2001 18:05:22 +0100
From: Trustix Secure Linux Team tsl@TRUSTIX.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Trustix Security Advisory – glibc
Hi
Trustix is, like many other linux distributions, based on Glibc
2.1.3 and is therefore open to the “preload hole” discussed in
various postings to bugtraq and other lists. This is a local
security hole, and all users of TSL should upgrade their boxes.
MD5sums: 1.2: d69cb9bf4b4e2054eca741b66bea7efe glibc-2.1.3-14tr.i586.rpm 89dc092c40a710f50461565ad77cd73b glibc-devel-2.1.3-14tr.i586.rpm f28b091857fa5819f89a5196d2cd9677 glibc-profile-2.1.3-14tr.i586.rpm 8bbd1a727271cda776377960fd5a5207 nscd-2.1.3-14tr.i586.rpm 1.1: b3f6874ccafde9ed366eb0f1f91134eb glibc-2.1.3-14tr.i586.rpm 3432382c84ec6ec850f8c1867b4a0662 glibc-devel-2.1.3-14tr.i586.rpm a1118708c0420bc80ef62c0a9d10164b glibc-profile-2.1.3-14tr.i586.rpm 5846041d401e3929cbe09119e22c573f nscd-2.1.3-14tr.i586.rpm
1.0: Use the 1.1 packages.
Packages can be downloaded from:
ftp://ftp.trustix.net/pub/Trustix/updates/
http://www.trustix.net/pub/Trustix/updates/
Or from one of our mirrors:
http://www.trustix.net/mirrors.php3
1.2 users who have installed the optional SWUP-package (from
ftp://ftp.trustix.com/pub/Trustix/software/swup/)
can use ‘swup –upgrade’ to automatically download and install the
new packages.
For a full update history of the 1.2 release, see:
ftp://ftp.trustix.com/pub/Trustix/updates/1.2/ChangeLog
Trustix Security Team