Date: Tue, 4 Jan 2000 23:57:30 -0700 (MST)
From: Dan Burcaw dburcaw@terraplex.com
To: yellowdog-security@lists.yellowdoglinux.com
The Yellow Dog Linux Security Team has released updated packages
for usermode and pam which fix recently discovered security
bugs.
Packages: usermode, pam
Date: January 04, 2000
Problem:
A security bug was found in userhelper (part of the usermode
package). This bug can be exploited to provide local users with
root access.
A newer version of SysVinit is required to install this
update.
Also, pam-0.68-10 is available which fixes a similar security
bug.
Urgency: HIGH
Solution: rpm -Uvh
ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.1/RPMS/SysVinit-2.77-2.ppc.rpm
ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.1/RPMS/usermode-1.16-1.ppc.rpm
ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.1/RPMS/pam-0.68-10.ppc.rpm
All Yellow Dog Linux users are advised to upgrade to these news
packages.
Here are the md5 checksums of the update packages, please verify
these before installing the new packages by running: md5sum
199f36daa1e44fcb2a86163d719cce19
RPMS/SysVinit-2.77-2.ppc.rpm
f9e404623f76af77e22986f01d39108a RPMS/usermode-1.16-1.ppc.rpm
1dc6769f1585de74b4f147543f4b9aed RPMS/pam-0.68-10.ppc.rpm
Regards,
Yellow Dog Linux Security Team
Terra Soft Solutions, Inc.
security@yellowdoglinux.com