---

Yellow Dog Security Advisory: usermode, pam

Date: Tue, 4 Jan 2000 23:57:30 -0700 (MST)
From: Dan Burcaw [email protected]
To: [email protected]

The Yellow Dog Linux Security Team has released updated packages
for usermode and pam which fix recently discovered security
bugs.

Packages: usermode, pam

Date: January 04, 2000

Problem:
A security bug was found in userhelper (part of the usermode
package). This bug can be exploited to provide local users with
root access.

A newer version of SysVinit is required to install this
update.

Also, pam-0.68-10 is available which fixes a similar security
bug.

Urgency: HIGH

Solution: rpm -Uvh

ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.1/RPMS/SysVinit-2.77-2.ppc.rpm


ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.1/RPMS/usermode-1.16-1.ppc.rpm


ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.1/RPMS/pam-0.68-10.ppc.rpm

All Yellow Dog Linux users are advised to upgrade to these news
packages.

Here are the md5 checksums of the update packages, please verify
these before installing the new packages by running: md5sum

199f36daa1e44fcb2a86163d719cce19
RPMS/SysVinit-2.77-2.ppc.rpm
f9e404623f76af77e22986f01d39108a RPMS/usermode-1.16-1.ppc.rpm
1dc6769f1585de74b4f147543f4b9aed RPMS/pam-0.68-10.ppc.rpm

Regards,
Yellow Dog Linux Security Team
Terra Soft Solutions, Inc.
[email protected]