Stage 1: Opening the RPM (Redhat Package Manager) Database RPM database is successfully opened! Stage 2: Getting information from this machine Your are running Linux Mandrake version 7.2 and update machine type is updatesi586 Stage 3: Reading downloaded files in directory /var/cache/grpmi... gnome-linuxconf-0.33-3mdk.i586.rpm ed-0.2-21.1mdk.i586.rpm mgetty-voice-1.1.24-1.1mdk.i586.rpm cfengine-1.5.4-5mdk.i586.rpm getty_ps-2.0.7j-14.1mdk.i586.rpm AfterStep-1.8.8-1mdk.i586.rpm jadetex-2.20-5mdk.noarch.rpm gnome-vfs-devel-0.3.1-7mdk.i586.rpm qt2-2.2.1-3mdk.i586.rpm chkfontpath-1.7-4mdk.i586.rpm proftpd-1.2.0rc3-1.1mdk.i586.rpm kde-i18n-British-2.0-1mdk.i586.rpm dhcp-client-3.0b2pl9-3mdk.i586.rpm gimp-devel-1.1.25-13mdk.i586.rpm vixie-cron-3.0.1-46.1mdk.i586.rpm pine-4.30-3.1mdk.i586.rpm gimp-libgimp-1.1.25-13mdk.i586.rpm rdist-6.1.5-17.1mdk.i586.rpm mgetty-1.1.24-1.1mdk.i586.rpm qt2-doc-2.2.1-3mdk.i586.rpm MySQL-3.23.31-1.1mdk.i586.rpm koffice-2.0.1-1mdk.i586.rpm nss_ldap-122-1.1mdk.i586.rpm Zope-2.2.4-1.2mdk.i586.rpm linuxconf-util-1.21r5-5.1mdk.i586.rpm ypbind-3.3-28mdk.i586.rpm squid-2.3.STABLE2-3.1mdk.i586.rpm cups-1.1.6-10.1mdk.i586.rpm netscape-communicator-4.76-3.3mdk.i586.rpm mgetty-viewfax-1.1.24-1.1mdk.i586.rpm grpmi-7.2-19.1mdk.i586.rpm koffice-devel-2.0.1-1mdk.i586.rpm gpm-devel-1.19.3-3.1mdk.i586.rpm mod_ssl-2.7.1-2mdk.i586.rpm mod_ssl-sxnet-2.7.1-2mdk.i586.rpm Zope-services-2.2.4-1.2mdk.i586.rpm arpwatch-2.1a10-1.1mdk.i586.rpm Zope-pcgi-2.2.4-1.2mdk.i586.rpm cups-common-1.1.6-3.1mdk.i586.rpm qt2-devel-2.2.1-3mdk.i586.rpm netscape-common-4.76-3.3mdk.i586.rpm Zope-zserver-2.2.4-1.2mdk.i586.rpm openssh-server-2.3.0p1-7.1mdk.i586.rpm joe-2.8-21.1mdk.i586.rpm mgetty-contrib-1.1.24-1.1mdk.i586.rpm Zope-ztemplates-2.2.4-1.2mdk.i586.rpm Zope-components-2.2.4-1.2mdk.i586.rpm Zope-zpublisher-2.2.4-1.2mdk.i586.rpm gnome-media-1.2.0-14.1mdk.i586.rpm Zope-core-2.2.4-1.2mdk.i586.rpm cups-devel-1.1.6-10.1mdk.i586.rpm MandrakeUpdate-7.2-19.1mdk.i586.rpm mgetty-sendfax-1.1.24-1.1mdk.i586.rpm bind-8.2.3-1.1mdk.i586.rpm apache-devel-1.3.14-2mdk.i586.rpm bind-devel-8.2.3-1.1mdk.i586.rpm Number of files in /var/cache/grpmi = 56 Stage 4: Downloading the mirror Skipping updatesi586:http://mirror.cse.unsw.edu.au/pub/linux/mandrake/updates Skipping updatesi586:http://gd.tuwien.ac.at/opsys/linux/Mandrake/updates Skipping updatesi586:http://ftp.net.uni-c.dk/pub/linux/mandrake/updates Skipping updatesi586:http://chronos.iut-bm.univ-fcomte.fr/Mandrake/updates Skipping updatesi586:http://bo.mirror.garr.it/mirrors/Mandrake/updates Skipping updatesi586:http://ftp.chl.chalmers.se/pub/Linux/distributions/Mandrake/updates Skipping updatesi586:http://www.mirror.ac.uk/sites/sunsite.uio.no/pub/unix/Linux/Mandrake/updates Skipping updatesi586:http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates Skipping updatesi586:http://ftp.planetmirror.com/pub/mandrake/updates Skipping updatesi586:http://rpmfind.net/linux/Mandrake/updates Skipping updatesi586:http://carroll.cac.psu.edu/pub/linux/distributions/mandrake/updates Skipping updatesi586:http://sunsite.utk.edu/ftp/pub/linux/Mandrake/updates Visiting ftp://bo.mirror.garr.it/mirrors/Mandrake/updates, Retry count=0 Listing directory ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/ Upgrading RPM packages from mirror:ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/ Replace MandrakeUpdate-7.2-17mdk.i586.rpm immediately with the new downloaded MandrakeUpdate-7.2-19.1mdk.i586.rpm Package can't be installed - deleting/var/cache/grpmi/MySQL-3.23.31-1.1mdk.i586.rpm Replace Zope-2.1.6-4mdk.i586.rpm immediately with the new downloaded Zope-2.2.4-1.2mdk.i586.rpm Replace Zope-components-2.1.6-4mdk.i586.rpm immediately with the new downloaded Zope-components-2.2.4-1.2mdk.i586.rpm Replace Zope-core-2.1.6-4mdk.i586.rpm immediately with the new downloaded Zope-core-2.2.4-1.2mdk.i586.rpm Replace Zope-pcgi-2.1.6-4mdk.i586.rpm immediately with the new downloaded Zope-pcgi-2.2.4-1.2mdk.i586.rpm Replace Zope-services-2.1.6-4mdk.i586.rpm immediately with the new downloaded Zope-services-2.2.4-1.2mdk.i586.rpm Replace Zope-zpublisher-2.1.6-4mdk.i586.rpm immediately with the new downloaded Zope-zpublisher-2.2.4-1.2mdk.i586.rpm Replace Zope-zserver-2.1.6-4mdk.i586.rpm immediately with the new downloaded Zope-zserver-2.2.4-1.2mdk.i586.rpm Replace Zope-ztemplates-2.1.6-4mdk.i586.rpm immediately with the new downloaded Zope-ztemplates-2.2.4-1.2mdk.i586.rpm Replace arpwatch-2.1a6-12mdk.i586.rpm immediately with the new downloaded arpwatch-2.1a10-1.1mdk.i586.rpm Replace bind-devel-8.2.2P5-12mdk.i586.rpm immediately with the new downloaded bind-devel-8.2.3-1.1mdk.i586.rpm Replace cups-1.1.4-3mdk.i586.rpm immediately with the new downloaded cups-1.1.6-10.1mdk.i586.rpm Replace cups-devel-1.1.4-3mdk.i586.rpm immediately with the new downloaded cups-devel-1.1.6-10.1mdk.i586.rpm Replace getty_ps-2.0.7j-13mdk.i586.rpm immediately with the new downloaded getty_ps-2.0.7j-14.1mdk.i586.rpm Replace grpmi-7.2-17mdk.i586.rpm immediately with the new downloaded grpmi-7.2-19.1mdk.i586.rpm Replace mgetty-1.1.22-2mdk.i586.rpm immediately with the new downloaded mgetty-1.1.24-1.1mdk.i586.rpm Replace mgetty-contrib-1.1.22-2mdk.i586.rpm immediately with the new downloaded mgetty-contrib-1.1.24-1.1mdk.i586.rpm Replace mgetty-sendfax-1.1.22-2mdk.i586.rpm immediately with the new downloaded mgetty-sendfax-1.1.24-1.1mdk.i586.rpm Replace mgetty-viewfax-1.1.22-2mdk.i586.rpm immediately with the new downloaded mgetty-viewfax-1.1.24-1.1mdk.i586.rpm Replace mgetty-voice-1.1.22-2mdk.i586.rpm immediately with the new downloaded mgetty-voice-1.1.24-1.1mdk.i586.rpm Replace netscape-common-4.75-9mdk.i586.rpm immediately with the new downloaded netscape-common-4.76-3.3mdk.i586.rpm Replace netscape-communicator-4.75-9mdk.i586.rpm immediately with the new downloaded netscape-communicator-4.76-3.3mdk.i586.rpm Replace nss_ldap-107-2mdk.i586.rpm immediately with the new downloaded nss_ldap-122-1.1mdk.i586.rpm Replace rdist-6.1.5-14mdk.i586.rpm immediately with the new downloaded rdist-6.1.5-17.1mdk.i586.rpm Replace vixie-cron-3.0.1-45mdk.i586.rpm immediately with the new downloaded vixie-cron-3.0.1-46.1mdk.i586.rpm Finish collecting information for file downloads Stage 6: Downloading 68 RPM package(s) from ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/ Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/MySQL-3.23.31-1.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/MySQL-bench-3.23.31-1.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/MySQL-client-3.23.31-1.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/MySQL-devel-3.23.31-1.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/MySQL-shared-3.23.31-1.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/bind-utils-8.2.3-1.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/cvs-1.11-3.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/diffutils-2.7-25.3mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/everybuddy-0.1.5-1.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/ghostscript-5.50-35.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/ghostscript-module-SVGALIB-5.50-35.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/ghostscript-module-X-5.50-35.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/ghostscript-utils-5.50-35.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/glibc-2.1.3-18.3mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/glibc-devel-2.1.3-18.3mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/glibc-profile-2.1.3-18.3mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/gmc-4.5.51-7.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/gnupg-1.0.4-3.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/gpm-1.19.3-3.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdeadmin-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdebase-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdebase-devel-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdegames-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdegraphics-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdegraphics-devel-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdelibs-2.0.1-2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdelibs-devel-2.0.1-2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdelibs-sound-2.0.1-2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdelibs-sound-devel-2.0.1-2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdemultimedia-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdemultimedia-devel-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdenetwork-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdenetwork-devel-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdepim-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdesupport-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdesupport-devel-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdetoys-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdeutils-2.0.1-1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/kdoc-2.0.1-1mdk.noarch.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/linuxconf-1.21r5-5.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/linuxconf-devel-1.21r5-5.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/linuxconf-lib-1.21r5-5.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/mc-4.5.51-7.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/mcserv-4.5.51-7.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/mod_php-4.0.4pl1-1.2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/modutils-2.3.21-1.3mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/openssh-2.3.0p1-7.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/openssh-askpass-2.3.0p1-7.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/openssh-askpass-gnome-2.3.0p1-7.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/openssh-clients-2.3.0p1-7.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/pam-0.72-13.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/pam-doc-0.72-13.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/php-4.0.4pl1-1.2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/php-dba_gdbm_db2-4.0.4pl1-1.2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/php-devel-4.0.4pl1-1.2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/php-gd-4.0.4pl1-1.2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/php-imap-4.0.4pl1-1.2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/php-ldap-4.0.4pl1-1.2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/php-manual-4.0.4pl1-1.2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/php-mysql-4.0.4pl1-1.2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/php-pgsql-4.0.4pl1-1.2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/php-readline-4.0.4pl1-1.2mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/shadow-utils-19990827-8.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/slocate-2.4-1.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/tcsh-6.09.04-1.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/userdrake-0.2-4.1mdk.i586.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/webmin-0.84-1.1mdk.noarch.rpm Downloading: ftp://bo.mirror.garr.it/mirrors/Mandrake/updates/7.2/RPMS/xalf-0.4-4.1mdk.i586.rpm Stage 7: Upgrading 93 RPM package(s) ---------------------------------------------------------------------- Upgrading: MandrakeUpdate-7.2-17mdk.i586.rpm to MandrakeUpdate-7.2-19.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: bugfix A number of bugs were found in the MandrakeUpdate package that are fixed with this update. * About this package: Easy updating of your Mandrake distribution. All you have to do is choose the updated packages you want to install. ---------------------------------------------------------------------- Upgrading: MySQL-3.23.23-1mdk.i586.rpm to MySQL-3.23.31-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: MySQL-bench-3.23.23-1mdk.i586.rpm to MySQL-bench-3.23.31-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: MySQL-client-3.23.23-1mdk.i586.rpm to MySQL-client-3.23.31-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: MySQL-devel-3.23.23-1mdk.i586.rpm to MySQL-devel-3.23.31-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: MySQL-shared-3.23.23-1mdk.i586.rpm to MySQL-shared-3.23.31-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: Zope-2.1.6-4mdk.i586.rpm to Zope-2.2.4-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Fri Nov 03 16:00:00 CEST 2000 importance: security The exploit that was not fixed with the previous Zope hotfix involves the getRoles method of user objects contained in the default UserFolder implementation returning a mutable Python type. Because the mutable object is still associated with the persistent User object, users with the ability to edit DTML could arrange to give themselves extra roles for the duration of a single request by mutating the roles list as part of the request processing. Further investigation revealed that it was possible to access the mutable attribute directly to perform the same exploit. * About this package: The Z Object Programming Environment (Zope) is a free, Open Source[tm] Python-based application server for building high-performance, dynamic web sites, using a powerful and simple scripting object model and high-performance, integrated object database. Brian Lloyd's excellent article, An Introduction to Zope (http://www.devshed.com/Server_Side/Zope/Intro/) provides a great starting point to understanding what Zope is and how you can use it. For a fully functional installation of Zope, install this single huge package and then _either_ the Zope-zserver RPM, for a minimal Python-based web server; or the Zope-pcgi RPM, for use with Apache's CGI facility. If you only want portions of Zope, there are subpackages available for each subsystem and you should _not_ install this RPM. ---------------------------------------------------------------------- Upgrading: Zope-components-2.1.6-4mdk.i586.rpm to Zope-components-2.2.4-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: Zope-core-2.1.6-4mdk.i586.rpm to Zope-core-2.2.4-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: Zope-pcgi-2.1.6-4mdk.i586.rpm to Zope-pcgi-2.2.4-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: Zope-services-2.1.6-4mdk.i586.rpm to Zope-services-2.2.4-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: Zope-zpublisher-2.1.6-4mdk.i586.rpm to Zope-zpublisher-2.2.4-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: Zope-zserver-2.1.6-4mdk.i586.rpm to Zope-zserver-2.2.4-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: Zope-ztemplates-2.1.6-4mdk.i586.rpm to Zope-ztemplates-2.2.4-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: arpwatch-2.1a6-12mdk.i586.rpm to arpwatch-2.1a10-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Wed Jan 10 14:02:03 2001 importance: security WireX discovered a potential temporary file race condition in the arpwatch program. This problem has been corrected in arpwatch version 2.1a10. * About this package: The arpwatch package contains arpwatch and arpsnmp. Arpwatch and arpsnmp are both network monitoring tools. Both utilities monitor Ethernet or FDDI network traffic and build databases of Ethernet/IP address pairs, and can report certain changes via email. Install the arpwatch package if you need networking monitoring devices which will automatically keep traffic of the IP addresses on your network. ---------------------------------------------------------------------- Upgrading: bind-devel-8.2.2P5-12mdk.i586.rpm to bind-devel-8.2.3-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: bind-utils-8.2.2P5-12mdk.i586.rpm to bind-utils-8.2.3-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: cups-1.1.4-3mdk.i586.rpm to cups-1.1.6-10.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: bugfix A number of printer fixes are corrected in this package. As well, lpstat and the web interface were displaying SMB passwords which poses a security risk. * About this package: The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. ---------------------------------------------------------------------- Upgrading: cups-devel-1.1.4-3mdk.i586.rpm to cups-devel-1.1.6-10.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: cvs-1.10.8-6mdk.i586.rpm to cvs-1.11-3.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Jan 05 08:56:09 2001 importance: general The version of cvs released with Linux-Mandrake 7.2 does not have xinetd support by default. This update provides support for xinetd. * About this package: CVS means Concurrent Version System; it is a version control system which can record the history of your files (usually, but not always, source code). CVS only stores the differences between versions, instead of every version of every file you've ever created. CVS also keeps a log of who, when and why changes occurred, among other aspects. CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors. Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files. These directories and files can then be combined together to form a software release. Install the cvs package if you need to use a version control system. ---------------------------------------------------------------------- Upgrading: diffutils-2.7-22mdk.i586.rpm to diffutils-2.7-25.3mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Wed Jan 10 14:02:03 2001 importance: security WireX discovered a potential temporary file race condition in the sdiff program within the diffutils package. This update corrects the problem. * About this package: Diffutils includes four utilities: diff, cmp, diff3 and sdiff. * Diff compares two files and shows the differences, line by line. * The cmp command shows the offset and line numbers where two files differ, or cmp can show the characters that differ between the two files. * The diff3 command shows the differences between three files. Diff3 can be used when two people have made independent changes to a common original; diff3 can produce a merged file that contains both persons' changes and warnings about conflicts. * The sdiff command can be used to merge two files interactively. Install diffutils if you need to compare text files. ---------------------------------------------------------------------- Upgrading: everybuddy-0.1.4-4mdk.i586.rpm to everybuddy-0.1.5-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Mon Nov 13 13:27:14 PST 2000 importance: bugfix The version of everybuddy released with Linux-Mandrake 7.2 has problems connecting to the msn messenger service. This new version of everybuddy corrects the problem and introduces some other small bug fixes. * About this package: Everybuddy is designed to become a Universal Instant Messaging client designed to seamlessly integrate all existing Instant Messaging clients and provide a single consistant user interface. Currently, Everybuddy supports sending and receiving messages in both AOL and ICQ. Yahoo and possibly MSN support is planned to be incorporated in future releases. ---------------------------------------------------------------------- Upgrading: getty_ps-2.0.7j-13mdk.i586.rpm to getty_ps-2.0.7j-14.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Wed Jan 10 14:02:03 2001 importance: security WireX discovered a potential temporary file race condition in the getty_ps program. This update corrects the problem. * About this package: The getty_ps package contains the getty and uugetty programs, basic programs for accomplishing the login process on a Linux Mandrake system. Getty and uugetty are used to accept logins on the console or a terminal. Getty is invoked by the init process to open tty lines and set their modes, to print the login prompt and get the user's name, and to initiate a login process for the user. Uugetty works just like getty, except that uugetty creates and uses lock files to prevent two or more processes from conflicting in their use of a tty line. Getty and uugetty can also handle answer a modem for dialup connections, but mgetty is recommended for that purpose. ---------------------------------------------------------------------- Upgrading: ghostscript-5.50-35mdk.i586.rpm to ghostscript-5.50-35.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: bugfix A number of fixes for various printer drivers are provided in this update. * About this package: Ghostscript is a set of software that provides a PostScript(TM) interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. Most applications use PostScript for printer output. In addition, the package contains filters which transfer the raw bitmap of GhostScript into the protocol of some additional printer models. You should install ghostscript if you need to display PostScript files, or if you have a non-PostScript printer. ---------------------------------------------------------------------- Upgrading: ghostscript-module-SVGALIB-5.50-35mdk.i586.rpm to ghostscript-module-SVGALIB-5.50-35.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: ghostscript-module-X-5.50-35mdk.i586.rpm to ghostscript-module-X-5.50-35.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: ghostscript-utils-5.50-35mdk.i586.rpm to ghostscript-utils-5.50-35.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: glibc-2.1.3-16mdk.i586.rpm to glibc-2.1.3-18.3mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Thu Jan 18 11:26:36 2001 importance: security The LD_PRELOAD variable in the GNU C Library is honoured normally even for SUID/SGID applications (but removed afterwards from the environment) if it does not contain '/' characters. There is a special check which only preloads found libraries if they have the SUID bit set. However, if a library has been found in /etc/ld.so.cache, this check was not performed. As a result, a malicious user could preload some library located in /lib or /usr/lib before SUID/SGID applications and create or overwrite a file he would normally have permission to. As well, LD_PROFILE output from SUID programs would go into /var/tmp, making it vulnerable to various link attacks. * About this package: The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. The glibc package also contains national language (locale) support and timezone databases. ---------------------------------------------------------------------- Upgrading: glibc-devel-2.1.3-16mdk.i586.rpm to glibc-devel-2.1.3-18.3mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: glibc-profile-2.1.3-16mdk.i586.rpm to glibc-profile-2.1.3-18.3mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: gmc-4.5.51-7mdk.i586.rpm to gmc-4.5.51-7.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: gnupg-1.0.4-1mdk.i586.rpm to gnupg-1.0.4-3.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 16:00:00 CEST 2000 importance: security A problem exists in all versions of GnuPG prior to and including 1.0.3. Because of this problem, GnuPG may report files which have been signed with multiple keys (one or more of which may be incorrect) to be valid even if one of the signatures is in fact valid. * About this package: GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. Because GnuPG does not use use any patented algorithm it cannot be compatible with PGP2 versions. PGP 2.x uses only IDEA (which is patented worldwide) and RSA (which is patented in the United States until Sep 20, 2000). ---------------------------------------------------------------------- Upgrading: gpm-1.19.3-3mdk.i586.rpm to gpm-1.19.3-3.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Wed Jan 10 14:02:03 2001 importance: security WireX discovered a potential temporary file condition in the gpm program. This update corrects the problem. * About this package: Gpm provides mouse support to text-based Linux applications like the emacs editor, the Midnight Commander file management system, and other programs. Gpm also provides console cut-and-paste operations using the mouse and includes a program to allow pop-up menus to appear at the click of a mouse button. Gpm should be installed if you intend to use a mouse with your Linux Mandrake system. ---------------------------------------------------------------------- Upgrading: grpmi-7.2-17mdk.i586.rpm to grpmi-7.2-19.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: kdeadmin-2.0-2mdk.i586.rpm to kdeadmin-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Administrative tools for the K Desktop Environment. ---------------------------------------------------------------------- Upgrading: kdebase-2.0-7mdk.i586.rpm to kdebase-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Core applications for the K Desktop Environment. Software included are: * KDM: replacement for XDM * KWM: window manager * KOnqueror: filemanager, web browser, ftp client, etc. * KOnsole: XTerm replacement * KPpanel: application starter and desktop pager * KAudio: audio server * KDEHelpcenter: viewer for KDE help files, info and man pages plus other KDE components: * KCheckpass * KIkbd * KScreensaver * KControl * KFind * KFontmanager * KMenuedit * KAppfinder ---------------------------------------------------------------------- Upgrading: kdebase-devel-2.0-7mdk.i586.rpm to kdebase-devel-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: kdegames-2.0-1mdk.i586.rpm to kdegames-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Games for the K Desktop Environment. Included with this package are: kabalone, kasteroids, kblackbox, kmahjongg, kmines, konquest, kpat, kpoker, kreversi, ksame, kshisen, ksokoban, ksmiletris, ksnake, ksirtet, katomic, kjumpingcube, ktuberling. ---------------------------------------------------------------------- Upgrading: kdegraphics-2.0-4mdk.i586.rpm to kdegraphics-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Graphical tools for the K Desktop Environment. ---------------------------------------------------------------------- Upgrading: kdegraphics-devel-2.0-4mdk.i586.rpm to kdegraphics-devel-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: kdelibs-2.0-5mdk.i586.rpm to kdelibs-2.0.1-2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Libraries for the K Desktop Environment. KDE Libraries included: * kdecore: KDE core library * kdeui: user interface * kfm: file manager * khtmlw: HTML widget * kfile: file access * kspell: spelling checker * jscript: javascript * kab: addressbook * kimgio: image manipulation * arts: sound, mixing and animation ---------------------------------------------------------------------- Upgrading: kdelibs-devel-2.0-5mdk.i586.rpm to kdelibs-devel-2.0.1-2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: kdelibs-sound-2.0-5mdk.i586.rpm to kdelibs-sound-2.0.1-2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: kdelibs-sound-devel-2.0-5mdk.i586.rpm to kdelibs-sound-devel-2.0.1-2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: kdemultimedia-2.0-4mdk.i586.rpm to kdemultimedia-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Multiedia tools for the K Desktop Environment. ---------------------------------------------------------------------- Upgrading: kdemultimedia-devel-2.0-4mdk.i586.rpm to kdemultimedia-devel-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: kdenetwork-2.0-1mdk.i586.rpm to kdenetwork-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Networking applications for the K Desktop Environment. ---------------------------------------------------------------------- Upgrading: kdenetwork-devel-2.0-1mdk.i586.rpm to kdenetwork-devel-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: kdepim-2.0-1mdk.i586.rpm to kdepim-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Information Management applications for the K Desktop Environment. ---------------------------------------------------------------------- Upgrading: kdesupport-2.0-1mdk.i586.rpm to kdesupport-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Support Libraries for the K Desktop Environment, but not part of it. Libraries included are: QwSpriteField, js (javascript), uulib, mimelib, and rdb. ---------------------------------------------------------------------- Upgrading: kdesupport-devel-2.0-1mdk.i586.rpm to kdesupport-devel-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: kdetoys-2.0-1mdk.i586.rpm to kdetoys-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Toys for the K Desktop Environment. Includes: kmoon (displays various phases of the moon); kworldwatch (displays where in the world it is light and dark depending on time), and kodo (a mouse odometer which shows how far your mouse has traveled). ---------------------------------------------------------------------- Upgrading: kdeutils-2.0-3mdk.i586.rpm to kdeutils-2.0.1-1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Utilities for the K Desktop Environment. This package includes: - ark: tar/gzip archive manager - kab: address book - karm: personal time tracker - kcalc: scientific calculator - kedit: simple text editor - kfloppy: floppy formatting tool - khexedit: hex editor - kjots: note taker - klipper: clipboard tool - kljettool: HP printer configuration tool - klpq: print queue manager - knotes: post-it notes for the desktop - kpm: process manager similar to 'top', but more advanced - kwrite: improved text editor ---------------------------------------------------------------------- Upgrading: kdoc-2.0-3mdk.noarch.rpm to kdoc-2.0.1-1mdk.noarch.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: general This updates to KDE 2.0 final. * About this package: Documentation tools for the K Desktop Environment 2.0. ---------------------------------------------------------------------- Upgrading: linuxconf-1.21r5-5mdk.i586.rpm to linuxconf-1.21r5-5.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: bugfix Many fixes are included in this new version of linuxconf including a variety of bugs in both linuxconf and the initscripts. * About this package: Linuxconf is an extremely capable system configuration tool. Linuxconf provides four different interfaces for you to choose from: command line, character-cell (like the installation program), an X Window System based GUI and a web-based interface. Linuxconf can manage a large proportion of your system's operations, including networking, user accounts, file systems, boot parameters, and more. Linuxconf will simplify the process of configuring your system. Unless you are completely happy with configuring your system manually, you should install the linuxconf package and use linuxconf instead. ---------------------------------------------------------------------- Upgrading: linuxconf-devel-1.21r5-5mdk.i586.rpm to linuxconf-devel-1.21r5-5.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: linuxconf-lib-1.21r5-5mdk.i586.rpm to linuxconf-lib-1.21r5-5.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: mc-4.5.51-7mdk.i586.rpm to mc-4.5.51-7.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Tue Dec 12 15:56:46 PST 2000 importance: security A problem was found in the cons.saver program by Maurycy Prodeus. The cons.saver program is a screensaver for the console that is included in the mc package. cons.saver does not check if it is started with a valid stdout, which combined with a bug in its check to see if its argument is a tty (it forgets to close the file-descriptor after opening the supposed tty), causes it to write a NULL character to the file given as its parameter. * About this package: Midnight Commander is a visual shell much like a file manager, only with way more features. It is text mode, but also includes mouse support if you are running GPM. Its coolest feature is the ability to ftp, view tar, zip files, and poke into RPMs for specific files. :-) ---------------------------------------------------------------------- Upgrading: mcserv-4.5.51-7mdk.i586.rpm to mcserv-4.5.51-7.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: mgetty-1.1.22-2mdk.i586.rpm to mgetty-1.1.24-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Wed Jan 10 14:02:03 2001 importance: security WireX discovered a potential temporary file race condition in the mgetty program. All versions of mgetty prior to 1.1.24 are vulnerable. * About this package: The mgetty package contains a "smart" getty which allows logins over a serial line (i.e., through a modem). If you're using a Class 2 or 2.0 modem, mgetty can receive faxes. If you also need to send faxes, you'll need to install the sendfax program. If you'll be dialing in to your system using a modem, you should install the mgetty package. If you'd like to send faxes using mgetty and your modem, you'll need to install the mgetty-sendfax program. If you need a viewer for faxes, you'll also need to install the mgetty-viewfax package. ---------------------------------------------------------------------- Upgrading: mgetty-contrib-1.1.22-2mdk.i586.rpm to mgetty-contrib-1.1.24-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: mgetty-sendfax-1.1.22-2mdk.i586.rpm to mgetty-sendfax-1.1.24-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: mgetty-viewfax-1.1.22-2mdk.i586.rpm to mgetty-viewfax-1.1.24-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: mgetty-voice-1.1.22-2mdk.i586.rpm to mgetty-voice-1.1.24-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: mod_php-4.0.3pl1-1mdk.i586.rpm to mod_php-4.0.4pl1-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: modutils-2.3.17-3mdk.i586.rpm to modutils-2.3.21-1.3mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Thu Nov 16 11:15:01 PST 2000 importance: security All 2.3.x versions of modutils since March 12, 1999 contain a vulnerability that can lead to a local root compromise. The modprobe program uses popen() to execute the "echo" program argumented with user input. Because popen() relies on /bin/sh to parse the command string and execute "echo", unescaped shell metacharacters can be included in user input to execute commands. Although modprobe is not installed setuid root, this vulnerability can be exploited to gain root access provided the target system is using kmod. Kmod is a kernel facility that automatically executes the program modprobe when a module is requested via request_module(). One program that can take advantage of this vulnerability is ping (however, not all versions). When a device is specified at the command line that doesn't exist, request_module is called with the user-supplied arguments passed to the kernel. The kernel then takes the arguments and executes modprobe with them. Arbitrary commands included in the argument for module name (device name to ping) are then executed when popen() is called as root. A new version of modutils (2.3.20) has been released that fixes this particular vulnerability. modutils still supports meta expansion, including back quoted commands, but only for data read from the configuration file. This assumes that when modutils is run as root out of the kernel, normal users cannot specify their own configuration files. * About this package: The modutils packages includes the kerneld program for automatic loading of modules under 2.0 kernels and unloading of modules under 2.0 and 2.2 kernels, as well as other module management programs. Examples of loaded and unloaded modules are device drivers and filesystems, as well as some other things. ---------------------------------------------------------------------- Upgrading: netscape-common-4.75-9mdk.i586.rpm to netscape-common-4.76-3.3mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: netscape-communicator-4.75-9mdk.i586.rpm to netscape-communicator-4.76-3.3mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: nss_ldap-107-2mdk.i586.rpm to nss_ldap-122-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 3 13:28:32 CEST 2000 importance: security A race condition exists in versions of nss_ldap prior to version 121. On a system running nscd, a malicious user can cause the system to hang. * About this package: This package includes two LDAP access clients: nss_ldap and pam_ldap. nss_ldap is a set of C library extensions which allows X.500 and LDAP directory servers to be used as a primary source of aliases, ethers, groups, hosts, networks, protocol, users, RPCs, services and shadow passwords (instead of or in addition to using flat files or NIS). Pam_ldap is a module for Linux-PAM that supports password changes, V2 clients, Netscapes SSL, ypldapd, Netscape Directory Server password policies, access authorization, crypted hashes, etc. Install nss_ldap if you need LDAP access clients. ---------------------------------------------------------------------- Upgrading: openssh-2.2.0p1-7mdk.i586.rpm to openssh-2.3.0p1-7.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 16:00:00 CEST 2000 importance: security The openssh package shipped with 7.2 is not suid root. This causes problems with some authentication schemes that require the openssh server to be suid root. * About this package: Ssh (Secure Shell) a program for logging into a remote machine and for executing commands in a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up to date in terms of security and features, as well as removing all patented algorithms to separate libraries (OpenSSL). This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. ---------------------------------------------------------------------- Upgrading: openssh-askpass-2.2.0p1-7mdk.i586.rpm to openssh-askpass-2.3.0p1-7.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: openssh-askpass-gnome-2.2.0p1-7mdk.i586.rpm to openssh-askpass-gnome-2.3.0p1-7.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: openssh-clients-2.2.0p1-7mdk.i586.rpm to openssh-clients-2.3.0p1-7.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: pam-0.72-12mdk.i586.rpm to pam-0.72-13.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Sat Dec 16 10:31:19 2000 importance: security The pam_localuser module, which is a part of the pam package, contains a buffer overflow vulnerability. This module is not used in any default configuration and for a user to be exploited, they would have to manually insert it into a configuration file in the /etc/pam.d directory. * About this package: PAM (Pluggable Authentication Modules) is a system security tool which allows system administrators to set authentication policy without having to recompile programs which do authentication. ---------------------------------------------------------------------- Upgrading: pam-doc-0.72-12mdk.i586.rpm to pam-doc-0.72-13.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: php-4.0.3pl1-1mdk.i586.rpm to php-4.0.4pl1-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 16:00:00 CEST 2000 importance: security PHP version 4 which ships with Linux-Mandrake is vulnerable to format string attacks due to logging functions that make improper use of the syslog() and vsnprintf() functions. This renders PHP4-enabled servers vulnerable to compromise by remote attackers. This attack is only effective on PHP installations that log errors and warnings while those servers that do not are not affected. By default, Linux-Mandrake systems do not have logging enabled. * About this package: PHP4 is an HTML-embeddable scripting language. PHP offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. This package contains the base PHP files, and a standalone (CGI) version of php. If you need apache support, you need to install mod_php ---------------------------------------------------------------------- Upgrading: php-dba_gdbm_db2-4.0.3pl1-1mdk.i586.rpm to php-dba_gdbm_db2-4.0.4pl1-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: php-devel-4.0.3pl1-1mdk.i586.rpm to php-devel-4.0.4pl1-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: php-gd-4.0.3pl1-1mdk.i586.rpm to php-gd-4.0.4pl1-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: php-imap-4.0.3pl1-1mdk.i586.rpm to php-imap-4.0.4pl1-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: php-ldap-4.0.3pl1-1mdk.i586.rpm to php-ldap-4.0.4pl1-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: php-manual-4.0.3pl1-1mdk.i586.rpm to php-manual-4.0.4pl1-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: php-mysql--..rpm to php-mysql-4.0.4pl1-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: php-pgsql-4.0.3pl1-1mdk.i586.rpm to php-pgsql-4.0.4pl1-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: php-readline-4.0.3pl1-1mdk.i586.rpm to php-readline-4.0.4pl1-1.2mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid ---------------------------------------------------------------------- Upgrading: rdist-6.1.5-14mdk.i586.rpm to rdist-6.1.5-17.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Wed Jan 10 14:02:03 2001 importance: security WireX discovered a potential temporary file race condition in the rdist program. This update corrects the problem. * About this package: The rdist program maintains identical copies of files on multiple hosts. If possible, rdist will preserve the owner, group, mode and mtime of files and it can update programs that are executing. ---------------------------------------------------------------------- Upgrading: shadow-utils-19990827-8mdk.i586.rpm to shadow-utils-19990827-8.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Wed Jan 10 14:02:03 2001 importance: security WireX discovered a potential temporary file race condition in the useradd program contained in the shadow-utils package. The useradd program creates it's temporary files in the protected directory /etc/default, but if this directory is changed to world writable, a problem could occur. This update corrects the problem. * About this package: The shadow-utils package includes the necessary programs for converting UNIX password files to the shadow password format, plus programs for managing user and group accounts. The pwconv command converts passwords to the shadow password format. The pwunconv command unconverts shadow passwords and generates an npasswd file (a standard UNIX password file). The pwck command checks the integrity of password and shadow files. The lastlog command prints out the last login times for all users. The useradd, userdel and usermod commands are used for managing user accounts. The groupadd, groupdel and groupmod commands are used for managing group accounts. ---------------------------------------------------------------------- Upgrading: slocate-2.2-6mdk.i586.rpm to slocate-2.4-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Mon Dec 18 15:26:56 2000 importance: security Michael Kaempf reported a security problem in slocate (a secure version of locate, a tool to quickly locate files on a filesystem) on bugtraq which was originally discovered by zorgon. He discovered that there was a bug in the database reading code which made it overwrite an internal structure with some input. He then showed this could be exploited to trick slocate into executing arbitrary code by pointing it to a carefully crafted database. * About this package: Slocate is a security-enhanced version of locate. Just like locate, slocate searches through a central database (which is updated nightly) for files which match a given pattern. Slocate allows you to quickly find files anywhere on your system. ---------------------------------------------------------------------- Upgrading: tcsh-6.09.03-2mdk.i586.rpm to tcsh-6.09.04-1.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Mon Nov 13 20:57:41 PST 2000 importance: security A vulnerability exists with tcsh when using the in-here documents with the << syntax. When doing this, tcsh uses a temporary file to store the data. Unfortunately, the temporary file is not created securely and standard symlink attacks can be used to make tcsh overwrite arbitrary files. * About this package: Tcsh is an enhanced but completely compatible version of csh, the C shell. Tcsh is a command language interpreter which can be used both as an interactive login shell and as a shell script command processor. Tcsh includes a command line editor, programmable word completion, spelling correction, a history mechanism, job control and a C language like syntax. ---------------------------------------------------------------------- Upgrading: userdrake-0.2-3mdk.i586.rpm to userdrake-0.2-4.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update Fri Nov 03 17:00:00 CEST 2000 importance: bugfix There was a problem with the umask setting in the previous version that is corrected in this update, as well as some problems with the French translation. * About this package: Userdrake is a user-friendly and powerful tool to add/edit/remove users from your Linux-Mandrake system. ---------------------------------------------------------------------- Upgrading: vixie-cron-3.0.1-45mdk.i586.rpm to vixie-cron-3.0.1-46.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Tue Feb 20 14:51:02 2001 importance: security A buffer overflow exists in the 'crontab' command if it was called by a user with a username longer than 20 characters. If the system administrator has created usernames of that length, it would be possible for those users to gain elevated privileges. * About this package: The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. Vixie cron adds better security and more powerful configuration options to the standard version of cron. ---------------------------------------------------------------------- Upgrading: webmin-0.80-18mdk.noarch.rpm to webmin-0.84-1.1mdk.noarch.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Fri Jan 26 11:44:14 2001 importance: security Previous versions of webmin could create temporary files insecurely on several occasions. This could be exploited by a local attacker to overwrite or create arbitrary files and possibly gain root privileges. * About this package: A web-based administration interface for Unix systems. Using Webmin you can configure DNS, Samba, NFS, local/remote filesystems, Apache, Sendmail/Postfix, and more using your web browser. After installation, enter the URL https://localhost:10000/ into your browser and login as root with your root password. Please consider logging in and modify your password for security issue. PLEASE NOTE THAT THIS VERSION NOW USES SECURE WEB TRANSACTIONS: YOU HAVE TO LOGIN TO "https://localhost:10000/" AND NOT "http://localhost:10000/". ---------------------------------------------------------------------- Upgrading: xalf-0.4-2mdk.i586.rpm to xalf-0.4-4.1mdk.i586.rpm okay * Signature check: - Linux Mandrake Security Team's GnuPG signature is found - MD5 checksum is valid * Description of the update: Update: Mon Jan 22 09:11:22 2001 importance: bugfix Due to the update of glibc with the fixing of the LD_PRELOAD variable, the xalf helper application ceases to function properly. As a result, many applications that use xalf to provide visual feedback will not run, such as MandrakeUpdate. This update corrects the problem. * About this package: This is a small utility to provide feedback when starting X11 &pplications. Feedback can be given via four different indicators: * an invisible window (to be used in conjunction with a task pager like Gnomes tasklist_applet or KDE Taskbar) * an generic splashscreen * an hourglass attached to the mouse cursor or an animated star Stage 9: Updating Mandrake's global menu, and library symlinks Done, now report the root user Stage 10: Report it to root@localhost -- Mandrake Update Robot 0.8 Copyright (C) 2001 Prana