[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

various news and bugreports





             Packages: NetKit-B, util-linux, passwd 

           Updated: 08-Aug-1997 

           Problem:

               (03-Feb-1997) NetKit-B: Security Fix:
               NetKit-B-0.08-13 allowed external users to tell
               whether or not a username existed on a system by
               using the rlogin protocol. This is fixed in
               NetKit-B-0.08-14. 

               (07-Mar-1997) util-linux: login (and telnet,
               since it uses login) allowed remote users to
               determine whether a user existed on a system. This
               has been fixed in util-linux-2.5-34 

               (24-Mar-1997) NetKit-B: Security Fix: There is a
               small security hole in the in.tftpd daemon
               which allows remote users to read all files on
               systems which run tftp from inetd, even if the
               server is supposed to be run with a restricted
               directory path (note that all versions of Red Hat have
               tftp support off by default). NetKit-B-0.09-1 includes
               a patch to fix this problem. 

               (25-Apr-1997) NetKit-B, util-linux, passwd:
               There have been various utmp problems on all
               platforms with Red Hat Linux 4.1 (most notably the
               Alpha). NetKit-B-0.09-1.1, util-linux-2.5-34.1, and
               passwd-0.50-2.1 should fix this problem. 

               (08-Aug-1997) NetKit-B: Security Fix: NetKit-B
               contains a security hole in the rusers client. Fixed
               in NetKit-B-0.09-7. 

           Solution:
               Intel: Upgrade to
               NetKit-B-0.09-7.i386.rpm
               util-linux-2.5-34.1.i386.rpm
               passwd-0.50-2.1.i386.rpm


----------------------------------------------------------------------



From: hoffmang@nospampgp.com (Gene Hoffman)
Subject: PGP for Personal Privacy, Version 5.0 Linux Public Beta
Date: Mon, 28 Jul 1997 20:48:09 GMT

Hash: SHA1

Pretty Good Privacy, Inc. introduces a Linux beta version of PGP,  Version 5.0
for Personal Privacy. It is available in binary format on the Intel ELF Linux
architecture for immediate download from the Pretty Good Privacy website at
http://www.pgp.com/ . A freeware version for Linux will be available later
from the MIT site in both source and binary formats.

Like other members of the PGP Version 5.0 line, the Linux version provides
users with advanced "strong" cryptography written on a new PGP code base. It
features new algorithms including DSS/Diffie-Hellman (the ElGamal variation of
Diffie-Hellman) for the creation of public/private key pairs, public keyserver
integration, and a new, more script-friendly, command line. With this beta
version of 5.0, users may not generate RSA public/private key pairs, however,
the beta is fully interoperable with legacy RSA keys. Finally, all PGP beta
products are for non-commercial use only.

------------------------------

From: kclark@superfly.ntlug.org (Kendall G. Clark)
Subject: Linux Users Group Howto Released
Date: Mon, 28 Jul 1997 20:45:02 GMT



I've recently completed the rough draft for a Linux User Group HOWTO
to be added to the Linux Documentation Project. And I'd like to get
comments, suggestions, criticisms, and other reactions to it from the
Linux users worldwide.

This HOWTO will soon be available from the LDP and its mirrors, but
until it is released by the LDP, it is available at,

        http://www.ntlug.org/archive/lug-howto/index.html

The HOWTO is available in both html and postscript forms for on- and
off-line reading.

I have setup a form for your feedback and comments. It can be found at,

        http://www.ntlug.org/archive/lug-howto/form.html

I would especially like to hear from anyone participating in a LUG
outside of North America as my perspective about those groups is quite
limited.  

I have tried to indicate clearly the places where I need help from
people in other LUGs. I am active in my local LUG, and I don't want
the HOWTO to be too heavily swayed by my participation in just one
group.