Red Hat Essential and Critical Security Patch Updates
Find the information you need for your favorite open source distribution .
RH6.1: PAM (RHSA-1999:040-01)
Under some network configurations PAM (Pluggable Authentication Modules) will fail to lock access to disabled NIS accounts.
RH6.1: netscape (RHSA-1999:039-02)
A new version of Netscape has been released. This release fixes some security problems in Javascript and form signing.
Essential RH60 Security Fixes: dev, rxvt, and screen Packages Updated
New dev, rxvt, and screen packages are available that fix a security issue with the packages that originally shipped with Red Hat Linux 6.0. Please read the 'Solution' section for special action needed to complete this upgrade. red hat corp/contact.html
RH6.0: KDE (RHSA-1999:015-01)
New KDE RPMs are available for Red Hat Linux 6.0. These RPMs upgrade the 1.1.1pre2 release to 1.1.1 final + fixes. Several security holes have been closed, and other bugs noted in the original RPMs have been corrected.
RH6.0: net-tools (RHSA-1999:017-01)
A potential security problem has been fixed in the net-tools package.
RH6.0: gnumeric (RHSA-1999:023-01)
A potential security problem has been fixed in the gnumeric spreadsheet package.
RH6.0: samba (RHSA-1999:022-02)
Samba 2.0.5a has been released. Among the fixes in this release are several security issues present in previous Samba releases.
RH6.0: squid (RHSA-1999:025-01)
cachemgr.cgi, the manager interface to Squid, is installed by default in /home/httpd/cgi-bin. If a web server (such as apache) is running, this can allow remote users to sent connect() requests from the local machine to arbitrary hosts and ports.
RH6.0: pump (RHSA-1999:027-02)
New version of pump, 0.7.0, fixes several problems, including a potential security hole. We strongly recommend that all users using DHCP upgrade to pump 0.7.0, particularly if you use DHCP on a public network such as a cable modem or ADSL service.
RH6.0: libtermcap (RHSA-1999:028-01)
A buffer overflow has been fixed in the tgetent() function of libtermcap.
RH6.0: wu-ftpd (RHSA-1999:031-01)
New packages of wu-ftpd are available for all Red Hat Linux platforms. This version includes an important security fix as well as fixes for all known problems in wu-ftpd at this time.
RH6.0: syslogd (RHSA-1999:055-01)
A denial of service attack exists in the system log daemon, syslogd.
RH6.0: initscripts (RHSA-1999:052-04)
One security bug and several functionality bugs have been fixed in a new release of initscripts.
RH6.0: vixie-cron (RHSA-1999:030-02)
1999-08-27: Updated packages to fix problems on Red Hat Linux 4.2 and 5.2, added credits, remove statement about 'no known exploits'
Red Hat 6.0 RHSA-1999:032-01 critical: amd buffer overrun exploit
New packages of am-utils are available for all Red Hat Linux platforms. This version includes an important security fix for a buffer overrun problem which is being actively exploited on the Internet.
RH6.0: inews (RHSA-1999:033-01)
New packages for INN are available for all Red Hat Linux platforms. This version of the package fixes a buffer overrun problem discovered in the inews program, which is part of the INN distribution. No active exploits of the problem have been found so far.
RH6.0: XFree86 (RHSA-1999:035-02)
New XFree86 packages are available for Red Hat Linux 4.2, 5.2, and 6.0 on all architectures. The XFree86 3.3.5 release fixes a number of newly discovered security problems and provides new drivers, as well as fixing a large number of outstanding bugs.
