Toggle navigation
Koozali.org: home of the SME Server
Community
Forums
Bugs
Lists
Forum Help
Download
SME Server ISOs
Contribs
Documentation
Manual
Wiki
FAQ
HowTo
Donate
Search
Login
Register
Login
Register
×
Close
Login
Remember me
Koozali.org: home of the SME Server
Obsolete Releases
SME Server 6.x
Topic:
SME 6 Maintenance Updates 6th July 2006
« previous
next »
+
Print
Pages: [
1
]
Go Down
SME 6 Maintenance Updates 6th July 2006
0 Replies
2652 Views
wellsi
475
+0/-0
SME 6 Maintenance Updates 6th July 2006
«
on:
July 06, 2006, 11:09:29 PM »
The maintenance team would like to announce that the following packages are
available from the updates repositories for SME 6.0, 6.0.1 & 6.5RC1.
Please Note: "As V7.0 has been released, all previous releases should be
considered 'legacy' releases and all users are encouraged to upgrade to the
new version."
To update your server see
http://no.longer.valid/phpwiki/index.php/How%20to%20update%20SME%20Server
To help this process see
http://no.longer.valid/phpwiki/index.php/Maintenance%20Process
You can also help speed up the releasing of updates by joining the
updatesteam
http://lists.contribs.org/mailman/listinfo/updatesteam
Follow the steps below to update using yum. These need to be entered from
the command line.
yum update
/sbin/e-smith/signal-event post-upgrade
/sbin/e-smith/signal-event reboot
==============
Common Updates
==============
glibc-2.2.5-44.legacy.8.i386.rpm
glibc-2.2.5-44.legacy.8.i686.rpm
glibc-common-2.2.5-44.legacy.8.i386.rpm
For all 6.x
FL Bug :
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173091
Updated glibc packages that add daylight savings rule enhancements for
various countries are now available.
The GNU libc packages (known as glibc) contain the standard C libraries
used by applications.
This update adjusts timezone files for countries where daylight savings
rules have recently changed or are going to change in the near future.
pcre-3.9-2.1.legacy.i386.rpm
For all 6.x
FL Note:
http://www.fedoralegacy.org/updates/RH7.3/2006-03-07-FLSA-2006_168516__Updated_pcre_packages_fix_a_security_issue.html
FL Bug :
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168516
Updated pcre packages are now available to correct a security issue.
PCRE is a Perl-compatible regular expression library.
An integer overflow flaw was found in PCRE, triggered by a maliciously
crafted regular expression. On systems that accept arbitrary regular
expressions from untrusted users, this could be exploited to execute
arbitrary code with the privileges of the application using the library.
The Common Vulnerabilities and Exposures project assigned the name
CVE-2005-2491 to this issue.
perl-DBI-1.21-1.1.legacy.i386.rpm
For all 6.x
FL Note:
http://www.fedoralegacy.org/updates/RH7.3/2006-03-01-FLSA-2006_178989__Updated_perl-DBI_package_fixes_security_issue.html
FL Bug :
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178989
An updated perl-DBI package that fixes a temporary file flaw in
DBI::ProxyServer is now available.
DBI is a database access Application Programming Interface (API) for
the Perl programming language.
The Debian Security Audit Project discovered that the DBI library
creates a temporary PID file in an insecure manner. A local user could
overwrite or create files as a different user who happens to run an
application which uses DBI::ProxyServer. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2005-0077 to
this issue.
tar-1.13.25-4.7.2.legacy.i386.rpm
For all 6.x
FL Note:
http://www.fedoralegacy.org/updates/RH7.3/2006-04-04-FLSA-2006_183571-1__Updated_tar_package_fixes_security_issue.html
FL Bug :
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183571
An updated tar package that fixes a path traversal flaw is now
available. The GNU tar program saves many files together in one archive
and can restore individual files (or all of the files) from that archive.
In 2002, a path traversal flaw was found in the way GNU tar extracted
archives. A malicious user could create a tar archive that could write
to arbitrary files to which the user running GNU tar has write access
(CVE-2002-0399). A security advisory was released containing a
backported patch.
It was discovered that the backported security patch contained an
incorrect optimization and therefore was not sufficient to completely
correct this vulnerability. The Common Vulnerabilities and Exposures
project (cve.mitre.org) assigned the name CVE-2005-1918 to this issue.
unzip-5.50-31.1.legacy.i386.rpm
For all 6.x
FL Note:
http://www.fedoralegacy.org/updates/RH7.3/2006-04-04-FLSA-2006_180159__Updated_unzip_package_fixes_security_issue.html
FL Bug :
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=180159
An updated unzip package that fixes a buffer overflow vulnerability is
now available. The unzip utility is used to list, test, or extract files
from a zip archive.
A buffer overflow bug has been discovered in unzip when handling long
file names. An attacker could create a specially crafted path which
could cause unzip to crash or execute arbitrary instructions. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2005-4667 to this issue.
Logged
............
+
Print
Pages: [
1
]
Go Up
« previous
next »
Koozali.org: home of the SME Server
Obsolete Releases
SME Server 6.x
Topic:
SME 6 Maintenance Updates 6th July 2006