-----BEGIN PGP SIGNED MESSAGE----- At 09:11 AM 12/11/01 +0100, Taco Scargo wrote: >The latest kernel for RaQ 4 is 2.2.16C28. This version includes the >patch to close the above mentioned rule. So either you hadn't >installed the latest kernel (which was posted on September 20, >2001) or you didn't reboot after installation.
It might have been useful had the cobalt-announce item on this mentioned it was a security-related patch. >======================================= >Software Updates For Sun Cobalt RaQ 4 >======================================= >RaQ4-All-Kernel-1.0.1-2.216C28III: Special Characters 1.0.1 >Requires Reboot: YES >MD5 Check Sum: dad1efe8427613aa4830f85068529647 > >Kernel C24 and C27 would not allow the system to switch to the >correct disk after a RAID failure. To correct this a new modutils >has been included for the gen III Kernel so that the bandwidth >module could correctly load automatically after a reboot.Also >included in the update is the fix for the sysctl negative offset bug >as well as the ptrace setuid bug. > > Compare the above to: >======================================= >Software Updates For Sun Cobalt RaQ 4 >======================================= >RaQ4-All-Security-1.0.1-10749: Running Bind as Named 1.0.1 >Requires Reboot: YES >MD5 Check Sum: 6551930df28b21af5ba2d457ef2a2f0f > >This patch addresses an issue with the way named is run on Sun >Cobalt Server Appliances. Currently, named is run with root >permissions, this patch adds a user named 'named', and installs new >initscripts to startup named with the proper arguments to run as the >user named. > The first notice looks to correct a few bugs. The second clearly tells administrators there's a security issue to be fixed. Some administrators put different priorities on security patches versus bug-fixes that may not apply to their environments. -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.8 Comment: hacker=cybercriminal--the definition changed; get over it iQCVAwUBPCCO2fGfiIQsciJtAQEjGAP7BswVaJ2/+yvq9PG5+vZQ8W/Ii7xWTpuF Z3nkVX+FKC5MY1TsrEXswH4w+W293OIs6RGyB6lsSVb/HSH15spLjlQ8j2XqXEIA F3k0/JrL9RqZ6YuJVq9JEcJWcvPWXCJuxv18sRffwsP8y6NPll8RaUm/9MCe6QnC YTbboqtf4nc= =MAb4 -----END PGP SIGNATURE----- -- Regards, David Kennedy CISSP /"\ Director of Research Services, \ / ASCII Ribbon Campaign TruSecure Corp. http://www.trusecure.com X Against HTML Mail Protect what you connect; / \ Look both ways before crossing the Net. _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
