Red Hat Linux/Intel 5.0 (Hurricane) Errata (Updated: 13-Nov-1998) [1]mail problems with errata to faq-maintainer See also: * [2]Red Hat Linux 5.0 General Errata The following are known problems specific to Red Hat Linux/Intel 5.0. Updates are available for FTP from: If you have problems downloading fixes from the official site (ftp.redhat.com), please try one of the many Red Hat [3]mirrors. * RPMs: [4]ftp://updates.redhat.com/5.0/i386/ Please note that newer versions of some of these packages may be available in the same location; any new versions which are made available will fix all of the bugs older versions did, so you can use the latest version with no problems. _________________________________________________________________ Overview * 10-Nov-1998: [5]libc-5 * 06-Nov-1998: [6]svgalib * 06-Nov-1998: [7]zgv * 28-Oct-1998: [8]cyrix * 20-Aug-1998: [9]Netscape * 30-Jul-1998: [10]REAL * 02-Jul-1998: [11]dosemu * 23-Jun-1998: [12]kernel, iBCS, pcmcia, modutils, initscripts * 13-Apr-1998: [13]ncpfs,smbfs * 24-Mar-1998: [14]mkinitrd * 13-Jan-1998: [15]mars-nwe * 17-Dec-1997: [16]usernet * 10-Dec-1997: [17]clock off * 10-Dec-1997: [18]kaffe * 05-Dec-1997: [19]LinuxThreads * 05-Dec-1997: [20]autofs-0.3.14-2 * 03-Dec-1997: [21]ld.so _________________________________________________________________ Detailed Errata _________________________________________________________________ Package: libc Updated: 13-Nov-1998 Problem: * (13-Nov-1998) Security Fix: A buffer overflow has been identified in all versions of the libc 5 packages shipped with Red Hat Linux. The most affected systems are those that are libc 5 based (Red Hat Linux 4.2 and older). Only the Intel is affected in 5.x. The Red Hat Linux 5.x releases are glibc (libc 6) based, and Red Hat does not ship any binaries linked against libc 5 that might be used for compromising the system's security. However, Red Hat Linux 5.x releases do include for backwards compatibility a package containg a vulnerable library. Users of Red Hat Linux are recommended to upgrade to the new packages available under updates directory on our ftp site: * (31-Dec-1997) Updates fixing many problems have been added. Solution: * Intel: Upgrade to [22]libc-5.3.12-28.i386.rpm _________________________________________________________________ Package: svgalib Updated: 06-Nov-1998 Problem: * (06-Nov-1998) Security Fix: svgalib has been found to leak file descriptors to /dev/mem. Red Hat would like to thank the users of the BUGTRAQ security list for identifying the problem and Kevin Vajk for providing a fix. Users of Red Hat Linux are recommended to upgrade to the new packages available under the updates directory on our ftp site: To upgrade this package use the rpm command: rpm -Uvh svgalib-1.2.13-6 * (27-Jun-1997) Security Fix: Minor security problems have been found by the Linux Security Auditing group in svgalib which allow users to make the console unuseable. * (25-Mar-1998)Security Fix: /tmp exploits have been discovered in this package. As usual, the package has been PGP signed with the Red Hat PGP key. Solution: * Intel: Upgrade to: [23]svgalib-1.2.13-6.i386.rpm [24]svgalib-devel-1.2.13-6.i386.rpm _________________________________________________________________ Package: zgv Updated: 06-Nov-1998 Problem: * (06-Nov-1998) Security Fix: Auditors of zgv have found buffer overflows that could be exploited to gain root privileges. Red Hat would like to thank the users of the BUGTRAQ security list for identifying the problem and Kevin Vajk for providing a fix. Users of Red Hat Linux are recommended to upgrade to the new packages available under the updates directory on our ftp site. To upgrade this package use the rpm command: rpm -Uvh zgv-3.0-6.i386.rpm Solution: * Intel: Upgrade to: [25]zgv-3.0-0.5.0.i386.rpm _________________________________________________________________ Package: cyrix Updated: 27-Oct-1998 Problem: * (27-Oct-1998) Changes on FTP site cause this errata to need to be changed. Users need to get the gcc/egcs from the 5.1 or upgrade to the 5.1 release. * (29-Dec-1997) Fixes problems involving sig 11 during compiling on older Cyrix chips. * (05-Dec-1997) Cyrix processors may have sig 11 and other problems. Solution: * Intel: This again is _not_ an official update. It has been tested in the lab that the 5.1 gcc/egcs combinations get around the Cyrix problem that people were having. Another fix is to use the normal 5.0 gcc without any optimizations. _________________________________________________________________ Package: Netscape Updated: 20-Aug-1998 Problem: * (30-Aug-1998) Security Update: Updated versions of Netscape compiled with glibc libraries are available for download. These fix minor security problems with Java class libraries. * (26-Jan-1998) Ok, this isn't really an errata, more of an add-on. Since it's freely distributed, here are the Netscape RPM's built for the 5.0 release. Solution: * Intel: Upgrade to: [26]netscape-communicator-4.06-2.i386.rpm [27]netscape-navigator-4.06-2.i386.rpm [28]netscape-common-4.06-2.i386.rpm _________________________________________________________________ Package: REAL Updated: 30-Jul-1998 Problem: * (30-Jul-1998)Security Fix: This update fixes the following problems: + UDP security exploit + Proxy host string in the Preferences dialog box has a bug where the first host in the comma separated list is ignored. * (05-Apr-1998) This release is the Gold 5.0 player for Real Media. It fixes many bugs found in the previous beta clients. It also has no expiration date. * (14-Dec-1998) These new packages fix bugs in pnserver and rvplayer and extend the licenses until 30-APR-98. a new update should be available before then. Solution: * Note: + Since the pnserver package and rvplayer package share some common libs, you will need to upgrade both packages if you have them both installed. + Due to the fact that you may have 1 of 3 different RPM's on your system, the instructions for upgrading are rather complex. Please bear with us. * Server package NOTE: If you have both the client and the server installed, you must upgrade the server first. There are shared libraries between these two packages and the libraries contained in the server package will not work for the client. Depending on which PNserver RPM's you have installed on your system, you will need to do one of the following. If you have the pnserver-5.0-10.i386.rpm, then you will need to download: [29]pnserver-5.0-11.i386.rpm.rhmask and [30]pnserver-5.0.1-2.i386.rpm.rh50.rhmask to /tmp. You must copy the original pnserver-5.0-10.i386.rpm from the first CD and pnserver-docs-5.0-10.i386.rpm to /tmp and then issue the following commands while you are in /tmp: cd /tmp rhmask pnserver-5.0-10.i386.rpm pnserver-5.0-11.i386.rpm.rhmask rhmask pnserver-5.0-11.i386.rpm pnserver-5.0.1-2.i386.rpm.rh50.rhmask That will create the pnserver-5.0.1-2.i386.rpm package which can be installed by the following command: rpm -Uvh --force pnserver-5.0.1-2.i386.rpm If you already have the the pnserver-5.0-11.i386.rpm on your machine, then you will only need to download the rhmasked RPM [31]pnserver-5.0.1-2.i386.rpm.rh50.rhmask to /tmp. Copy the pnserver-5.0-11.i386.rpm package to /tmp.[The rpm should be located on the first Red Hat cdrom] From the /tmp directory, issue the following commands to create the new package: cd /tmp rhmask pnserver-5.0-11.i386.rpm pnserver-5.0.1-2.i386.rpm.rh50.rhmask That will create the pnserver-5.0.1-2.i386.rpm package which can be installed by the following command: rpm -Uvh --force pnserver-5.0.1-2.i386.rpm * Client package The Real Video player upgrades are available in rhmask-ed RPM . We have created these rhmask-ed images to comply with our license agreement with Real Networks. There are several updated rhmask files, and depending on what rpm you currently have installed you will need to download 1-2 rpms per package. To determine which rvplayer and pnserver RPM's you have you will need to check your cdrom or see if you have a previous version that you un-rhmasked earlier. If you have rvplayer-5.0b2-4.i386.rpm then get: [32]rvplayer-5.0-2.i386.rpm.rhmask-4 and [33]rvplayer-5.0-3.i386.rpm.rh50.rhmask If you have rvplayer-5.0b2-5.i386.rpm then you need to download: [34]rvplayer-5.0-2.i386.rpm.rhmask-5 and [35]rvplayer-5.0-3.i386.rpm.rh50.rhmask If you already have rvplayer-5.0-1.i386.rpm then you will only need to get: [36]rvplayer-5.0-3.i386.rpm.rh50.rhmask Place the rhmask files in /tmp. You must also copy the rvplayer rpm package that you have to the /tmp directory. [The rvplayer rpm will be on the first Red Hat cdrom.] To create the new rvplayer package from rvplayer-5.0b2-4.i386.rpm, issue the following in /tmp: rhmask rvplayer-5.0b2-4.i386.rpm rvplayer-5.0-2.i386.rpm.rhmask-4 rhmask rvplayer-5.0-2.i386.rpm rvplayer-5.0-3.i386.rpm.rh50.rhmask To create the new rvplayer package from rvplayer-5.0b2-5.i386.rpm, issue the following in /tmp: rhmask rvplayer-5.0b2-5.i386.rpm rvplayer-5.0-2.i386.rpm.rhmask-5 rhmask rvplayer-5.0-2.i386.rpm rvplayer-5.0-3.i386.rpm.rh50.rhmask To create the new rvplayer package from rvplayer-5.0-2.i386.rpm, issue the following in /tmp: rhmask rvplayer-5.0-2.i386.rpm rvplayer-5.0-3.i386.rpm.rh50.rhmask The rvplayer-5.0-3 rpm can then be installed with the following command: rpm -Uvh --force rvplayer-5.0-3.i386.rpm _________________________________________________________________ Package: dosemu Updated: 02-Jul-1998 Problem: * (02-Jul-1998) Security Fix: Various security holes have been found that allow root access. All Red Hat users that use Dosemu, should upgrade. Solution: * Intel: Upgrade to [37]dosemu-0.66.7-7.i386.rpm _________________________________________________________________ Package: kernel, iBCS, pcmcia, modutils, initscripts Updated: 23-Jun-1998 Problem: * (23-Jun-1998) Red Hat is pleased to release official 2.0.34 kernel packages that also include PCMCIA and iBCS packages. The packaging method that is now employeed by the kernel makes kernel upgrades very simple. To upgrade a Red Hat 5.0 box to the new kernels, you must also upgrade the modutils and initscripts packages. The kernel-modules package has also been eliminated. The modules are now a part of the base kernel package. * (03-Dec-1997) Security Fix: Teardrop IP fragmentation problems and the pentium f00f bugs are fixed by these updates. For detailed instructions on doing the upgrade, please see: [38]http://www.redhat.com/support/docs/rhl/intel/kernel-upgrade-in tel.html Solution: To avoid dependency problems and package conflicts, it is necessary to list all the packages to be installed on the command line with rpm at once. The simplist way to do this is to download all the packages to a temporary directory, /tmp/upgrades and then install from there with Upgrade the packages as follows: cd /tmp/upgrades rpm -Uvh initscripts-3.65-2.i386.rpm modutils-2.1.85-4.i386.rpm rpm -ivh /tmp/upgrades/kernel*.rpm If your machine requires a initrd, as in SCSI disks or ethernet cards, your will need to make a new initrd image. Do this by running mkinitrd as: mkinitrd /boot/initrd-2.0.35-1.img 2.0.35-1 Once the new packages have been installed, you need to edit your /etc/lilo.conf file. You will need to change the name of the kernel image listed to point to the new 2.0.35-1 kernel. You will also need to update your initrd line if you made a new initrd in the previous step. After changing these entries, you must rerun lilo as /sbin/lilo before the new changes will take effect. At this point, you can make a new boot disk for your system with the new kernel and initrd image. Do this as: mkbootdisk --device /dev/fd0 2.0.35-1 * Intel: Upgrade to [39]kernel-2.0.35-2.i386.rpm [40]kernel-pcmcia-cs-2.0.35-2.i386.rpm [41]kernel-ibcs-2.0.35-2.i386.rpm [42]initscripts-3.67-1.i386.rpm [43]modutils-2.1.85-4.i386.rpm _________________________________________________________________ Package: ncpfs,smbfs Updated: 13-Apr-1998 Problem: * (13-Apr-1998) Permissions problems when mounting ncp and smb volumes. Solution: * Intel: Upgrade to: [44]ncpfs-2.0.11-3.i386.rpm [45]smbfs-2.0.1-2.i386.rpm _________________________________________________________________ Package: mkinitrd Updated: 24-Mar-1998 Problem: * (24-Mar-1998) Problems were discovered in the original version of mkinitrd shipped with 5.0. The problem is the inability to handle some modules that require complex option lines. Solution: * Intel: Upgrade to: [46]mkinitrd-1.8-1.i386.rpm _________________________________________________________________ Package: mars-nwe Updated: 13-Jan-1998 Problem: * (13-Jan-1998) Problems of stopping and starting of init script fixed. Solution: * Intel: Upgrade to [47]mars-nwe-0.99pl2-3.i386.rpm _________________________________________________________________ Package: usernet Updated: 17-Dec-1997 Problem: * (17-Dec-1997) Usernet would hang when manipulating PPP connections. Solution: * Intel: Upgrade to [48]usernet-1.0.6-1.i386.rpm _________________________________________________________________ Package: clock off Updated: 10-Dec-1997 Problem: * (10-Dec-1997) Time problems occur in libc5 applications. They must either be recompiled or have the below fix applied. Solution: * Create the proper link by executing this command. ln -s /usr/share/zoneinfo /usr/lib/zoneinfo _________________________________________________________________ Package: kaffe Updated: 10-Dec-1997 Problem: * (10-Dec-1997) This includes the kaffe binary (oops), as well as some more shared libraries which are missing. It won't work without Sun's classes.zip Java runtime library however, which we are not allowed to distribute. Solution: * Intel: Upgrade to [49]kaffe-0.9.2-3.i386.rpm [50]kaffe-bissawt-0.9.2-3.i386.rpm _________________________________________________________________ Package: LinuxThreads Updated: 05-Dec-1997 Problem: * (05-Dec-1997) When upgrading to 5.0, the new GLibC contains threads natively. The "LinuxThreads" package is no longer needed for threads to work properly. Solution: * When upgrading, remove the "linuxthreads" package using the command: rpm -e linuxthreads as superuser. _________________________________________________________________ Package: autofs-0.3.14-2 Updated: 05-Dec-1997 Problem: * (03-Dec-1997) autofs-0.3.14-1 does not work when NIS services are enabled; it logs messages saying undefined symbol: yperr_string. Solution: * Intel: Upgrade to [51]autofs-0.3.14-2.i386.rpm _________________________________________________________________ Package: ld.so Updated: 03-Dec-1997 Problem: * (03-Dec-1997) Many libc5 apps do not work. Solution: * Intel: Upgrade to [52]ld.so-1.9.5-5.i386.rpm _________________________________________________________________ _________________________________________________________________ [53]Feedback | [54]Store | [55]News | [56]Support | [57]Product Errata | [58]About Us | [59]Search | Copyright © 1995-1998 Red Hat Software. [60]Legal notices References 1. mailto:faq-maintainer@redhat.com 2. http://www.redhat.com/support/docs/rhl/rh50-errata-general.html 3. http://www.redhat.com/mirrors.html 4. ftp://updates.redhat.com/5.0/i386/ 5. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#libc 6. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#svgalib 7. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#zgv 8. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#cyrix 9. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#Netscape 10. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#REAL 11. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#dosemu 12. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#kernel 13. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#ncpfs,smbfs 14. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#mkinitrd 15. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#mars-nwe 16. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#usernet 17. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#clock_off 18. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#kaffe 19. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#LinuxThreads 20. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#autofs-0.3.14-2 21. http://www.redhat.com/support/docs/rhl/intel/rh50-errata-intel.html#ld.so 22. ftp://updates.redhat.com/5.0/i386/libc-5.3.12-28.i386.rpm 23. ftp://updates.redhat.com/5.0/i386/svgalib-1.2.13-6.i386.rpm 24. ftp://updates.redhat.com/5.0/i386/svgalib-devel-1.2.13-6.i386.rpm 25. ftp://updates.redhat.com/5.0/i386/zgv-3.0-0.5.0.i386.rpm 26. ftp://updates.redhat.com/5.0/i386/netscape-communicator-4.06-2.i386.rpm 27. ftp://updates.redhat.com/5.0/i386/netscape-navigator-4.06-2.i386.rpm 28. ftp://updates.redhat.com/5.0/i386/netscape-common-4.06-2.i386.rpm 29. ftp://ftp.redhat.com/pub/redhat/updates/real/i386/pnserver-5.0-11.i386.rpm.rhmask 30. ftp://ftp.redhat.com/pub/redhat/updates/real/i386/pnserver-5.0.1-2.i386.rpm.rh50.rhmask 31. ftp://ftp.redhat.com/pub/redhat/updates/real/i386/pnserver-5.0.1-2.i386.rpm.rh50.rhmask 32. ftp://ftp.redhat.com/pub/redhat/updates/real/i386/rvplayer-5.0-2.i386.rpm.rhmask-4 33. ftp://ftp.redhat.com/pub/redhat/updates/real/i386/rvplayer-5.0-3.i386.rpm.rh50.rhmask 34. ftp://ftp.redhat.com/pub/redhat/updates/real/i386/rvplayer-5.0-2.i386.rpm.rhmask-5 35. ftp://ftp.redhat.com/pub/redhat/updates/real/i386/rvplayer-5.0-3.i386.rpm.rh50.rhmask 36. ftp://ftp.redhat.com/pub/redhat/updates/real/i386/rvplayer-5.0-3.i386.rpm.rh50.rhmask 37. ftp://updates.redhat.com/5.0/i386/dosemu-0.66.7-7.i386.rpm 38. http://www.redhat.com/support/docs/rhl/intel/kernel-upgrade-intel.html 39. ftp://updates.redhat.com/5.0/i386/kernel-2.0.35-2.i386.rpm 40. ftp://updates.redhat.com/5.0/i386/kernel-pcmcia-cs-2.0.35-2.i386.rpm 41. ftp://updates.redhat.com/5.0/i386/kernel-ibcs-2.0.35-2.i386.rpm 42. ftp://updates.redhat.com/5.0/i386/initscripts-3.67-1.i386.rpm 43. ftp://updates.redhat.com/5.0/i386/modutils-2.1.85-4.i386.rpm 44. ftp://updates.redhat.com/5.0/i386/ncpfs-2.0.11-3.i386.rpm 45. ftp://updates.redhat.com/5.0/i386/smbfs-2.0.1-2.i386.rpm 46. ftp://updates.redhat.com/5.0/i386/mkinitrd-1.8-1.i386.rpm 47. ftp://updates.redhat.com/5.0/i386/mars-nwe-0.99pl2-3.i386.rpm 48. ftp://updates.redhat.com/5.0/i386/usernet-1.0.6-1.i386.rpm 49. ftp://updates.redhat.com/5.0/i386/kaffe-0.9.2-3.i386.rpm 50. ftp://updates.redhat.com/5.0/i386/kaffe-bissawt-0.9.2-3.i386.rpm 51. ftp://updates.redhat.com/5.0/i386/autofs-0.3.14-2.i386.rpm 52. ftp://updates.redhat.com/5.0/i386/ld.so-1.9.5-5.i386.rpm 53. http://www.redhat.com/email.html 54. http://www.redhat.com/products/ 55. http://www.redhat.com/news/ 56. http://www.redhat.com/support/ 57. http://www.redhat.com/support/docs/errata.html 58. http://www.redhat.com/redhat/ 59. http://www.redhat.com/search/ 60. http://www.redhat.com/redhat/website.html#legal