home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.security.misc
- Path: sparky!uunet!hela.iti.org!usc!rpi!fitzgb
- From: fitzgb@mml0.meche.rpi.edu (Brian Fitzgerald)
- Subject: recent security patches
- Message-ID: <baj1tvc@rpi.edu>
- Nntp-Posting-Host: mml0.meche.rpi.edu
- Organization: Rensselaer Polytechnic Institute, Troy, NY
- References: <1992Oct16.161209.3142@src.honeywell.com> <1992Nov4.150824.26312@src.honeywell.com>
- Date: Thu, 5 Nov 1992 21:15:58 GMT
- Lines: 32
-
- Y'know most of this stuff is fairly generic.
-
- This table should have a column for every unix operating system
- developer and reseller.
-
- Good idea for a FAQ!
-
- > ============================================================================
- >
- > patch comments what to do for 4.1.3
- > -----------------------------------------------------------------------------
- > 100103 file permissions <get patch rev 11>
- > 100513 TIOCCONS, pty living on (CA-90:12,etc) <get rev 01>
- > 100173 get root via NFS uids (CA-91:21,CA-92:15) <get rev 09>
- > 100296 rpc.mountd, netgroups (CA-91:09,CA-92:12) <get rev 04>
- > 100305 lpd deletes anything (CA-91:10a) <get rev 10>
- > 100376 SPARC integer / and * (CA-91:16,CA-92:15) <in 4.1.3>
- > 100383 rdist lets you make setuid files (CA-91:20) <get rev 05>
- > 100424 fsirand and nfs handles (reqs 173) (CA-91:21) <patch forthcoming>
- > 100448 OW 3.0 loadmodule gives you root (CA-91:22) <get rev 01?>
- > 100478 xlock screws up <??>
- > 100482 several NIS holes (CA-92:13) <get rev 03>
- > 100567 icmp redirects, denial of service (CA-92:15) <get rev 04>
- > 100630,100633,100377 --
- > getting root via LD_ and env vars (CA-92:11) <get 377-05, ...??>
- >
- > I've not gone after info on the C2 Jumbo Patch, 100564, which impacts
- > rpc.yppasswdd, rpc.pwdauthd -- we're not running C2 (yet).
- >
- > 100513 supercedes 100188 (CA-90:12), sez Ken Pons.
- >
- > 100633 is for Sun Shield (so we don't care), says Steve Scampani.
-
