home *** CD-ROM | disk | FTP | other *** search
- Red Hat Reseller News Flash
-
- Date: Mon, 28 Sep 1998 09:30:03 -0700 (PDT)
-
- It has recently come to the attention of Red Hat Software that there
- are significant security holes in CDE. All users are affected, both those
- who purchased CDE Client and those who purchased CDE Developer that runs on
- Red Hat Linux 4.0 up to 5.1.
-
- Description of the problem: Several exploits have been found that allow
- any user on your network to gain full access to your CDE session. There
- are also bugs that allow local users to that machine to gain root access.
- This allows anyone that accesses your machine to change files, delete
- files, and commit other malicious actions. Because CDE is not Open
- Source software, we have no ability to fix either the minor bugs that have
- been reported over the last year, or these more important security bugs.
-
- Red Hat Software will no longer distribute CDE effective immediately, but
- will continue to support the copies of CDE that have been purchased
- up to this point.
-
- If you currently have stock of CDE, please return it to your distributor, or
- to Red Hat if you purchased directly from us.
-
- If your customers wish to return CDE, please tell them to send their CDE
- CD-ROM to:
- CDE Returns
- Red Hat Software
- P.O. Box 13588 (for U.S. mail returns)
- 79 T.W. Alexander Dr.
- Bldg 4201, Suite 100
- Research Triangle Park, NC 27709
-
- Red Hat will provide consumers with a $50 credit towards future purchases upon
- receipt of the CD-ROM.
-
- If you have any questions, please contact Chris Gillespie, chris@redhat.com or
- Terry Tomlinson, terry@redhat.com
-
-
