-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Bugfix Advisory #2005-0014
Package name: amavisd-new apache courier-imap cpplus cyrus-sasl dev
hwdata libpcap libtiff mysql netpbm nfs-utils ntp
openldap portmap postfix postgresql samba spamassassin
sqlgrey
Summary: Package bugfixes
Date: 2005-04-20
Affected versions: Trustix Secure Linux 2.1
Trustix Secure Linux 2.2
Trustix Operating System - Enterprise Server 2
- --------------------------------------------------------------------------
Package description:
amavisd-new:
AMaViS is a script that interfaces a mail transport agent (MTA) with
one or more virus scanners.
apache:
Apache is a full featured web server that is freely available, and also
happens to be the most widely used.
courier-imap:
Courier-IMAP is an IMAP server for Maildir mailboxes. This package contains
the standalone version of the IMAP server that's included in the Courier
mail server package. This package is a standalone version for use with
other mail servers.
cpplus:
CP+ is a web-based tool for remote administration of dedicated servers.
It can be used to perform basic administrative tasks and create/manage
domains through a graphical interface, which makes system administration
easy and comfortable. Users don't need to remember a long list of console
commands with complex syntax and valid parameter values.
All major system management tasks are now presented as icons providing
a single entry point from which to perform a task.
cyrus-sasl:
The cyrus-sasl package contains the Cyrus implementation of SASL.
SASL is the Simple Authentication and Security Layer, a method for
adding authentication support to connection-based protocols.
dev:
The Trustix operating system uses file system entries to represent
devices (CD-ROMs, floppy drives, etc.) attached to the machine. All of
these entries are in the /dev tree (although they don't have to be).
This package contains the most commonly used /dev entries.
hwdata:
hwdata contains various hardware identification and configuration data,
such as the pci.ids database, the XFree86 Cards and MonitorsDb databases.
libpcap:
Libpcap provides a portable framework for low-level network
monitoring. Libpcap can provide network statistics collection,
security monitoring and network debugging. Since almost every system
vendor provides a different interface for packet capture, the libpcap
authors created this system-independent API to ease in porting and to
alleviate the need for several system-dependent packet capture modules
in each application.
libtiff:
The libtiff package contains a library of functions for manipulating
TIFF (Tagged Image File Format) image format files. TIFF is a widely
used file format for bitmapped images. TIFF files usually end in the
.tif extension and they are often quite large.
mysql:
MySQL is a true multi-user, multi-threaded SQL (Structured Query
Language) database server. MySQL is a client/server implementation
that consists of a server daemon (mysqld) and many different client
programs/libraries.
netpbm:
The netpbm package contains a library of functions which support
programs for handling various graphics file formats, including .pbm
(portable bitmaps), .pgm (portable graymaps), .pnm (portable anymaps),
.ppm (portable pixmaps) and others.
nfs-utils:
The nfs-utils package provides a daemon for the kernel NFS server and
related tools, which provides a much higher level of performance than the
traditional Linux NFS server used by most users.
ntp:
The Network Time Protocol (NTP) is used to synchronize a computer's
time with another reference time source. The ntp package contains
utilities and daemons that will synchronize your computer's time to
Coordinated Universal Time (UTC) via the NTP protocol and NTP servers.
The ntp package includes ntpdate (a program for retrieving the date
and time from remote machines via a network) and ntpd (a daemon which
continuously adjusts system time).
openldap:
LDAP servers and clients, as well as interfaces to other protocols.
Note that this does not include the slapd interface to X.500 and
therefore does not require the ISODE package.
portmap:
The portmapper program is a security tool which prevents theft of NIS
(YP), NFS and other sensitive information via the portmapper. A
portmapper manages RPC connections, which are used by protocols like
NFS and NIS.
postfix:
Postfix is an alternative to the sendmail mailer daemon. Postfix attempts
to be fast, easy to administer, and secure, while at the same time being
sendmail compatible enough to not upset existing users.
postgresql:
PostgreSQL is an advanced Object-Relational database management system
(DBMS) that supports almost all SQL constructs (including
transactions, subselects and user-defined types and functions). The
postgresql package includes the client programs and libraries that
you'll need to access a PostgreSQL DBMS server. These PostgreSQL
client programs are programs that directly manipulate the internal
structure of PostgreSQL databases on a PostgreSQL server. These client
programs can be located on the same machine with the PostgreSQL
server, or may be on a remote machine which accesses a PostgreSQL
server over a network connection. This package contains the docs
in HTML for the whole package, as well as command-line utilities for
managing PostgreSQL databases on a PostgreSQL server.
samba:
Samba provides an SMB server which can be used to provide network
services to SMB (sometimes called "Lan Manager") clients, including
various versions of MS Windows, OS/2, and other Linux machines. Samba
uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI
(Microsoft Raw NetBIOS frame) protocol.
spamassassin:
SpamAssassin provides you with a way to reduce, if not completely
eliminate, Unsolicited Bulk Email (or "spam") from your incoming email.
It can be invoked by a MDA such as sendmail or postfix, or can be called
from a procmail script, .forward file, etc. It uses a
genetic-algorithm-evolved scoring system to identify messages which look
spammy, then adds headers to the message so they can be filtered by the
user's mail reading software. This distribution includes the
spamd/spamc components which considerably speeds processing of mail.
sqlgrey:
SQLgrey is a Postfix grey-listing policy service with auto-white-listing
written in Perl with SQL database as storage backend.
Greylisting stops 50 to 90 % junk mails (spam and virus) before they
reach your Postfix server (saves BW, user time and CPU time).
Problem description:
amavisd-new, courier-imap, cyrus-sasl, mysql, nfs-utils, ntp, openldap,
portmap, postfix, postgresql, spamassassin, sqlgrey:
There startup sequence of these programs did not match the order of
possible depencency. As an example, Postfix may be configured to use
MySQL but MySQL was not yet started.
apache:
New upstream.
cpplus:
New upstream.
samba:
New upstream.
dev:
Added audio group and changed ownership information for
/dev/{dsp,mixer,midi}* and /dev/snd*
hwdata:
Updated pcitable adding support for more hardware.
libpcap:
Fixed symlink to %{version}
libtiff:
New Upstream fixes a number of bugs
netpbm:
Fixed permission issue.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Questions?
Check out our mailing lists:
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
The advisory itself is available from the errata pages at
and
or directly at
MD5sums of the packages:
- --------------------------------------------------------------------------
9ea853a3dcfbb8f8aa7ac3184f16969a 2.2/rpms/amavisd-new-2.2.0-8tr.i586.rpm
d422482eca43959c8d2167824e7a9cb4 2.2/rpms/amavisd-new-config-2.2.0-8tr.i586.rpmd120b9236b0a2f13c3b50a8a22693cb7 2.2/rpms/apache-2.0.54-1tr.i586.rpm
2be05a0e7b8feb527104b77ef8de211f 2.2/rpms/apache-dbm-2.0.54-1tr.i586.rpm
0d7a94f5909fce9d94f121e344bd34d5 2.2/rpms/apache-devel-2.0.54-1tr.i586.rpm
ebe15aa44e6121c0126627cf84bac9ff 2.2/rpms/apache-html-2.0.54-1tr.i586.rpm
ecc7bcea45728a59968a58973fcdfe2b 2.2/rpms/apache-manual-2.0.54-1tr.i586.rpm
71186dc187084072e4fd9252394c245e 2.2/rpms/courier-imap-3.0.8-9tr.i586.rpm
77d146e24d9af98d0c92103834fe9c60 2.2/rpms/courier-imap-ldap-3.0.8-9tr.i586.rpm
1cd46debf91a77266f3518518b227b0a 2.2/rpms/courier-imap-mysql-3.0.8-9tr.i586.rpm33cc02d6c8279994f1359cdc1299cb2b 2.2/rpms/courier-imap-pgsql-3.0.8-9tr.i586.rpm0db8ae3e0d2e8244b733d380f8cc84b0 2.2/rpms/cyrus-sasl-2.1.20-4tr.i586.rpm
464292df2e07ebfdd083538cb02d967d 2.2/rpms/cyrus-sasl-devel-2.1.20-4tr.i586.rpm
d982b6de4b1b463662f7550699212169 2.2/rpms/cyrus-sasl-md5-2.1.20-4tr.i586.rpm
7ee2cdc2e07ef94641133f9b9da2df9c 2.2/rpms/cyrus-sasl-otp-2.1.20-4tr.i586.rpm
69157aaa1b1615c25f565e0e3dda06b8 2.2/rpms/cyrus-sasl-plain-2.1.20-4tr.i586.rpm
ace8d4eec522bf27103bcb7162ee0e65 2.2/rpms/cyrus-sasl-sql-2.1.20-4tr.i586.rpm
51580953ea99acdcc406b145cbd6938d 2.2/rpms/cyrus-sasl-utils-2.1.20-4tr.i586.rpm
8d9b8468b1e7e5656bc5ca598aa321e3 2.2/rpms/dev-2.7.19-4tr.i586.rpm
cdb3e2b0627796ee60cc396249aca73c 2.2/rpms/libpcap-0.8.3-2tr.i586.rpm
01d4e31b9fd5f64c2df1777582ff9c92 2.2/rpms/libtiff-3.7.2-1tr.i586.rpm
25963007f61cb451c5155cdb0efa861e 2.2/rpms/libtiff-devel-3.7.2-1tr.i586.rpm
546e66c76b40c93c7ab5d2a422ecce80 2.2/rpms/mysql-4.1.10a-3tr.i586.rpm
f2996098247915483c8c46d4f9ba560e 2.2/rpms/mysql-bench-4.1.10a-3tr.i586.rpm
8b1a382c3bf9bcdfd44d4eb989f85b51 2.2/rpms/mysql-client-4.1.10a-3tr.i586.rpm
710eef014a1d5d209c100745761a883d 2.2/rpms/mysql-devel-4.1.10a-3tr.i586.rpm
7fbf3b7201b1d438d4d21fcaddee8c9a 2.2/rpms/mysql-libs-4.1.10a-3tr.i586.rpm
901fbc57aff1df04c25e8d11feda701a 2.2/rpms/mysql-shared-4.1.10a-3tr.i586.rpm
6249ccfab98637e20f88cdceddd16d4b 2.2/rpms/netpbm-10.27-2tr.i586.rpm
fad7bbacf064aa3bf206b81047a53a9a 2.2/rpms/netpbm-devel-10.27-2tr.i586.rpm
b67b33c894f5e3c1e172f65d72511661 2.2/rpms/netpbm-progs-10.27-2tr.i586.rpm
2d736b08754cfe0d27daa51ff7b03538 2.2/rpms/nfs-utils-1.0.6-5tr.i586.rpm
625005067f07073e32c5525fdfa510ca 2.2/rpms/ntp-4.2.0-13tr.i586.rpm
b05745719822b014084687b9cbc6f0b1 2.2/rpms/openldap-2.1.30-3tr.i586.rpm
f9e8b3938f48f9d4a4027da053bf77e3 2.2/rpms/openldap-devel-2.1.30-3tr.i586.rpm
9f0c204297c9abfddae3e6fd6a79dee8 2.2/rpms/openldap-libs-2.1.30-3tr.i586.rpm
82782fa5fda0347f796ac9b3d7d15166 2.2/rpms/openldap-servers-2.1.30-3tr.i586.rpm
68f216140f1131dd9f528037a1103b35 2.2/rpms/openldap-utils-2.1.30-3tr.i586.rpm
c31d27c655983077edce5e6b21185161 2.2/rpms/perl-mail-spamassassin-3.0.1-4tr.i586.rpm
88ae60867b50642e0a3499f224749b9b 2.2/rpms/portmap-4.0-33tr.i586.rpm
9e1ce4f6253b532635658780fbd46fcc 2.2/rpms/postfix-2.1.5-13tr.i586.rpm
33ac1454c860ce1fb3bdd95a7975420a 2.2/rpms/postfix-conf-2.1.5-13tr.i586.rpm
34fdc946a0b57dcea819f7e7bfc80318 2.2/rpms/postfix-ldap-2.1.5-13tr.i586.rpm
6a15d20719c80333e80eafe058796944 2.2/rpms/postfix-mysql-2.1.5-13tr.i586.rpm
4f8e8654c9bcfdfc01120ce50a799e71 2.2/rpms/postfix-pcre-2.1.5-13tr.i586.rpm
f1bae937737cdc92c0b444fc758ff32b 2.2/rpms/postfix-pgsql-2.1.5-13tr.i586.rpm
bb09faa693407392cc51e17c1628efa7 2.2/rpms/postfix-rmail-2.1.5-13tr.i586.rpm
73cbd69e97c139291caa7de55d59a0c9 2.2/rpms/postgresql-8.0.1-2tr.i586.rpm
3e1d357fb6a99473304ec1959e8ca5a3 2.2/rpms/postgresql-contrib-8.0.1-2tr.i586.rpm5c490fc4249d57cb5a6d9f56ff75b561 2.2/rpms/postgresql-devel-8.0.1-2tr.i586.rpm
8a48762f24bd710ae0293cbfd5164bfa 2.2/rpms/postgresql-docs-8.0.1-2tr.i586.rpm
8213e6d6b85fec56740433e1f71008c0 2.2/rpms/postgresql-libs-8.0.1-2tr.i586.rpm
ac17411a4195a54847d4de28d17e83f7 2.2/rpms/postgresql-plperl-8.0.1-2tr.i586.rpm
a1e5c71b65a17673284620e53dd82d06 2.2/rpms/postgresql-python-8.0.1-2tr.i586.rpm
76bdac13524e869c85b506f4d770d161 2.2/rpms/postgresql-server-8.0.1-2tr.i586.rpm
9136ee5226299a8114cbd76d92d9da88 2.2/rpms/postgresql-test-8.0.1-2tr.i586.rpm
1b3433f689f3530424fdecf4164d6028 2.2/rpms/samba-3.0.14a-1tr.i586.rpm
8ba68ffe696457474b6462bb46ae334f 2.2/rpms/samba-client-3.0.14a-1tr.i586.rpm
29ae4e1518b2c51f1c8644feaf0e5e07 2.2/rpms/samba-common-3.0.14a-1tr.i586.rpm
2ea1a39e5fee2b4d911ead4eb52d5b56 2.2/rpms/samba-mysql-3.0.14a-1tr.i586.rpm
7c7081e388d0d896b2efbd61c656a531 2.2/rpms/spamassassin-3.0.1-4tr.i586.rpm
0e6f4d1741d0441c3761ace30b57a5f9 2.2/rpms/spamassassin-tools-3.0.1-4tr.i586.rpm6051c94000f7566711b0236bdec13ca7 2.2/rpms/sqlgrey-1.4.0-5tr.i586.rpm
9ec9bfcbbd6338ae02ba8a83794ef897 2.1/rpms/apache-2.0.54-1tr.i586.rpm
5fb76a0cbeca269d81056118c6af5055 2.1/rpms/apache-dbm-2.0.54-1tr.i586.rpm
2fc51cc1cd6efc62863830bd00beb15d 2.1/rpms/apache-devel-2.0.54-1tr.i586.rpm
e27586466a6590e1c2a65ab87c48a705 2.1/rpms/apache-manual-2.0.54-1tr.i586.rpm
25841b77afadd9752a5e36c7aad48c63 2.1/rpms/samba-3.0.14a-1tr.i586.rpm
703fcab47204a8cea8b988fd3691d185 2.1/rpms/samba-client-3.0.14a-1tr.i586.rpm
406cc47ef5bf033621676d627607288f 2.1/rpms/samba-common-3.0.14a-1tr.i586.rpm
277411fe939a0a00e9c1be9bb50c71b0 2.1/rpms/samba-mysql-3.0.14a-1tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFCZ4Gni8CEzsK9IksRAjtaAKCfTz/Esb+XT2SBETFUb6eqjrlORwCfUoL4
vSLejfr8VDMophOfxB6ypbQ=
=5LBP
-----END PGP SIGNATURE-----