-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Bugfix Advisory #2005-0041
Package names: apache, cgilib, curl, kernel, libart,
mod_auth_mysql, mod_auth_pgsql, mod_authz_ldap,
open, php, rrdtool, vlock, webalizer
Summary: Various bug fixes
Date: 2005-08-12
Affected versions: Trustix Secure Linux 2.2
Trustix Secure Linux 3.0
- --------------------------------------------------------------------------
Package description:
apache
Apache is a full featured web server that is freely available, and also
happens to be the most widely used.
cgilib
cgilib is a simple library that provides an easy interface to the common
gateway interface, known as CGI. The purpose is to provide an easy to
use interface to CGI if you need to write your program in C instead of
perl.
curl
curl is a client to get documents/files from servers, using any of the
supported protocols. The command is designed to work without user
interaction or any kind of interactivity.
kernel
The kernel package contains the Linux kernel (vmlinuz), the core of your
Trustix Secure Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process allocation,
device input and output, etc.
libart
Libart is a library for high-performance 2D graphics.It is currently being
used as the antialiased rendering engine for the Gnome Canvas. It is also
the rendering engine for Gill, the Gnome Illustration app.
mod_auth_mysql
The mod_auth_mysql module consists an authorization handler that uses an
MySQL server as the basis for authorizations.
mod_auth_pgsql
The mod_auth_pgsql module consists an authorization handler that uses an
PostgreSQL server as the basis for authorizations.
mod_authz_ldap
The mod_authz_ldap module consists an authorization handler that uses an
LDAP server as the basis for authorizations.
open
The open command starts a specified command with the first available
virtual console, or on a virtual console that you specify. Install the
open package if you regularly use virtual consoles to run programs.
php
PHP is an HTML-embedded scripting language. PHP attempts to make it easy
for developers to write dynamically generated web pages. PHP also offers
built-in database integration for several commercial and non-commercial
database management systems, so writing a database-enabled web page with
PHP is fairly simple. The most common use of PHP coding is probably as a
replacement for CGI scripts. The mod_php module enables the Apache web
server to understand and process the embedded PHP language in web pages.
rrdtool
RRD is the Acronym for Round Robin Database. RRD is a system to store and
display time-series data (i.e. network bandwidth, machine-room temperature,
server load average). It stores the data in a very compact way that will not
expand over time, and it presents useful graphs by processing the data to
enforce a certain data density. It can be used either via simple wrapper
scripts (from shell or Perl) or via frontends that poll network devices and
put a friendly user interface on it.
vlock
The vlock program locks one or more sessions on the console. Vlock can lock
the current terminal (local or remote) or the entire virtual console system,
which completely disables all console access. The vlock program unlocks when
either the password of the user who started vlock or the root password is
typed.
webalizer
The Webalizer is a web server log file analysis program which produces usage
statistics in HTML format for viewing with a browser. The results are
presented in both columnar and graphical format, which facilitates
interpretation.
Problem description:
apache
- Now package suexec in apache-suexec, Ref. Bug #1163.
cgilib
- Initial Entry into TSL-3.0
curl
- Initial Entry into TSL-3.0
kernel
- New Upstream
- Enabled Extended matches in QoS, Fix Bug #1167.
libart
- Initial Entry into TSL-3.0
mod_auth_mysql
- Initial Entry into TSL-3.0
mod_auth_pgsql
- Initial Entry into TSL-3.0
mod_authz_ldap
- Initial Entry into TSL-3.0
open
- Initial Entry into TSL-3.0
php
- Rebuilt with Curl support.
rrdtool
- Initial Entry into TSL-3.0
vlock
- Initial Entry into TSL-3.0
webalizer
- Initial Entry into TSL-3.0
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Questions?
Check out our mailing lists:
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
The advisory itself is available from the errata pages at
and
or directly at
MD5sums of the packages:
- --------------------------------------------------------------------------
6c2e90205eae62f353e2cc46421a6bf7 3.0/rpms/apache-2.0.54-12tr.i586.rpm
cb52884b5ba72ca4631860ebe17b6115 3.0/rpms/apache-dbm-2.0.54-12tr.i586.rpm
2fa86b57b22b5b8c18c159059e30f712 3.0/rpms/apache-devel-2.0.54-12tr.i586.rpm
c233a2d80d064e68cfbc0cb0a6382b50 3.0/rpms/apache-html-2.0.54-12tr.i586.rpm
1f95b1b1db5e391330c63eeda13aec31 3.0/rpms/apache-manual-2.0.54-12tr.i586.rpm
9554fde8303a921d9c64623da2b3e209 3.0/rpms/apache-suexec-2.0.54-12tr.i586.rpm
8a8162592377887c59de4b2fa7ff35f8 3.0/rpms/cgilib-0.5-1tr.i586.rpm
f824a8e8f445604f355d665416491a50 3.0/rpms/curl-7.14.0-1tr.i586.rpm
3cb1724ab1bdd3527dd027a0c84a1728 3.0/rpms/curl-devel-7.14.0-1tr.i586.rpm
2107a9552443c0920e1052e492bf0a5c 3.0/rpms/kernel-2.6.12.4-2tr.i586.rpm
6dedd233aa39fa60debb747b7d67aaa2 3.0/rpms/kernel-doc-2.6.12.4-2tr.i586.rpm
031f5342ed1e47c7fbf8170d8a874728 3.0/rpms/kernel-headers-2.6.12.4-2tr.i586.rpm
10c471e253e8ad39c98d04763fe5af96 3.0/rpms/kernel-smp-2.6.12.4-2tr.i586.rpm
2b690b9bb631e4ac3abf5edb03008664 3.0/rpms/kernel-smp-headers-2.6.12.4-2tr.i586.rpm
698258e23c01e4838ab392ea993e4da4 3.0/rpms/kernel-source-2.6.12.4-2tr.i586.rpm
2e1fb9cdbc78e64c1e56dac6cdcca1b6 3.0/rpms/kernel-utils-2.6.12.4-2tr.i586.rpm
c319362ebad72d1fe01b709c8db0c311 3.0/rpms/libart-2.3.17-1tr.i586.rpm
9c0fc490e1553a0d9c27ef584d7b64f9 3.0/rpms/libart-devel-2.3.17-1tr.i586.rpm
b1c2720e5d68a77faab0f6ef97881728 3.0/rpms/mod_auth_mysql-3.0.0-1tr.i586.rpm
bc4c1664dfeba2daaf46a9974fe00ec6 3.0/rpms/mod_auth_pgsql-2.0.1-1tr.i586.rpm
ea12921560b0565653a9af4ffb1fdc8d 3.0/rpms/mod_authz_ldap-0.26-1tr.i586.rpm
f913ea85574c1ee95984365087dfebfe 3.0/rpms/open-1.4-1tr.i586.rpm
2e31b4bd9edd96b70e92bfd3cd67c28b 3.0/rpms/php-5.0.4-16tr.i586.rpm
31eceaf3dc2978caefe19bfbd029244f 3.0/rpms/php-cli-5.0.4-16tr.i586.rpm
096e6e69da050a9cd6805cc3ed0fe640 3.0/rpms/php-curl-5.0.4-16tr.i586.rpm
22055dc2c3f3caa34608e1e31654184b 3.0/rpms/php-devel-5.0.4-16tr.i586.rpm
40161c74e483f781a13ce9eaafef09e4 3.0/rpms/php-exif-5.0.4-16tr.i586.rpm
884c29a6087e6a54b54370e6133a6827 3.0/rpms/php-fcgi-5.0.4-16tr.i586.rpm
115bfdfbfdc5673640d1112cad3b09f9 3.0/rpms/php-gd-5.0.4-16tr.i586.rpm
538d7e2f7518523cf4fa8407e75bf516 3.0/rpms/php-imap-5.0.4-16tr.i586.rpm
e0daacdbe7e645e5d04e64731ae1299b 3.0/rpms/php-ldap-5.0.4-16tr.i586.rpm
9e2524fab0c945abd967252b00727572 3.0/rpms/php-mhash-5.0.4-16tr.i586.rpm
77d2db31b32f317da46f48e31417a409 3.0/rpms/php-mysql-5.0.4-16tr.i586.rpm
f53218d489b40c562c7fd1730e1eae8e 3.0/rpms/php-mysqli-5.0.4-16tr.i586.rpm
ad6970180199e2e9bd2b39122240e830 3.0/rpms/php-pgsql-5.0.4-16tr.i586.rpm
cd97fc2c952fcbfc37f393c6af25c3f7 3.0/rpms/php-snmp-5.0.4-16tr.i586.rpm
c93cf19133245b27fc46eddccb99d47d 3.0/rpms/php-zlib-5.0.4-16tr.i586.rpm
ff3ce497eb9f075e149c954e49fbb1ee 3.0/rpms/rrdtool-1.2.11-1tr.i586.rpm
cc5149e902a26c4d531e1cefd0a1e210 3.0/rpms/rrdtool-devel-1.2.11-1tr.i586.rpm
457f7deb68b0e42a9b80b5ce1c3b18c7 3.0/rpms/rrdtool-perl-1.2.11-1tr.i586.rpm
a321d875f919c476ff783a18339a6043 3.0/rpms/vlock-1.3-1tr.i586.rpm
9972a598f90e75fcca02def37333190c 3.0/rpms/webalizer-2.01_10-1tr.i586.rpm
923c5950e11a9a65a9de0ecf042d8db8 2.2/rpms/apache-2.0.54-6tr.i586.rpm
c8adb46241cca5c506a06ad0f53a7a2b 2.2/rpms/apache-dbm-2.0.54-6tr.i586.rpm
573ee537ef4052430c8346d0ef387df1 2.2/rpms/apache-devel-2.0.54-6tr.i586.rpm
895d2ea889ab1c3443d0bdf8986d0b59 2.2/rpms/apache-html-2.0.54-6tr.i586.rpm
e00584af7b3d870c25eaaea5dff1c668 2.2/rpms/apache-manual-2.0.54-6tr.i586.rpm
f860de0cc20ea6e9d5fbbd936dd03894 2.2/rpms/apache-suexec-2.0.54-6tr.i586.rpm
86c12367b8ebf370de0ba4fdeaea3da7 2.2/rpms/curl-7.14.0-1tr.i586.rpm
e26dbc98ca7250541b011617c72fbed9 2.2/rpms/curl-devel-7.14.0-1tr.i586.rpm
c23436e55d87e5a85d3e3abd179738ff 2.2/rpms/php-5.0.4-9tr.i586.rpm
4f347e957ccc0975e17a07815eef2cac 2.2/rpms/php-cli-5.0.4-9tr.i586.rpm
64a1e249fcc5ca574a7404fcf2a12788 2.2/rpms/php-curl-5.0.4-9tr.i586.rpm
90a8cc8f2a7b26b8e7a8df9904d85047 2.2/rpms/php-devel-5.0.4-9tr.i586.rpm
052e2dbbceaddd0c1312c88210d3dda6 2.2/rpms/php-exif-5.0.4-9tr.i586.rpm
969d60eb4bedf39d82b80ab5a37ebcdc 2.2/rpms/php-gd-5.0.4-9tr.i586.rpm
351294aa4f415fb498353ff5588a3b3a 2.2/rpms/php-imap-5.0.4-9tr.i586.rpm
e8f9912630a0c4d37bb2ba02e5598781 2.2/rpms/php-ldap-5.0.4-9tr.i586.rpm
66b2c116c8f6b27c2fc59275c4a77c57 2.2/rpms/php-mhash-5.0.4-9tr.i586.rpm
2d6afe093f0abc08a0e9cfbd1e2313ed 2.2/rpms/php-mysql-5.0.4-9tr.i586.rpm
2f0015cdbcccb8c6a99053b30f51f71f 2.2/rpms/php-mysqli-5.0.4-9tr.i586.rpm
4963337fb66a70a2865cfa292fc33d8f 2.2/rpms/php-pgsql-5.0.4-9tr.i586.rpm
39abccd8992a0d918a5fad4b4039c880 2.2/rpms/php-zlib-5.0.4-9tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFC/JTGi8CEzsK9IksRAkNqAKCOzlcFDahIJs78JhFa0oAn7CaQDgCfdpUT
yfKdflqpYcB1aSfV66bD7FY=
=zFEG
-----END PGP SIGNATURE-----