-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Bugfix Advisory #2006-0007

Package names:	   bind, iptables, kernel, logrotate, mc,
                   opencdk, openssh, smartmontools   
Summary:           Various bug fixes
Date:              2006-02-17
Affected versions: Trustix Secure Linux 3.0
                   Trustix Secure Linux 2.2

- --------------------------------------------------------------------------
Package description:
  bind
  BIND (Berkeley Internet Name Domain) is an implementation of the DNS
  (Domain Name System) protocols. BIND includes a DNS server (named),
  which resolves host names to IP addresses, and a resolver library
  (routines for applications to use when interfacing with DNS).  A DNS
  server allows clients to name resources or objects and share the
  information with other network machines.  The named DNS server can be
  used on workstations as a caching name server, but is generally only
  needed on one machine for an entire network.

  iptables
  The iptables utility controls the network packet filtering code in the
  Linux kernel. If you need to set up firewalls and/or IP masquerading,
  you must install this package.

  kernel
  The kernel package contains the Linux kernel (vmlinuz), the core of your
  Trustix Secure Linux operating system.  The kernel handles the basic
  functions of the operating system:  memory allocation, process allocation,
  device input and output, etc.

  logrotate 
  The logrotate utility is designed to simplify the administration of
  log files on a system which generates a lot of log files.  Logrotate
  allows for the automatic rotation compression, removal and mailing of
  log files.  Logrotate can be set to handle a log file daily, weekly,
  monthly or when the log file gets to a certain size.  Normally, logrotate
  runs as a daily cron job.

  mc
  GNU Midnight Commander (also referred to as MC) is a user shell with
  text-mode full-screen interface.  It can be run on the OS console, in
  xterm and other terminal emulators.

  opencdk
  This library provides basic parts of the OpenPGP message format.

  openssh
  Ssh (Secure Shell) a program for logging into a remote machine and for
  executing commands in a remote machine.  It is intended to replace
  rlogin and rsh, and provide secure encrypted communications between
  two untrusted hosts over an insecure network.  X11 connections and
  arbitrary TCP/IP ports can also be forwarded over the secure channel.
  
  smartmontools
  smartmontools contains utilities that control and monitor storage
  devices using the Self-Monitoring, Analysis and Reporting Technology
  (S.M.A.R.T.) system build into ATA and SCSI Hard Drives. This is used
  to check the reliability of the hard drive and to predict drive
  failure.

Problem description:
  bind < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
  - rndc.key is 640 permission. Bug #1614

  iptables < TSL 3.0 >
  - Removed old patches, Bug #1622.
  - Patch to fix segfault or loading of invalid counters in
    ip[6]tables-restore (Olaf Rempel).

  kernel < TSL 3.0 > 
  - New Upstream

  logrotate < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
  - New Upstream.
  - tmpfile not used to run script anymore, Bug #1569.
  
  mc < TSL 3.0 >
  - Added symlinks mcedit mcview. Bug #1609.

  opencdk < TSL 3.0 >
  - New Upstream.

  openssh < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
  - New upstream.
  - Resolved few portability bugs

  smartmontools < TSL 3.0 >
  - Initial Entry into TSL 3.0

Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All Trustix Secure Linux updates are available from
  <URI:http://http.trustix.org/pub/trustix/updates/>
  <URI:ftp://ftp.trustix.org/pub/trustix/updates/>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus
  on security and stability, the system is painlessly kept safe and up to
  date from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.


Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.org/support/>


Verification:
  This advisory along with all Trustix packages are signed with the
  TSL sign key.
  This key is available from:
  <URI:http://www.trustix.org/TSL-SIGN-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.org/errata/trustix-2.2/> and
  <URI:http://www.trustix.org/errata/trustix-3.0/>
  or directly at
  <URI:http://www.trustix.org/errata/2006/0007/>


MD5sums of the packages:
- --------------------------------------------------------------------------
209532048ab880aafa745b09d9c48e3d  3.0/rpms/bind-9.3.2-2tr.i586.rpm
3dc0a7e08556cfcbf99c1a630ac03c03  3.0/rpms/bind-devel-9.3.2-2tr.i586.rpm
2f156e93345d5d9af0d1de015fa9f701  3.0/rpms/bind-libs-9.3.2-2tr.i586.rpm
3898841774467dab781c859b9e13f6a6  3.0/rpms/bind-light-9.3.2-2tr.i586.rpm
5c5ddf3ea267a65226a1c32678216be1  3.0/rpms/bind-light-devel-9.3.2-2tr.i586.rpm
ca3a8e7abb1da7878a5e2913bd71a917  3.0/rpms/bind-utils-9.3.2-2tr.i586.rpm
1ee5faea10c0b795f22f3f1e57c3a508  3.0/rpms/iptables-1.3.5-2tr.i586.rpm
bdce854874b0fee613f3a08c2313c68c  3.0/rpms/iptables-devel-1.3.5-2tr.i586.rpm
38ad002d4d0628418b511c7ce2b42137  3.0/rpms/iptables-ipv6-1.3.5-2tr.i586.rpm
f3b527263fde69fb4fd89b2953f0d3f5  3.0/rpms/kernel-2.6.15.4-2tr.i586.rpm
71b9f990f8b98fc9142982b6f215f66f  3.0/rpms/kernel-doc-2.6.15.4-2tr.i586.rpm
dcd619313302622f11e77e0587b4d065  3.0/rpms/kernel-headers-2.6.15.4-2tr.i586.rpm
e1f77d8eeb50d191bddf42b1c8c9efc9  3.0/rpms/kernel-smp-2.6.15.4-2tr.i586.rpm
44124a4cb24b6c87526c161b4a29d1de  3.0/rpms/kernel-smp-headers-2.6.15.4-2tr.i586.rpm
7597575f70e677e68dd09651f4110cc4  3.0/rpms/kernel-source-2.6.15.4-2tr.i586.rpm
fae4e1815ed2481d42432c85fb3bb4b4  3.0/rpms/kernel-utils-2.6.15.4-2tr.i586.rpm
6b1520a39bfe323953beee0f78c1889f  3.0/rpms/logrotate-3.7.3-1tr.i586.rpm
0280e09dd7d6e6d64e1b41c6906aa37c  3.0/rpms/mc-4.6.1-4tr.i586.rpm
e1a116d421e4b5f9cfb57e99e22e4fb8  3.0/rpms/opencdk-0.5.8-1tr.i586.rpm
f056fd165c6aee883f6136f9cbf100c2  3.0/rpms/opencdk-devel-0.5.8-1tr.i586.rpm
047fa0803887a74f8b19929622ed9ef8  3.0/rpms/openssh-4.3p2-1tr.i586.rpm
56c2e3cb4613ca696fcb921ce91b0374  3.0/rpms/openssh-clients-4.3p2-1tr.i586.rpm
ab4d97115a7c06902345c2ace0666095  3.0/rpms/openssh-server-4.3p2-1tr.i586.rpm
ab64a676c9334cd60da6306c4acd2539  3.0/rpms/openssh-server-config-4.3p2-1tr.i586.rpm
cef626cc2710a1b4e58dfacb3b05d318  3.0/rpms/smartmontools-5.33-2tr.i586.rpm

2bace7ac14a17bcefa6fbe825f1c6c93  2.2/rpms/bind-9.3.2-2tr.i586.rpm
059352dba8a50712d73844bbd38245a3  2.2/rpms/bind-devel-9.3.2-2tr.i586.rpm
bd6fb82a1bd3cab8dfe32128c6ad908b  2.2/rpms/bind-libs-9.3.2-2tr.i586.rpm
81baeeb63e8572295650f38fc00935d2  2.2/rpms/bind-light-9.3.2-2tr.i586.rpm
a08c12e5ec8791f4109b631deeab6d07  2.2/rpms/bind-light-devel-9.3.2-2tr.i586.rpm
d88c61ab2f36aad01e14ed815b8dc5b0  2.2/rpms/bind-utils-9.3.2-2tr.i586.rpm
c6f8ce12b5456f6c29cd17b8be0dbc81  2.2/rpms/logrotate-3.7.3-1tr.i586.rpm
c49cdcba5f8af42d51fda92087b567d9  2.2/rpms/openssh-4.3p2-1tr.i586.rpm
f6040b0fd698213074beac7b39f4f6cc  2.2/rpms/openssh-clients-4.3p2-1tr.i586.rpm
1d75dc2c41800325ffe8211dc9aeb204  2.2/rpms/openssh-server-4.3p2-1tr.i586.rpm
2f01099b6080d541f820102f62da1ca9  2.2/rpms/openssh-server-config-4.3p2-1tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (GNU/Linux)

iD8DBQFD/wWti8CEzsK9IksRAsJjAJ4hGUEQ73G7tnK0KV5LWdhPh/KELwCfbbZb
txujoz6MgZ4emr4/EgUJIrI=
=LQ3r
-----END PGP SIGNATURE-----