Fedora Legacy Test Update Notification: sysstat

Marc Deslauriers marcdeslauriers at videotron.ca
Tue Sep 28 11:45:09 UTC 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2004-1372
Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1372
2004-09-28
- ---------------------------------------------------------------------

Name        : sysstat
Versions    : 7.3: 4.0.3-4
Summary     : The sar and iostat system monitoring commands.
Description : 
This package provides the sar and iostat commands for Linux. Sar and
iostat enable system monitoring of disk, network, and other IO
activity.

- ---------------------------------------------------------------------
Update Information:

CAN-2004-0107:
A bug was found in the Red Hat sysstat package post and trigger scripts,
which used insecure temporary file names. A local attacker could
overwrite
system files using carefully-crafted symbolic links in the /tmp
directory.

- ---------------------------------------------------------------------
7.3 changelog:
* Tue Jun 08 2004 Jesse Keating <jkeating at j2solutions.net>
 
- - Added gettext as a BuildReq.
 
* Thu Mar 11 2004 Michal Jaegermann <michal at harddata.com>
 
- - repackaged changes from rhl9 for earlier distributions
 
* Tue Feb 24 2004 Nils Philippsen <nphilipp at redhat.com> 4.0.7-3.rhl9.1
 
- - fix insecure tmp files in scripts (#78212)
- - handle interface names longer than 5 characters (#92052)
- - increase maximum number of partitions (#110822)

- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/redhat/
(sha1sums)

b2d1ced29b39cd024169b173d01db6fa99327bfb
7.3/updates-testing/i386/sysstat-4.0.3-4.legacy.i386.rpm
5bd937c2c0d643ba5a4dcab9c1f5ded2d67c9fb5
7.3/updates-testing/SRPMS/sysstat-4.0.3-4.legacy.src.rpm

- ---------------------------------------------------------------------

Please test and comment in bugzilla.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBWU5xLMAs/0C4zNoRAreUAJ42t6VLM5NvCVhqrp4N+DPfJWuLvACgg39u
ZV6BH2XPsNnVW7h2IvKFSqE=
=/eDp
-----END PGP SIGNATURE-----

More information about the fedora-legacy-list mailing list