[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[RHSA-1999:014-01] New dev, rxvt, screen pacakges for Red Hat Linux 6.0

		   Red Hat, Inc. Security Advisory

Synopsis:		New dev, rxvt, screen packages for Red Hat Linux 6.0
Advisory ID:		RHSA-1999:014-01
Issue date:		1999-06-15
Keywords:		dev rxvt screen pts devpts tty

1. Topic: 

New dev, rxvt, and screen packages are available that fix a
security issue with the packages that originally shipped with
Red Hat Linux 6.0. Please read the 'Solution' section for
special action needed to complete this upgrade.

2. Bug IDs fixed: 

2611 3025 3326

3. Relevant releases/architectures: 

Red Hat Linux 6.0, all architectures

4. Obsoleted by:

5. Conflicts with:

6. RPMs required:

Intel: ftp://updates.redhat.com/6.0/i386/


Alpha: ftp://updates.redhat.com/6.0/alpha/


Sparc: ftp://updates.redhat.com/6.0/sparc/


7. Problem description:

The /dev/pts filesystem was mounted with options 'mode=0622'
in Red Hat Linux 6.0, instead of the correct 'gid=5,mode=0620'.
This could lead to users being able to write to affected ttys.

Additionally, once this was corrected, screen and rxvt would
still chmod the tty devices to potentially insecure modes.

8. Solution:

Upgrade to the latest errata releases of dev, screen and
rxvt for Red Hat Linux 6.0 on your particular platform. 
While the post-install script for the dev package will add the
correct permissions for the /dev/pts file system in the
/etc/fstab file, you will have to manually unmount and
remount the /dev/pts file system with the following commands,
once the correct permissions have been set in the /etc/fstab file:

umount /dev/pts
mount /dev/pts

If you get the error message "umount: /dev/pts: device is busy"
when trying to unmount the filesystem, you will have to close
all connections using the filesystem, such as screen, xterm
(and other such X terminal programs), and some remote

9. Verification:

MD5 sum                           Package Name
34c8c9f6ae3bcb74e63fd67bb785b560  dev-2.7.7-2.i386.rpm
3f0ad6893bdbde6dc9c1a357e555a13b  rxvt-2.6.0-2.i386.rpm
fc48d9c63ebe02b0fa1741f468f4ccea  screen-3.7.6-9.i386.rpm

06777bc610b46490de200cd066c5687b  dev-2.7.7-2.alpha.rpm
67bc34923cd2b2a4504fcb14ed735bf8  rxvt-2.6.0-2.alpha.rpm
f3c2f2c5867d3bca4a5751fcc8652105  screen-3.7.6-9.alpha.rpm

e43914909f7151ef525a6f4b9b1ad461  dev-2.7.7-2.sparc.rpm
fe677d3c7d188e204162d4694739639b  rxvt-2.6.0-2.sparc.rpm
8e793294d01c9a8f7ded1c563cb0ab92  screen-3.7.6-9.sparc.rpm

b25e4de59a00270bb6acd85c8dc901ad  dev-2.7.7-2.src.rpm
eed32f9b8d67c58d62989758beb7320d  rxvt-2.6.0-2.src.rpm
f6b51e57e68c9f1e32dd58ef45c76797  screen-3.7.6-9.src.rpm

These packages are also PGP signed by Red Hat Inc. for security.  Our
key is available at:


10. References:

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]