Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Red Hat Enterprise Linux 4: RHSA-2007:0701-02 Low: xterm TTY Permissions

red hat
Calendar Grey November 15, 2007
Dist Redhat Esm H88
Security Notice for Red Hat: xterm patch resolves minor risk linked to terminal device file permissions in RHEL.
An updated xterm package that corrects a security issue is now available for Red Hat Enterprise Linux 4

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

239070 - CVE-2007-2797 Wrong settings for the tty (mesg: error: tty device is not owned by group `tty')

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS: 1e6bd5c8d2dd4a12405bc8d3442f2c3f xterm-192-8.el4.src.rpm

i386: 589caa3f2e0984fd89d65250e377f06f xterm-192-8.el4.i386.rpm fd15d510790d4a2252f26bc79915ea98 xterm-debuginfo-192-8.el4.i386.rpm

ia64: bb3af76c6ba12b96192c50673329dd37 xterm-192-8.el4.ia64.rpm b7d930d860f8762b2f52dafd701d295b xterm-debuginfo-192-8.el4.ia64.rpm

ppc: 415b26fb6c78f8416eefb10b03254d0d xterm-192-8.el4.ppc.rpm 2d3873ce815c843b934ff93812d41e4e xterm-debuginfo-192-8.el4.ppc.rpm

s390: 77d8e2b60ec35da065c7b7b65fc82b46 xterm-192-8.el4.s390.rpm c1e25b6df0c45f0dc84b222d839030c2 xterm-debuginfo-192-8.el4.s390.rpm

s390x: 7e2261212daab8efbfe301cee7251be9 xterm-192-8.el4.s390x.rpm 84e6ee329093936d744b095d3c94ba8d xterm-debuginfo-192-8.el4.s390x.rpm

x86_64: 98850a2fe869908974bab98456e5c3a3 xterm-192-8.el4.x86_64.rpm 62a5541a4d336fa39f960dea51e31e98 xterm-debuginfo-192-8.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: 1e6bd5c8d2dd4a12405bc8d3442f2c3f xterm-192-8.el4.src.rpm

i386: 589caa3f2e0984fd89d65250e377f06f xterm-192-8.el4.i386.rpm fd15d510790d4a2252f26bc79915ea98 xterm-debuginfo-192-8.el4.i386.rpm

x86_64: 98850a2fe869908974bab98456e5c3a3 xterm-192-8.el4.x86_64.rpm 62a5541a4d336fa39f960dea51e31e98 xterm-debuginfo-192-8.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: 1e6bd5c8d2dd4a12405bc8d3442f2c3f xterm-192-8.el4.src.rpm

i386: 589caa3f2e0984fd89d65250e377f06f xterm-192-8.el4.i386.rpm fd15d510790d4a2252f26bc79915ea98 xterm-debuginfo-192-8.el4.i386.rpm

ia64: bb3af76c6ba12b96192c50673329dd37 xterm-192-8.el4.ia64.rpm b7d930d860f8762b2f52dafd701d295b xterm-debuginfo-192-8.el4.ia64.rpm

x86_64: 98850a2fe869908974bab98456e5c3a3 xterm-192-8.el4.x86_64.rpm 62a5541a4d336fa39f960dea51e31e98 xterm-debuginfo-192-8.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: 1e6bd5c8d2dd4a12405bc8d3442f2c3f xterm-192-8.el4.src.rpm

i386: 589caa3f2e0984fd89d65250e377f06f xterm-192-8.el4.i386.rpm fd15d510790d4a2252f26bc79915ea98 xterm-debuginfo-192-8.el4.i386.rpm

ia64: bb3af76c6ba12b96192c50673329dd37 xterm-192-8.el4.ia64.rpm b7d930d860f8762b2f52dafd701d295b xterm-debuginfo-192-8.el4.ia64.rpm

x86_64: 98850a2fe869908974bab98456e5c3a3 xterm-192-8.el4.x86_64.rpm 62a5541a4d336fa39f960dea51e31e98 xterm-debuginfo-192-8.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2007-2797 https://access.redhat.com/security/updates/classification#low

Package List


Severity
low
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2007:0701-02
Issue date: 2007-11-15
Updated on: 2007-11-15
Product: Red Hat Enterprise Linux
Keywords: tty owner group

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here