Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Red Hat Linux 6.2: RHSA-2002:015-15 Critical: At Heap Corruption

red hat
Calendar Grey February 8, 2002
Dist Redhat Esm H88
SUSE has released an updated 'em' module that addresses a significant memory overflow flaw, safeguarding against possible information leaks or system outages while performing operations.
This updated at package fixes two minor problems and one majorproblem where the environment can get wiped out prior to the execution of ascheduled command.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.

Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed ( for more info):

49491 - all environment is wiped out prior to executing user command 51253 - Wrong pointer to time syntax in man page 52626 - "at" RPM says that /var/spool/at/.SEQ should be executable

6. RPMs required:

Red Hat Linux 6.2:

SRPMS:


alpha:


i386:


sparc:


Red Hat Linux 7.0:

SRPMS:


alpha:


i386:


Red Hat Linux 7.1:

SRPMS:


alpha:


i386:


ia64:


Red Hat Linux 7.2:

SRPMS:


i386:


ia64:




7. Verification:

MD5 sum Package Name beab8c80838d3920d758a2e8e5b5e3b2 6.2/en/os/SRPMS/at-3.1.8-22.2.src.rpm 31a1aac9c620778fe24a5d9c73b468c6 6.2/en/os/alpha/at-3.1.8-22.2.alpha.rpm a5ea88124398a0b937dd93e93d62c3bd 6.2/en/os/i386/at-3.1.8-22.2.i386.rpm 3ee8b5c53f23d0eae9bd78c69621ff78 6.2/en/os/sparc/at-3.1.8-22.2.sparc.rpm b1f62f4b41e12a54a1f73d639363a638 7.0/en/os/SRPMS/at-3.1.8-23.src.rpm 97e27a1d2dc0f08d8f118209a891689a 7.0/en/os/alpha/at-3.1.8-23.alpha.rpm ea793fd803f10c8fa66abb8191fefb9b 7.0/en/os/i386/at-3.1.8-23.i386.rpm b1f62f4b41e12a54a1f73d639363a638 7.1/en/os/SRPMS/at-3.1.8-23.src.rpm 97e27a1d2dc0f08d8f118209a891689a 7.1/en/os/alpha/at-3.1.8-23.alpha.rpm ea793fd803f10c8fa66abb8191fefb9b 7.1/en/os/i386/at-3.1.8-23.i386.rpm 8fed88d53824e98f509289c42ea01237 7.1/en/os/ia64/at-3.1.8-23.ia64.rpm b1f62f4b41e12a54a1f73d639363a638 7.2/en/os/SRPMS/at-3.1.8-23.src.rpm ea793fd803f10c8fa66abb8191fefb9b 7.2/en/os/i386/at-3.1.8-23.i386.rpm 8fed88d53824e98f509289c42ea01237 7.2/en/os/ia64/at-3.1.8-23.ia64.rpm


These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About

You can verify each package with the following command: rpm --checksig

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

Summary

References

CVE -CVE-2002-0004 Copyright(c) 2000, 2001 Red Hat, Inc. `

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2002:015-15
Issue date: 2002-01-15
Updated on: 2002-02-07
Product: Red Hat Linux
Keywords: at security heap corruption environment
Cross references:
Obsoletes:

Topic

Relevant Releases Architectures

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

Red Hat Linux 7.1 - alpha, i386, ia64

Red Hat Linux 7.2 - i386, ia64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.