WBSA-2004:188-01: Updated kernel packages available

White Box 64 Published by Philipp Esselbach 0

Updated kernel packages has been released for White Box Enterprise Linux 3.0

-----------------------------------------------------------------------
Security Advisory

Synopsis: Updated kernel packages available
Advisory ID: [WBSA-2004:188-01]
Issue date: 2004-06-10
Updated on: 2004-06-10
Product: White Box Enterprise Linux 3.0 (i386)
Keywords: taroon kernel update
Cross references:
Obsoletes: WBSA-2004:017 WBSA-2004:183
CVE Names: CAN-2003-0461 CAN-2003-0465 CAN-2003-0984 CAN-2004-0003 CAN-2004-0010
-----------------------------------------------------------------------

This is the kernel for Update2 from RH. It adds new features in addition to closing a couple of minor security holes.

WBSA-2004:180-01: Updated libpng packages fix crash

White Box 64 Published by Philipp Esselbach 0

Updated libpng packages are available for White Box Enterprise Linux 3.0

-----------------------------------------------------------------------
Security Advisory

Synopsis: Updated libpng packages fix crash
Advisory ID: [WBSA-2004:180-01]
Issue date: 2004-06-10
Updated on: 2004-06-10
Product: White Box Enterprise Linux 3.0 (i386)
Keywords:
Cross references:
Obsoletes:
CVE Names: CAN-2004-0421
-----------------------------------------------------------------------

Note: This one went to the mirrors on May 31.

Updated libpng packages that fix a out of bounds memory access are now available.

WBSA-2004:165-01: Updated ipsec-tools package

White Box 64 Published by Philipp Esselbach 0

An updated ipsec-tools package is available for White Box Enterprise Linux 3.0

----------------------------------------------------------------------
Security Advisory

Synopsis: Updated ipsec-tools package fixes vulnerabilities in ISAKMP daemon
Advisory ID: [WBSA-2004:165-01]
Issue date: 2004-06-10
Updated on: 2004-06-10
Product: White Box Enterprise Linux 3.0 (i386)
Keywords: SA x509
Cross references:
Obsoletes:
CVE Names: CAN-2004-0155 CAN-2004-0164 CAN-2004-0403
----------------------------------------------------------------------

Note: This one has actually been on the mirrors since May 17-18.

An updated ipsec-tools package that fixes vulnerabilities in racoon (the ISAKMP daemon) is now available.

WBSA-2004:192-01: Updated rsync package fixes security issues

White Box 64 Published by Philipp Esselbach 0

An updated rsync package is available for White Box Enterprise Linux 3.0

-----------------------------------------------------------------------
Security Advisory

Synopsis: Updated rsync package fixes security issue
Advisory ID: [WBSA-2004:192-01]
Issue date: 2004-06-10
Updated on: 2004-06-10
Product: White Box Enterprise Linux 3.0 (i386)
Keywords:
Cross references:
Obsoletes:
CVE Names: CAN-2004-0426
-----------------------------------------------------------------------

An updated rsync package that fixes a directory traversal security flaw is now available.

Whitebox-announce: Unsigned packages

White Box 64 Published by Philipp Esselbach 0

From whiteboxlinux.org:

A large batch of errata packages (the bulk of Update2) were posted without GPG signatures. Some have been mirrored out to the mirror sites already. The problem has just been fixed and corrected packages will sync out very soon. There is nothing known to be wrong with the unsigned packages other than my forgetting to sign them but if you are the cautious type you should hold off on running up2date for a day or so.

WBSA-2004:160-01: Updated OpenOffice packages fix security

White Box 64 Published by Philipp Esselbach 0

Updated OpenOffice packages are now available for White Box Enterprise Linux 3.0

-----------------------------------------------------------------------
Security Advisory

Synopsis: Updated OpenOffice packages fix security vulnerability in neon
Advisory ID: [WBSA-2004:160-01]
Issue date: 2004-04-14
Updated on: 2004-04-19
Product: White Box Enterprise Linux 3.0 (i386)
Keywords:
Cross references:
Obsoletes:
CVE Names: CAN-2004-0179
-----------------------------------------------------------------------

NOTICE: This package is not just a security fix. RedHat has released OpenOffice.org 1.1 as a patch for this security problem. Besides being a new version, the name of the package has changed from openoffice to openoffice.org so up2date over Yum will NOT automatically detect it. This means you are going to have to manually obtain and install this errata. Due to it's size, PLEASE use a mirror.

WBSA-2004:133-01: Updated squid package fixes security vulnerability

White Box 64 Published by Philipp Esselbach 0

Updated squid packages has been released for White Box Enterprise Linux 3.0

-----------------------------------------------------------------------
Security Advisory

Synopsis: Updated squid package fixes security vulnerability
Advisory ID: [WBSA-2004:133-01]
Issue date: 2004-04-14
Updated on: 2004-04-19
Product: White Box Enterprise Linux 3.0 (i386)
Keywords: Phishing Spoofing
Cross references:
Obsoletes:
CVE Names: CAN-2004-0189
-----------------------------------------------------------------------

An updated squid package is avaliable that fixes a security vulnerability in URL decoding and provides a new ACL type for protecting vulnerable clients.

More information is available in Red Hat, Inc's original advisory available on their site at:

http://www.redhat.com/archives/enterprise-watch-list/2004-April/msg00000.html

To install this new package on your White Box Enterprise Linux system use the Up2Date Network or Yum.

Note: Be sure to change the default Up2Date or Yum server from the initial location to prevent undue load to the whiteboxlinux.org server, which doesn't have a lot of outbound bandwidth. The config files already have entries for mirror sites commented out.

Up2Date's configuration file is at /etc/sysconfig/rhn/sources

Yum's configuration is in /etc/yum.conf

WBSA-2004:153-01: Updated CVS packages fix security issue

White Box 64 Published by Philipp Esselbach 0

Updated CVS packages has been released for White Box Enterprise Linux 3.0

-----------------------------------------------------------------------
Security Advisory

Synopsis: Updated CVS packages fix security issue
Advisory ID: [WBSA-2004:153-01]
Issue date: 2004-04-14
Updated on: 2004-04-19
Product: White Box Enterprise Linux 3.0 (i386)
Keywords:
Cross references:
Obsoletes: WBSA-2004:004
CVE Names: CAN-2004-0180
-----------------------------------------------------------------------

Updated cvs packages that fix a client vulnerability that could be exploited by a malicious server are now available.

More information is available in Red Hat, Inc's original advisory available on their site at:

http://www.redhat.com/archives/enterprise-watch-list/2004-April/msg00001.html

To install this new package on your White Box Enterprise Linux system use the Up2Date Network or Yum.

Note: Be sure to change the default Up2Date or Yum server from the initial location to prevent undue load to the whiteboxlinux.org server, which doesn't have a lot of outbound bandwidth. The config files already have entries for mirror sites commented out.

Up2Date's configuration file is at /etc/sysconfig/rhn/sources

Yum's configuration is in /etc/yum.conf

WBSA-2004:110-01: Updated Mozilla packages

White Box 64 Published by Philipp Esselbach 0

An updated Mozilla package is available for White Box Enterprise Linux 3.0

-----------------------------------------------------------------------
Security Advisory

Synopsis: Updated Mozilla packages fix security issues
Advisory ID: [WBSA-2004:110-01]
Issue date: 2004-03-29
Updated on: 2004-03-29
Product: White Box Enterprise Linux 3.0 (i386)
Keywords: nss mozilla
Cross references:
Obsoletes:
CVE Names: CAN-2003-0564 CAN-2003-0594 CAN-2004-019
-----------------------------------------------------------------------

Updated Mozilla packages that fix vulnerabilities in S/MIME parsing as well as other issues and bugs are now available.

More information is available in Red Hat, Inc's original advisory available on their site at:

http://www.redhat.com/archives/enterprise-watch-list/2004-March/msg00007.html

WBSA-2004:084-01: Updated httpd packages

White Box 64 Published by Philipp Esselbach 0

Updated httpd packages are not available for White Box Enterprise Linux 3.0

----------------------------------------------------------------------
Security Advisory

Synopsis: Updated httpd packages fix mod_ssl security issue
Advisory ID: WBSA-2004:084-01
Issue date: 2004-03-23
Updated on: 2004-03-23
Product: White Box Enterprise Linux 3.0 (i386)
Keywords: Apache httpd DoS SSL
Cross references:
Obsoletes:
CVE Names: CAN-2004-0113
-----------------------------------------------------------------------

Updated httpd packages are now available that fix a denial of service vulnerability in mod_ssl and include various other bug fixes.

More information is available in Red Hat, Inc's original advisory available on their site at:

http://www.redhat.com/archives/enterprise-watch-list/2004-March/msg00006.html

WBSA-2004:120-01: Updated OpenSSL packages

White Box 64 Published by Philipp Esselbach 0

Updated OpenSSL packages are now available for White Box Enterprise Linux 3.0

-----------------------------------------------------------------------
Security Advisory

Synopsis: Updated OpenSSL packages fix vulnerabilities
Advisory ID: WBSA-2004:120-01
Issue date: 2004-03-17
Updated on: 2004-03-22
Product: White Box Enterprise Linux 3.0 (i386)
Keywords: DoS
Cross references:
Obsoletes: WBBA-2003:295
CVE Names: CAN-2004-0079 CAN-2004-0081 CAN-2004-0112
-----------------------------------------------------------------------

Updated OpenSSL packages that fix several remote denial of service vulnerabilities are available.

More information is available in Red Hat, Inc's original advisory available on their site at:

http://www.redhat.com/archives/enterprise-watch-list/2004-March/msg00005.html

To install this new package on your White Box Enterprise Linux system use the Up2Date Network or Yum.

WBSA-2004:103-01: Updated gdk-pixbuf packages fix crash

White Box 64 Published by Philipp Esselbach 0

Synopsis: Updated gdk-pixbuf packages fix crash
Advisory ID: WBSA-2004:103-01
Issue date: 2004-03-10
Updated on: 2004-03-15
Product: White Box Enterprise Linux 3.0 (i386)
Keywords: DoS
Cross references:
Obsoletes:
CVE Names: CAN-2004-0111
-----------------------------------------------------------------------

Updated gdk-pixbuf packages that fix a crash are now available.

WBSA-2004:053-01: Updated sysstat packages

White Box 64 Published by Philipp Esselbach 0

Synopsis: Updated sysstat packages fix security vulnerabilities
Advisory ID: WBSA-2004:053-01
Issue date: 2004-03-10
Updated on: 2004-03-10
Product: White Box Enterprise Linux 3.0 (i386)
Keywords:
Cross references:
Obsoletes:
CVE Names: CAN-2004-0107 CAN-2004-0108
-----------------------------------------------------------------------

Updated sysstat packages that fix various bugs and security issues are now available.

NOTE: This errata package also picks up a patch for the /lib64 problem which required a .WB1 package. This means that as of this release there is no longer any functional difference between the RHEL and WBEL package. The name is still a .WB2 so that up2date will notice it is newer.
(Thanks to Dragan D. Vecerina who noticed this naming problem over the weekend when the first errata version appeared.)

White Box Enterprise Linux 3.0 AMD64-RC1

White Box 64 Published by Philipp Esselbach 0

Pasi Pirhonen has released an AMD64 version of White Box Enterprise Linux 3.0

Here the full annoucement:

To make it short:

----- BEGIN QUOTE ----

The images are in place. Please make you own announcement as this is your work.

ftp://ftp.vslib.cz/pub/mirrors/whitebox.org/people/pasi.pirhonen/AMD64-RC1

The site ftp://ftp.vslib.cz has pretty abusive restrictions as working reverse DNS and correct e-mail address as password (don't use the name joe, the domain must be correct and exist etc). I was talking with local admin to remove these bits so we will see.

----- END QUOTE ---

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...