Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [discuss] Re: MDKSA-2003:110 - Updated kernel packages fix vulnerability
From: Dick Gevers (dvgeversxs4all.nl)
Date: Fri Dec 05 2003 - 09:35:37 CST
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 05 Dec 2003 09:43:45 -0500, "John C. Danielson"
<jdii1215johndanielsonii.com> wrote about Re: [discuss] Re: MDKSA-2003:110
- - - Updated kernel packages fix vulnerability:
>Errors were identicalfrom
>Sweden\SUNET, RedBox in Checkoslovakia, secsup.org in US, and Stealthnet
>interlinking, for the three kernel files I brought into discussion.
With all due respect, your findings do sound convincing; yet I was doubting
that all servers would have corrupt files somehow.
So I just now downloaded:
with firebird from:
and as per rpm there is nothing wrong with the file:
[rootdvg rpm]# rpm -Kv ker*
Header SHA1 digest: OK (20107c92c3c9004fabfb3a8932de426292714c04)
MD5 digest: OK (f012fad930247b907adca110925eb13d)
V3 DSA signature: OK, key ID 22458a98
For this reason, I am guessing that you still have to associate the key:
pub 1024D/22458A98 2000-07-10 Mandrake Linux Security Team
uid Linux Mandrake Security Team <securitylinux-mandrake.com>
sub 1024g/6F3F9BC6 2000-07-10
via Software Media Manager --> Manage keys
with the relative Media repository.
Also, in case you shouldn`t have done so yet, please update popt* & rpm* to
the latest versions.
I don`t mean to offend if it happens to be otherwise; but I hope this helps.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Encryption is an envelope - the contents are private.
-----END PGP SIGNATURE-----