Following on from release v2_0_3 there may well be another RedHat
OpenSSH release later on.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=104551
This would result in a v2_0_4 if it happens.
Steve
On Wed, 17 Sep 2003, Steve Traylen wrote:
> Hi,
>
> There is a new release for the application testbed because of the
> updated ssh rpms. v2_0_3. Of course there may be another ssh on the way if
> the rumours can be untangled.
>
> I will create some generic notes but for those in the upgrade situation
> but.
>
> # ./gpp-fetch-edg-release.sh -r v2_0_3 -o /tmp
>
> # cp /tmp/edg-release/ng_updaterep/updaterep.conf /etc/.
> # cp /tmp/edg-release/ng_source/* /var/obj/conf/server/source/.
> # cp /tmp/edg-release/ng_rpmlist/* /opt/local/linux/7.3/rpmcfg/
>
> With the last two take care not overwrite and modifications you made.
>
> There is no change in the site-cfg.h within any of the v2_0_X releases
> so far.
>
> Download the extra rpms.
>
> # updateRPMCache.pl --rpcfg /opt/local/linux/7.3/rpmcfg/*rpm.h
>
> Recompile the profiles.
>
> # /sbin/service mkxprofd reload
>
> Trick, previously I had recommended that you log into all the nodes
> and run updaterpms. You can run this centrally if you change the
> updaterpms profile.
>
> A simple way to do this is to edit redhat73-cfg.h, find the line.
>
> updaterpms.rpmcfgdir /export/local/linux/7.3/rpmcfg
>
> by making a trivial edit to
>
> updaterpms.rpmcfgdir /export/local/linux/7.3/rpmcfg/
>
> the updaterpms profile is changed and updaterpms is called. By alternating
> between these two and compiling the profile you can cause rpms to be
> installed.
>
> Don't forget to upgrade openssh on the LCFG server itself.
>
> Steve
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Steve Traylen
> [log in to unmask]
> http://www.gridpp.ac.uk/
>
>
> ---------- Forwarded message ----------
> Date: Wed, 17 Sep 2003 07:49:35 +0200
> From: Charles Loomis <[log in to unmask]>
> To: ITeam <[log in to unmask]>,
> Site Admin. <[log in to unmask]>
> Subject: [SA-HELP] SECURITY upgrade for APP. TB
>
>
> Hi,
>
> There is a new release for the application testbed--v2_0_3.
>
> This include an upgrade of the openssh rpms. There is a
> rumor of an active exploit of the security hole.
>
> This release also includes a new IDL rpm which removes
> the RH4.2 dependencies (as a consequence the RH6.2 paths
> in updaterep.conf have been removed). It may be necessary
> to remove IDL and reinstall it; however, the upgrade worked
> correctly on my machines.
>
> Also included: a change to site-cfg.h to really turn off GOUT by default.
>
> Please upgrade to this release as soon as possible.
>
> Thanks.
>
> Cal
>
--
Steve Traylen
[log in to unmask]
http://www.gridpp.ac.uk/
|