[ale] RH 7 Respin?

Michael H. Warfield mhw at wittsend.com
Sat Jan 20 15:49:23 EST 2001


On Sat, Jan 20, 2001 at 04:11:03PM -0500, Darrell Golliher wrote:

> So what's this about a Red Hat 7.0 Second Edition?  A search for
> "respin" at redhat.com yields zero useful information. :(

	The original RedHat 7.0 was only out for a short while.  The
original RedHat 7.0 isos appear to have been generated on August 30, 2000.
When certain serious security problems cropped up (like a remote root
hole in LPRng) they pulled back the isos, updated several pages, and
cut new isos that had "respin" in the name.  Those images appear to
have been generated on October 7, 2000.  So the original, faulty,
RedHat 7.0 iso images were in circulation about a little over a month
before they cut a new set.

	You can tell the difference between them by either the dates on
the directories or by the version of LPRng in the RedHat/RPMS directory.

	First Edition:	LPRng-3.6.22-5.i386.rpm
	Respin:		LPRng-3.6.24-2.i386.rpm

	If you have LPRng 3.6.22 you should IMMEDIATELY update!  It
has a serious remove root compromise!

	There are a couple of other packages that were updated as well.
You can get the updates from the appropriate directories on ftp.redhat.com.

	AFAIK...  There has only been those two sets (but I haven't
checked again, lately).

> Where can I read more?

	Damned if I know...  RedHat has been rather quiet on the subject.
They haven't exactly been hiding it at all, they just haven't said
much of anything publicly about the respin.

> -darrell

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  (The Mad Wizard)      |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list