From Linux World: “One of my first heroes (and a nominee for my Dweeb Hall of Fame) was a guy I ran across on Bix years ago. His name is Roedy Green. To
say that Roedy was sensitive to poorly designed software installation would be to say President Bush is sensitive to suggestions his administration
should have known the 9/11 attacks were coming. Green wrote scathing criticisms of various products — applications or operating systems, it made no
difference to him — where the installation had been given short shrift. He knew what he was talking about. Green had an absolute gift for breaking
down the most complex or technical aspects of personal computing into chunks of words and images that anyone could understand.”

From LinuxNews.com:
“The implementation of the Windows 3.x and Win32 API for X and UNIX allows most popular Intel UNIXes, including Linux, FreeBSD and Solaris, to run
unmodified Windows 3.1/95/NT binaries. “Wine does not require Microsoft Windows, as it is a completely alternative implementation consisting of 100
percent Microsoft-free code, but it can optionally use native system DLLs if they are available,” Julliard explained on his Wine Web site. “Wine comes
with complete sources, documentation and examples and is freely redistributable. The licensing terms are similar to BSD [Berkeley Software
Distribution].””

Conectiva: “ISC (Internet Software Consortium) reported a remote denial of service vulnerability[2] in the BIND[1] server. A remote attacker can exploit this problem and shut down the name server. This vulnerability only affects the 9.x versions of the server and has no other consequence besides shutting down the service.”

- --------------------------------------------------------------------------



CONECTIVA LINUX SECURITY ANNOUNCEMENT 



- --------------------------------------------------------------------------







PACKAGE   : bind



SUMMARY   : Denial of Service vulnerability



DATE      : 2002-06-06 15:01:00



ID        : CLA-2002:494



RELEVANT



RELEASES  : 7.0, 8







- -------------------------------------------------------------------------







DESCRIPTION



 "bind" is a name server (DNS) developed by the ISC and used in many



 internet and intranet sites.



 



 ISC (Internet Software Consortium) reported a remote denial of



 service vulnerability[2] in the BIND[1] server. A remote attacker can



 exploit this problem and shut down the name server.



 



 This vulnerability only affects the 9.x versions of the server and



 has no other consequence besides shutting down the service.



 



 An indication that the service has been shut down due to this problem



 are the following messages in the system log (/var/log/messages):



 



 named: message.c:808: REQUIRE(*rdataset == ((void *)0)) failed 



 named: exiting (due to assertion failure) 



 



 Please note that regular DNS traffic could also accidentally trigger



 this problem.



 



 ISC has released BIND version 9.2.1 to address this vulnerability.











SOLUTION



 It is recommended that all bind users upgrade their packages. The



 "named" service will be automatically restarted if it was already



 running before the upgrade.







 REFERENCES



 1. http://www.isc.org/products/BIND/bind9.html



 2. http://www.kb.cert.org/vuls/id/739123



 3. http://www.cert.org/advisories/CA-2002-15.html



 4. http://www.isc.org/products/BIND/bind-security.html











DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES



ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/bind-9.2.1-1U70_2cl.src.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-chroot-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-devel-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-devel-static-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-doc-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-utils-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/SRPMS/bind-9.2.1-1U8_1cl.src.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-chroot-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-devel-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-devel-static-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-doc-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-libs-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-utils-9.2.1-1U8_1cl.i386.rpm







ADDITIONAL INSTRUCTIONS



 Users of Conectiva Linux version 6.0 or higher may use apt to perform 



 upgrades of RPM packages:



 - add the following line to /etc/apt/sources.list if it is not there yet



   (you may also use linuxconf to do this):







 rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates







(replace 6.0 with the correct version number if you are not running CL6.0)







 - run:                 apt-get update



 - after that, execute: apt-get upgrade







 Detailed instructions reagarding the use of apt and upgrade examples 



 can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en











- -------------------------------------------------------------------------



All packages are signed with Conectiva's GPG key. The key and instructions



on how to import it can be found at 



http://distro.conectiva.com.br/seguranca/chave/?idioma=en



Instructions on how to check the signatures of the RPM packages can be



found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en



- -------------------------------------------------------------------------



All our advisories and generic update instructions can be viewed at



http://distro.conectiva.com.br/atualizacoes/?idioma=en







- -------------------------------------------------------------------------



subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br



unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br

osOpinion: “As an active member of the free software/open source IT community, I believe that one reason for Linux’ and open source’s lack of widespread adoption is the way it has been presented to small and mid-size businesses and to end users… Rather than trying to promote an ‘all-or-nothing’ strategy with regard to open source, we should promote interoperability with proprietary products as a short-term goal, followed by gently and gradually easing small-business and home users into the all-open source environment of the future.

LinuxPlanet: “In the aftermath of last week’s bizarre UnitedLinux announcement, which amounted to ‘All yer Linux Standard Base are belong to us, but only in source code because all you desktop Linux users are freeloaders!’, fans of TurboLinux, OpenLinux, SuSE, and Conectiva may be in the market for a truly free Linux that has the latest and greatest of all the major applications. Slackware 8.1 fits the bill nicely.”

Linux Journal: “Oracle CEO Larry Ellison ended the Linux distribution wars today, as far as corporate installations are concerned, with the flat-out statement that… ‘We’ve elected to work very closely with Red Hat. We’re recommending Red Hat.’ Ellison did everything for Red Hat except actually wear the red Red Hat hat handed to him by Red Hat CEO Matthew Szulik.” Read more in this Linux Journal report.

Conectiva: “ISC (Internet Software Consortium) reported a remote denial of
service vulnerability[2] in the BIND[1] server. A remote attacker can
exploit this problem and shut down the name server. This vulnerability only affects the 9.x versions of the server and
has no other consequence besides shutting down the service.”

- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT 
- --------------------------------------------------------------------------

PACKAGE   : bind
SUMMARY   : Denial of Service vulnerability
DATE      : 2002-06-06 15:01:00
ID        : CLA-2002:494
RELEVANT
RELEASES  : 7.0, 8

- -------------------------------------------------------------------------

DESCRIPTION
 "bind" is a name server (DNS) developed by the ISC and used in many
 internet and intranet sites.
 
 ISC (Internet Software Consortium) reported a remote denial of
 service vulnerability[2] in the BIND[1] server. A remote attacker can
 exploit this problem and shut down the name server.
 
 This vulnerability only affects the 9.x versions of the server and
 has no other consequence besides shutting down the service.
 
 An indication that the service has been shut down due to this problem
 are the following messages in the system log (/var/log/messages):
 
 named: message.c:808: REQUIRE(*rdataset == ((void *)0)) failed 
 named: exiting (due to assertion failure) 
 
 Please note that regular DNS traffic could also accidentally trigger
 this problem.
 
 ISC has released BIND version 9.2.1 to address this vulnerability.


SOLUTION
 It is recommended that all bind users upgrade their packages. The
 "named" service will be automatically restarted if it was already
 running before the upgrade.

 REFERENCES
 1. http://www.isc.org/products/BIND/bind9.html
 2. http://www.kb.cert.org/vuls/id/739123
 3. http://www.cert.org/advisories/CA-2002-15.html
 4. http://www.isc.org/products/BIND/bind-security.html


DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/bind-9.2.1-1U70_2cl.src.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-chroot-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-devel-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-devel-static-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-doc-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/bind-utils-9.2.1-1U70_2cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/SRPMS/bind-9.2.1-1U8_1cl.src.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-chroot-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-devel-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-devel-static-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-doc-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-libs-9.2.1-1U8_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/8/RPMS/bind-utils-9.2.1-1U8_1cl.i386.rpm

ADDITIONAL INSTRUCTIONS
 Users of Conectiva Linux version 6.0 or higher may use apt to perform 
 upgrades of RPM packages:
 - add the following line to /etc/apt/sources.list if it is not there yet
   (you may also use linuxconf to do this):

 rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates

(replace 6.0 with the correct version number if you are not running CL6.0)

 - run:                 apt-get update
 - after that, execute: apt-get upgrade

 Detailed instructions reagarding the use of apt and upgrade examples 
 can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en


- -------------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key and instructions
on how to import it can be found at 
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can be
found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en
- -------------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en

- -------------------------------------------------------------------------
subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br
unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br

SOT Linux: “Versions of BIND 9 prior to 9.2.1 have a bug that causes certain
requests to the BIND name server (named) to fail an internal
consistency check, causing the name server to stop responding to
requests. This can be used by a remote attacker to cause a denial of
service (DOS) attack against name servers.”

---------------------------------------------------------------------
                   SOT Linux Security Advisory


Subject:           Updated bind package for SOT Linux 2002
Advisory ID:       SLSA-2002:7
Date:              Thursday, June 6, 2002
Product:           SOT Linux 2002
---------------------------------------------------------------------


1. Problem description


Versions of BIND 9 prior to 9.2.1 have a bug that causes certain
requests to the BIND name server (named) to fail an internal
consistency check, causing the name server to stop responding to
requests. This can be used by a remote attacker to cause a denial of
service (DOS) attack against name servers.





2. Updated packages


SOT Linux 2002 Desktop:
 

i386:
ftp://ftp.sot.com/updates/2002/Desktop/i386/bind-utils-9.2.1-1.i386.rpm
 

SRPMS:
ftp://ftp.sot.com/updates/2002/Desktop/SRPMS/bind-9.2.1-1.src.rpm
 
 

SOT Linux 2002 Server:
 

i386:
ftp://ftp.sot.com/updates/2002/Server/i386/bind-9.2.1-1.i386.rpm
ftp://ftp.sot.com/updates/2002/Server/i386/bind-utils-9.2.1-1.i386.rpm


SRPMS:
ftp://ftp.sot.com/updates/2002/Server/SRPMS/bind-9.2.1-1.src.rpm



3. Upgrading package


Use up2date to automatically upgrade the fixed packages.
 

If you want to upgrade manually, download the updated package from
the SOT Linux FTP site (use the links above) or from one of our mirrors.
The list of mirrors can be obtained at www.sot.com/en/linux
 

Update the package with the following command:
rpm -Uvh filename



4. Verification


All packages are PGP signed by SOT for security.
 

You can verify each package with the following command:
rpm --checksig filename 
 

If you wish to verify the integrity of the downloaded package, run
"md5sum filename" and compare the output with data given below.
 
 

Package Name                              MD5 sum
--------------------------------------------------------------------------
/Desktop/i386/bind-utils-9.2.1-1.i386.rpm 5f3df4a88ed9a2961de6af45c4b0a788      
/Desktop/SRPMS/bind-9.2.1-1.src.rpm       d2e274c8a861c4cd5a9e9b8cb76df44e
/Server/i386/bind-utils-9.2.1-1.i386.rpm  5f3df4a88ed9a2961de6af45c4b0a788
/Server/i386/bind-9.2.1-1.i386.rpm        e74c33d4c0774d92bd629ded5028da04
/Server/SRPMS/bind-9.2.1-1.src.rpm        d2e274c8a861c4cd5a9e9b8cb76df44e



5. References


http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0400


Copyright(c) 2001, 2002 SOT
        

---------------------------------------------------------------------
You can view other update advisories for SOT Linux 2002 at:
http://www.sot.com/en/linux/sa/
---------------------------------------------------------------------

Anonymous Reader writes: “Most people who know me often tell me that I am paranoid. I say that I have good reason to be. Hacker attacks and malicious code are just a few examples of why I am cautious with my computer systems. Guardian Digital’s Engarde Secure Linux Professional offers a lightweight, robust, and secure Linux Distribution for small and large networks…”

Read the full review at Linuxlookup.com.

LinuxDevices.com writes: “Hitachi has released a new model of its Linux-based FLORA-ie wireless
web pad. The device has a 10.4-inch TFT LCD screen and is based on a
400 MHz Transmeta Crusoe processor running Midori Linux. It has built-in Ethernet and 802.11b wireless, and also provides two USB ports plus both CompactFlash Type II and PC Card (PCMCIA) expansion slots. Story here“