URGENT MESSAGE FOR RED HAT USERS

josephc at etards.net josephc at etards.net
Fri Aug 29 17:30:30 EDT 2003 

apt-get upgrade will also correct the issue

-joe

On Fri, 29 Aug 2003, Timothy M. Lyons wrote:

> David,
> 
> Their certificate expired yesterday.  
> 
> People using up2date should note that they need to download or point to the 
> appropriate ftp locations and use the manual 'rpm -Fvh' command.  Up2date will 
> fail on a bad certificate.
> 
> --Tim
> 
>  
> On Fri, 29 Aug 2003 at 16:02 -0400 David Kramer was heard to utter:
> 
> DK> From: David Kramer <david at thekramers.net>
> DK> To: discuss at blu.org
> DK> Date: Fri, 29 Aug 2003 16:02:08 -0400
> DK> Subject: URGENT MESSAGE FOR RED HAT USERS
> DK> 
> DK> Apparently the SSL certificate used by the up2date program is expiring Real 
> DK> Soon Now.  No matter what release you are using.  If you do not get the new 
> DK> certificate, or update to an up2date that has the certificate, you will not 
> DK> be able to run up2date.
> DK> 
> DK> Here is the email I got from them:
> DK> 
> DK> ----------  Forwarded Message  ----------
> DK> 
> DK> Subject: [RHSA-2003:267-01] New up2date available with updated SSL 
> DK> certificate authority file
> DK> Date: Fri, 29 Aug 2003 07:39 -0400
> DK> From: bugzilla at redhat.com
> DK> To: redhat-watch-list at redhat.com, bugtraq at securityfocus.com,   
> DK> full-disclosure at lists.netsys.com
> DK> 
> DK> -----BEGIN PGP SIGNED MESSAGE-----
> DK> Hash: SHA1
> DK> 
> DK> - ---------------------------------------------------------------------
> DK>                    Red Hat Security Advisory
> DK> 
> DK> Synopsis:          New up2date available with updated SSL certificate
> DK>  authority file Advisory ID:       RHSA-2003:267-01
> DK> Issue date:        2003-08-29
> DK> Updated on:        2003-08-29
> DK> Product:           Red Hat Linux
> DK> Keywords:          up2date Red Hat Network rhn_register
> DK> Cross references:
> DK> Obsoletes:
> DK> - ---------------------------------------------------------------------
> DK> 
> DK> 1. Topic:
> DK> 
> DK> New versions of the up2date and rhn_register clients are available and
> DK> are required for continued access to Red Hat Network.
> DK> 
> DK> 2. Relevant releases/architectures:
> DK> 
> DK> Red Hat Linux 7.1 - i386
> DK> Red Hat Linux 7.2 - i386, ia64
> DK> Red Hat Linux 7.3 - i386
> DK> Red Hat Linux 8.0 - i386
> DK> Red Hat Linux 9 - i386
> DK> 
> DK> 3. Problem description:
> DK> 
> DK> The rhn_register and up2date packages contain the software necessary to
> DK> take advantage of Red Hat Network functionality.
> DK> 
> DK> This erratum includes an updated RHNS-CA-CERT file, which contains a new CA
> DK> certificate.  This new certificate is needed so that up2date can continue
> DK> to communicate with Red Hat Network after 28 August 2003.  Without this
> DK> updated certificate, users will see SSL Connection Errors reported by
> DK> up2date or rhn_register.
> DK> 
> DK> All users must upgrade to these erratum packages in order to continue to
> DK> use Red Hat Network.  This includes both interactive use of up2date, as
> DK> well as actions scheduled by the RHN website.
> DK> 
> DK> 4. Solution:
> DK> 
> DK> Before applying this update, make sure all previously released errata
> DK> relevant to your system have been applied.
> DK> 
> DK> To update all RPMs for your particular architecture, run:
> DK> 
> DK> rpm -Fvh [filenames]
> DK> 
> DK> where [filenames] is a list of the RPMs you wish to upgrade.  Only those
> DK> RPMs which are currently installed will be updated.  Those RPMs which are
> DK> not installed but included in the list will not be updated.  Note that you
> DK> can also use wildcards (*.rpm) if your current directory *only* contains
> DK> the desired RPMs.
> DK> 
> DK> Because the previous Certificate Authority has expired, up2date will
> DK> present 'SSL Certificate Errors' if you attempt to use it to apply this
> DK> errata.  Therefore, this update cannot be applied directly with up2date and
> DK>  instead must be applied as indicated above.
> DK> 
> DK> In addition to the Red Hat FTP site, the latest versions of up2date and
> DK> rhn_register are also available at
> DK> 
> DK>     https://rhn.redhat.com/help/latest-up2date.pxt
> DK> 
> DK> For users who would prefer to install the new certificate directly, it is
> DK> available at:
> DK> 
> DK>     https://rhn.redhat.com/help/ssl_cert.pxt
> DK> 
> DK> 5. RPMs required:
> DK> 
> DK> Red Hat Linux 7.1:
> DK> 
> DK> SRPMS:
> DK> ftp://updates.redhat.com/7.1/en/os/SRPMS/up2date-2.8.40-1.7.1.src.rpm
> DK> 
> DK> i386:
> DK> ftp://updates.redhat.com/7.1/en/os/i386/up2date-2.8.40-1.7.1.i386.rpm
> DK> ftp://updates.redhat.com/7.1/en/os/i386/up2date-gnome-2.8.40-1.7.1.i386.rpm
> DK> 
> DK> Red Hat Linux 7.2:
> DK> 
> DK> SRPMS:
> DK> ftp://updates.redhat.com/7.2/en/os/SRPMS/up2date-2.8.40-2.7.2.src.rpm
> DK> 
> DK> i386:
> DK> ftp://updates.redhat.com/7.2/en/os/i386/up2date-2.8.40-2.7.2.i386.rpm
> DK> ftp://updates.redhat.com/7.2/en/os/i386/up2date-gnome-2.8.40-2.7.2.i386.rpm
> DK> 
> DK> ia64:
> DK> ftp://updates.redhat.com/7.2/en/os/ia64/up2date-2.8.40-2.7.2.ia64.rpm
> DK> ftp://updates.redhat.com/7.2/en/os/ia64/up2date-gnome-2.8.40-2.7.2.ia64.rpm
> DK> 
> DK> Red Hat Linux 7.3:
> DK> 
> DK> SRPMS:
> DK> ftp://updates.redhat.com/7.3/en/os/SRPMS/up2date-2.8.40-3.7.3.src.rpm
> DK> 
> DK> i386:
> DK> ftp://updates.redhat.com/7.3/en/os/i386/up2date-2.8.40-3.7.3.i386.rpm
> DK> ftp://updates.redhat.com/7.3/en/os/i386/up2date-gnome-2.8.40-3.7.3.i386.rpm
> DK> 
> DK> Red Hat Linux 8.0:
> DK> 
> DK> SRPMS:
> DK> ftp://updates.redhat.com/8.0/en/os/SRPMS/up2date-3.0.7.2-1.src.rpm
> DK> 
> DK> i386:
> DK> ftp://updates.redhat.com/8.0/en/os/i386/up2date-3.0.7.2-1.i386.rpm
> DK> ftp://updates.redhat.com/8.0/en/os/i386/up2date-gnome-3.0.7.2-1.i386.rpm
> DK> 
> DK> Red Hat Linux 9:
> DK> 
> DK> SRPMS:
> DK> ftp://updates.redhat.com/9/en/os/SRPMS/up2date-3.1.23.2-1.src.rpm
> DK> 
> DK> i386:
> DK> ftp://updates.redhat.com/9/en/os/i386/up2date-3.1.23.2-1.i386.rpm
> DK> ftp://updates.redhat.com/9/en/os/i386/up2date-gnome-3.1.23.2-1.i386.rpm
> DK> 
> DK> 
> DK> 
> DK> 6. Verification:
> DK> 
> DK> MD5 sum                          Package Name
> DK> -
> DK>  --------------------------------------------------------------------------
> DK>  b67ea5065c3115d523e17561aac5cb7c
> DK>  7.1/en/os/SRPMS/up2date-2.8.40-1.7.1.src.rpm
> DK>  71f2f6e4bfcdee8f4f46ef037c7a1c8d
> DK>  7.1/en/os/i386/up2date-2.8.40-1.7.1.i386.rpm
> DK>  2205d1e5832dbb67d60103104eb59fec
> DK>  7.1/en/os/i386/up2date-gnome-2.8.40-1.7.1.i386.rpm
> DK>  3deea256b106e71ee6d5890639d872b3
> DK>  7.2/en/os/SRPMS/up2date-2.8.40-2.7.2.src.rpm
> DK>  21bc8e1f03e9f28590d46df60a9458b5
> DK>  7.2/en/os/i386/up2date-2.8.40-2.7.2.i386.rpm
> DK>  3d3d7c6dca73d521a0f541b859f13eb3
> DK>  7.2/en/os/i386/up2date-gnome-2.8.40-2.7.2.i386.rpm
> DK>  ac5161a5bbe122896eccbc312bef9273
> DK>  7.2/en/os/ia64/up2date-2.8.40-2.7.2.ia64.rpm
> DK>  c789fbf88d7faf82504eb4189b767f90
> DK>  7.2/en/os/ia64/up2date-gnome-2.8.40-2.7.2.ia64.rpm
> DK>  23d8868920cb7df21925669f04fb2ad2
> DK>  7.3/en/os/SRPMS/up2date-2.8.40-3.7.3.src.rpm
> DK>  3643d7774d7e60a1aeb79c8fecbf624c
> DK>  7.3/en/os/i386/up2date-2.8.40-3.7.3.i386.rpm
> DK>  89977334ec0d3a2a720c3303602fc8dd
> DK>  7.3/en/os/i386/up2date-gnome-2.8.40-3.7.3.i386.rpm
> DK>  17ad92db4579d046d84c84a16784ba98 8.0/en/os/SRPMS/up2date-3.0.7.2-1.src.rpm
> DK>  15bc5dc918916bca3a5c29148979716e 8.0/en/os/i386/up2date-3.0.7.2-1.i386.rpm
> DK>  1ae89cf79880f3bc5de7b86eb1d47a2b
> DK>  8.0/en/os/i386/up2date-gnome-3.0.7.2-1.i386.rpm
> DK>  b8a5b2d548869a846cbaf373f3637555 9/en/os/SRPMS/up2date-3.1.23.2-1.src.rpm
> DK>  3faabcb9cc610627fe378b88d0b2b928 9/en/os/i386/up2date-3.1.23.2-1.i386.rpm
> DK>  733d0aca17c15af0b1fa709ba86337dc
> DK>  9/en/os/i386/up2date-gnome-3.1.23.2-1.i386.rpm
> DK> 
> DK> 
> DK> These packages are GPG signed by Red Hat for security.  Our key is
> DK> available from https://www.redhat.com/security/keys.html
> DK> 
> DK> You can verify each package with the following command:
> DK> 
> DK>     rpm --checksig -v <filename>
> DK> 
> DK> If you only wish to verify that each package has not been corrupted or
> DK> tampered with, examine only the md5sum with the following command:
> DK> 
> DK>     md5sum <filename>
> DK> 
> DK> 7. Contact:
> DK> 
> DK> The Red Hat security contact is <secalert at redhat.com>.  More contact
> DK> details at https://www.redhat.com/solutions/security/news/contact.html
> DK> 
> DK> Copyright 2003 Red Hat, Inc.
> DK> -----BEGIN PGP SIGNATURE-----
> DK> Version: GnuPG v1.0.7 (GNU/Linux)
> DK> 
> DK> iD8DBQE/Tzt/XlSAg2UNWIIRAoUSAKCfwH7rc+4n4qDoAwqpeHOfvHHu7gCgmkhY
> DK> qGnZb7YTmLpjhBxLWdWQLXs=
> DK> =w6lI
> DK> -----END PGP SIGNATURE-----
> DK> 
> DK> 
> DK> _______________________________________________
> DK> Redhat-watch-list mailing list
> DK> To unsubscribe, visit:
> DK>  https://www.redhat.com/mailman/listinfo/redhat-watch-list
> DK> 
> DK> -------------------------------------------------------
> DK> 
> DK> 
> 
> 
>

More information about the Discuss mailing list