From:	 security@caldera.com
To:	 bugtraq@securityfocus.com, announce@lists.caldera.com,
	 linuxlist@securityportal.com, security-alerts@linuxsecurity.com
Subject: Security Update: [CSSA-2002-007.0] Linux: Updated Caldera Public Keys
Date:	 Thu, 28 Mar 2002 17:18:24 -0800

To: bugtraq@securityfocus.com announce@lists.caldera.com linuxlist@securityportal.com security-alerts@linuxsecurity.com

______________________________________________________________________________
		   Caldera International, Inc.  Security Advisory

Subject:		Linux: Updated Caldera Public Keys
Advisory number: 	CSSA-2002-007.0
Issue date: 		2002, March 13
Cross reference:
______________________________________________________________________________


1. Problem Description

   Caldera has generated new security keys. These keys are already in the
   3.1.1 product.


2. Vulnerable Supported Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux Server 3.1          All packages previous to      
                                 OpenLinux-newkeys-2002-1      
   
   OpenLinux Workstation 3.1     All packages previous to      
                                 OpenLinux-newkeys-2002-1      
   
   OpenLinux Server 3.1.1        n/a
   
   OpenLinux Workstation         n/a
   3.1.1                                                       
   


3. Solution

   Workaround

     none

   The proper solution is to upgrade to the latest packages.


4. OpenLinux 3.1 Server

    4.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS

   4.2 Verification

       850746580805193cdfc930e60ad30ab2  RPMS/OpenLinux-newkeys-2002-1.i386.rpm
       39d49b8e3a028181c1ec609a71b11e74  SRPMS/OpenLinux-newkeys-2002-1.src.rpm
       

   4.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh OpenLinux-newkeys-2002-1.i386.rpm
         

5. OpenLinux 3.1 Workstation

    5.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS

   5.2 Verification

       850746580805193cdfc930e60ad30ab2  RPMS/OpenLinux-newkeys-2002-1.i386.rpm
       39d49b8e3a028181c1ec609a71b11e74  SRPMS/OpenLinux-newkeys-2002-1.src.rpm
       

   5.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh OpenLinux-newkeys-2002-1.i386.rpm
         

6. OpenLinux 3.1.1 Server

    n/a

7. OpenLinux 3.1.1 Workstation

    n/a


8. References

   This and other Caldera security resources are located at:

   http://www.caldera.com/support/security/index.html

   This security fix closes Caldera's internal Problem Report sr860753.


9. Disclaimer

   Caldera International, Inc. is not responsible for the misuse of
   any of the information we provide on this website and/or through our
   security advisories. Our advisories are a service to our customers
   intended to promote secure installation and use of Caldera International
   products.

______________________________________________________________________________