Subject: [RHSA-2000:030-01] Updated mailman packages are available. To: redhat-watch-list@redhat.com From: bugzilla@redhat.com Date: Wed, 24 May 2000 18:24 -0400 --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Updated mailman packages are available. Advisory ID: RHSA-2000:030-01 Issue date: 2000-05-24 Updated on: 2000-05-24 Product: Red Hat Secure Web Server Keywords: N/A Cross references: N/A --------------------------------------------------------------------- 1. Topic: New mailman packages are available which close security holes present in earlier versions of mailman. 2. Relevant releases/architectures: Red Hat Secure Web Server 3.0 - i386 Red Hat Secure Web Server 3.1 - i386 alpha sparc Red Hat Secure Web Server 3.2 - i386 3. Problem description: New mailman packages are available which close security holes present in earlier versions of mailman. All sites using the mailman mailing list management software should upgrade. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): N/A 6. RPMs required: Red Hat Secure Web Server 3.2: intel: ftp://ftp.redhat.com/pub/redhat/updates/secureweb/3.2/i386/mailman-2.0beta2-1.i386.rpm sources: ftp://ftp.redhat.com/pub/redhat/updates/secureweb/3.2/SRPMS/mailman-2.0beta2-1.src.rpm 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- 4515cf682bfb0c4a87c9ac6def8d5ec7 3.2/SRPMS/mailman-2.0beta2-1.src.rpm ccaf8e103c609bfa7769dfff4cf7f532 3.2/i386/mailman-2.0beta2-1.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> 8. References: N/A -- To unsubscribe: mail redhat-watch-list-request@redhat.com with "unsubscribe" as the Subject.