- Issued:
- 2005-10-05
- Updated:
- 2005-10-05
RHBA-2005:540 - Bug Fix Advisory
Synopsis
coreutils bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated coreutils package that fixes Pluggable Authentication Modules
support in the su(1) command is now available.
Description
The coreutils package contains core GNU utilities. It is the combination
of the old GNU fileutils, sh-utils, and textutils packages.
Several issues have been fixed in the su(1) command, all concerning
support for Pluggable Authentication Modules:
- su does not set the pam tty variable. This is needed for auditing among
other things.
- if there is a problem with init groups, session close must be called
since session open can mount drives.
- pam credentials should not be set in the child since the parent will
need to dispose of credentials later.
- if there is a fork error, pam credentials need to be deleted and the
session closed.
- the parent needs to delete the pam credentials before it ends pam.
All users of coreutils are advised to upgrade to this updated package,
which resolves these issues.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
Fixes
- BZ - 154946 - coreutils - su pam bugs
- BZ - 159219 - coreutils updates for new audit system
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 4
SRPM | |
---|---|
coreutils-5.2.1-31.2.src.rpm | SHA-256: 08cd87e4d53c2bf42d0f423cc83d45d3f00016c4157a500709db1b28aef461d4 |
x86_64 | |
coreutils-5.2.1-31.2.x86_64.rpm | SHA-256: fea6ad596d0b0679113b09ee1b40d72e054410668658f02046a19f822e13cd07 |
coreutils-5.2.1-31.2.x86_64.rpm | SHA-256: fea6ad596d0b0679113b09ee1b40d72e054410668658f02046a19f822e13cd07 |
ia64 | |
coreutils-5.2.1-31.2.ia64.rpm | SHA-256: 641bac5ad33f96c4aef1aa03b893676e2864de5db369f4661e90a7592b43aeb5 |
coreutils-5.2.1-31.2.ia64.rpm | SHA-256: 641bac5ad33f96c4aef1aa03b893676e2864de5db369f4661e90a7592b43aeb5 |
i386 | |
coreutils-5.2.1-31.2.i386.rpm | SHA-256: fd6bd5f3fe4464dd1bdb650ebd4c7401cf3d953ec53df9f5a70d5acae5746568 |
coreutils-5.2.1-31.2.i386.rpm | SHA-256: fd6bd5f3fe4464dd1bdb650ebd4c7401cf3d953ec53df9f5a70d5acae5746568 |
Red Hat Enterprise Linux Workstation 4
SRPM | |
---|---|
coreutils-5.2.1-31.2.src.rpm | SHA-256: 08cd87e4d53c2bf42d0f423cc83d45d3f00016c4157a500709db1b28aef461d4 |
x86_64 | |
coreutils-5.2.1-31.2.x86_64.rpm | SHA-256: fea6ad596d0b0679113b09ee1b40d72e054410668658f02046a19f822e13cd07 |
ia64 | |
coreutils-5.2.1-31.2.ia64.rpm | SHA-256: 641bac5ad33f96c4aef1aa03b893676e2864de5db369f4661e90a7592b43aeb5 |
i386 | |
coreutils-5.2.1-31.2.i386.rpm | SHA-256: fd6bd5f3fe4464dd1bdb650ebd4c7401cf3d953ec53df9f5a70d5acae5746568 |
Red Hat Enterprise Linux Desktop 4
SRPM | |
---|---|
coreutils-5.2.1-31.2.src.rpm | SHA-256: 08cd87e4d53c2bf42d0f423cc83d45d3f00016c4157a500709db1b28aef461d4 |
x86_64 | |
coreutils-5.2.1-31.2.x86_64.rpm | SHA-256: fea6ad596d0b0679113b09ee1b40d72e054410668658f02046a19f822e13cd07 |
i386 | |
coreutils-5.2.1-31.2.i386.rpm | SHA-256: fd6bd5f3fe4464dd1bdb650ebd4c7401cf3d953ec53df9f5a70d5acae5746568 |
Red Hat Enterprise Linux for IBM z Systems 4
SRPM | |
---|---|
coreutils-5.2.1-31.2.src.rpm | SHA-256: 08cd87e4d53c2bf42d0f423cc83d45d3f00016c4157a500709db1b28aef461d4 |
s390x | |
coreutils-5.2.1-31.2.s390x.rpm | SHA-256: 9bffc9194b482f5c505be4c7cff274e6cf4a348d418a678ae5c028f644ec51a6 |
s390 | |
coreutils-5.2.1-31.2.s390.rpm | SHA-256: e019c13022370eb12ae76d655461bcfa6df90fea4e3c0a0c1c943ff5c51b973d |
Red Hat Enterprise Linux for Power, big endian 4
SRPM | |
---|---|
coreutils-5.2.1-31.2.src.rpm | SHA-256: 08cd87e4d53c2bf42d0f423cc83d45d3f00016c4157a500709db1b28aef461d4 |
ppc | |
coreutils-5.2.1-31.2.ppc.rpm | SHA-256: 0ff77080faf882b555386ff399cb61800c5d87ca89447a9309cc4b6ed9640079 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.