The following are known problems with Red Hat Linux 4.1 on
multiple platforms. Updates are available for FTP from:
Please note that newer versions of some of these packages may be
available in the same location; any new versions which are made
available will fix all of the bugs older versions did, so you can use
the latest version with no problems.
- (03-Feb-1997) logrotate-2.0.2-2 enters bogus dates
(like 1900-1-0) in its status file under certain
circumstances, and then complains about them.
logrotate-2.1-1 fixes this bug; it will not enter bogus
dates in the status file, and it silently removes any bogus
dates it finds.
- (03-Feb-1997) rpm-2.3-1 does not run ``verify scripts''
correctly. rpm-2.3.2-1 fixes this problem.
- (03-Feb-1997) rxvt-2.19-1 did not recognize the
[Alt-<] and [Alt->] keystrokes for
changing the font size. This is fixed in rxvt-2.19-2.
- (03-Feb-1997) Security Fix: sendmail-8.8.4
has a major security hole that allows remote users to
gain root access. sendmail-8.8.5-2 fixes this security
- (03-Feb-1997) sliplogin was built with unnecessary
limitations and incorrect paths in its man page.
sliplogin-2.1.0-6 fixes the problem.
- sliplogin users should note that the configuration
files changed in sliplogin-2.1.0 (which first
shipped with Red Hat Linux 4.0), so users of older versions of
sliplogin (such as the version that shipped with Red Hat Linux
3.0.3) will need to rewrite their sliplogin scripts. See
/usr/doc/sliplogin-2.1.0-6/CHANGES for details.
- sliplogin is not available on Red Hat Linux/Alpha.
- (03-Feb-1997) timeconfig-1.6-1 will only run
correctly once, that is, during installation.
timeconfig-1.7-1 fixes this problem.
- (14-Feb-1997) The smbtar and addsmbpass
programs are missing from the package. samba-1.9.16p9-7
- (14-Feb-1997) The samba daemons are not started in
runlevel 5. This is fixed in samba-1.9.16p9-8.
- (14-Feb-1997) lpd starts before named.
lpr-0.14-2 fixes this.
- (14-Feb-1997) printtool doesn't configure Epson
dot-matrix printers correctly. Also, printing to SMB hosts
sometimes causes erroneous output. These are fixed in
- (18-Feb-1997) adduser-1.2 adds an extra field to
/etc/shadow, which may cause problems adding
passwords. This is fixed in adduser-1.3.
- (18-Feb-1997) xdm was having trouble setting
proper paths and reading shell initalization files properly.
Also, shadow passwords didn't work with xdm on
- (07-Feb-1997) Security Fix: apache-1.1.3-1
fixes some security holes in apache-1.1.1. Red Hat's
default configuration for the apache httpd is not
vulnerable to these holes, but systems which customize the
configuration may be vulnerable.
- (18-Feb-1997) Security Fix
- (19-Feb-1997) tetex-0.4-7 contained errors which
occurred when non-root users tried to view dvi files and fonts
had to be created on-demand. The user would see an error
message saying they had no permission to write the font files.
tetex-0.4pl6-1 corrects file permissions to avoid this
- (17-Feb-1997) Security Fix: Red Hat Linux 4.0 and Red Hat Linux 4.1
both were shipped with wu-ftpd 2.4 beta11, which has a few
important security holes, and a few minor ones. These were
fixed in wu-ftpd 2.4 beta12.
- (17-Feb-1997) The ftpcount utility gave unusual
output in the wu-ftpd-2.4.2b12-2 package. This has been
fixed in wu-ftpd-2.4.2b12-3.
- (19-Feb-1997) Unspecified fix.
- (19-Feb-1997) Security Fix: inn-1.5.1-3
contains an important security fix.
- (26-Feb-1997) inn-1.5.1-3 continues to have
miscellaneous problems which inn-1.5.1-5 fixes.
- (26-Feb-1997) If you're upgrading from inn-1.4 to
inn-1.5.1-5, make sure you have the `to' group in
/var/lib/news/active or things won't work. Thanks to
Elliot Lee and James Youngman for help on this package.
- (26-Feb-1997) jed-0.97.14-3 was missing a small
bugfix from the author. Also, xjed didn't recognize
the keysyms generated by the numeric keypad without NumLock on
under XFree86-3.2. jed-0.97.14-4 fixes both of these
- (03-Mar-1997) Security Fix: The IMAP servers
included with all versions of Red Hat Linux have a buffer
overrun which allow *remote* users to gain root access on
systems which run them. imap-4.1.BETA-3 closes this
- (07-Mar-1997) login (and telnet, since it
uses login) allowed remote users to determine whether
a user existed on a system. This has been fixed in
- (10-Mar-1997) Security Fix: There is a possibility
for a denial of service attack in bind-4.9.5 which
allows users to render nameservers inoperative.
bind-4.9.5p1-1 includes a patch to fix this behaviour.
Packages: usercfg, pythonlib, netcfg, initscripts
- (18-Feb-1997) usercfg, pythonlib: usercfg-3.3 and
pythonlib-1.13 together fix several bugs:
- confusing password dialog made it easy to attempt and
fail to set a password;
- usercfg wasn't adding new users to the
- shadow password file handling was simplistic and easily
- adding a user with a home directory that already
existed put a .skel directory in the new user's
- several small problems caused usercfg to break
unecessarily, particularly regarding group specification
for a new user
- handles blank shadow file entries correctly
- (05-Mar-1997) netcfg, pythonlib, initscripts: A new
version of netcfg has been released. It requires a
new initscripts package and a new pythonlib
package. These fix at least three bugs:
In addition, some cosmetic bugs were fixed, the user interface
was made clearer in some aspects, and several new features were
- Didn't always find the first free interface number when
adding an interface;
- Sometimes tried to `add' an existing interface number;
- Users could confuse netcfg and mangle the
- (06-Mar-1997) pythonlib: The PAP-editing routines in
pythonlib-1.14-2 put the pap-secrets and
chap-secrets files in /etc/; they ought to go
in /etc/ppp/. Fixed in pythonlib-1.14-3.
- (12-Mar-1997) pythonlib: netcfg breaks when
modem init strings include '=' characters. Fixed with
- (18-Mar-1997) initscripts: During a system shutdown
or reboot, initscripts complains that it can't find
xargs; fixed in initscripts-2.89-1.
- (05-Mar-1997) netcfg, pythonlib, initscripts:
IMPORTANT: If you are currently using PAP or CHAP to
authenticate connections made by an interface managed by
netcfg (that is, which uses the
/etc/sysconfig/network-scripts/ifup-ppp script), you
will need to modify your /etc/ppp/pap-secrets or
/etc/ppp/chap-secrets file to take into account that
the remotename on a connection will always be the logical
interface name: for example, for the interface described by the
/etc/sysconfig/network-scripts/ifcfg-ppp0 file, the
remotename will always be `ppp0', and not the name
provided by the remote end of the connection. This change was
necessary to support PAP authentication through netcfg
(CHAP may be added to netcfg later).
- (23-Mar-1997) A missing double quote caused efax
to break. Fixed in efax-0.8a-2.
- (23-Mar-1997) Security Fix: The SNMP services in
cmu-snmp are misconfigured and allow all remote systems
read access to networking information machines which are
running snmpd. It is also straightforward to gain
write access to networking information due to these
misconfigurations, which enables simple denial of service
attacks. Fixed in cmu-snmp-3.3-1.
- (23-Mar-1997) New versions of cmu-snmp-devel and
cmu-snmp-tools are available for completeness. They do
not need to be installed to fix this problem; only the main
cmu-snmp package is necessary.
- (03-Feb-1997) Security Fix: NetKit-B-0.08-13
allowed external users to tell whether or not a username
existed on a system by using the rlogin protocol.
This is fixed in NetKit-B-0.08-14.
- (24-Mar-1997) Security Fix: There is a small
security hole in the in.tftpd daemon which allows
remote users to read all files on systems which run tftp from
inetd, even if the server is supposed to be run with a
restricted directory path (note that all versions of Red Hat
have tftp support off by default). NetKit-B-0.09-1
includes a patch to fix this problem.