MDKSA-2001:055

Package name

xinetd

Date

2001-06-11

Advisory ID

MDKSA-2001:055

Affected versions

8.0 i586 , SNF7.2 i586 , 7.2 i586

Problem description

A bug exists in xinetd as shipped with Mandrake Linux 8.0 dealing with TCP connections with the WAIT state that prevents linuxconf-web from working properly. As well, xinetd contains a security flaw in which it defaults to a umask of 0. This means that applications using the xinetd umask that do not set permissions themselves (like SWAT, a web configuration tool for Samba), will create world writable files. This update sets the default umask to 022.

Updated packages

8.0 i586

 b5e1f34214417502ca891bd3993a50c5  8.0/RPMS/xinetd-2.1.8.9pre15-1.1mdk.i586.rpm
683f1ce09c630432cf5cd876ef9f0f65  8.0/RPMS/xinetd-ipv6-2.1.8.9pre15-1.1mdk.i586.rpm
e6902c3dd3b9c321f41d2bf95d260972  8.0/SRPMS/xinetd-2.1.8.9pre15-1.1mdk.src.rpm

SNF7.2 i586

 dcfddcde15315b6798d4303096eb41b6  snf7.2/RPMS/xinetd-2.1.8.9pre15-1.2mdk.i586.rpm
06f6fe56ea492d021538863f08c297ce  snf7.2/SRPMS/xinetd-2.1.8.9pre15-1.2mdk.src.rpm

7.2 i586

 dcfddcde15315b6798d4303096eb41b6  7.2/RPMS/xinetd-2.1.8.9pre15-1.2mdk.i586.rpm
06f6fe56ea492d021538863f08c297ce  7.2/SRPMS/xinetd-2.1.8.9pre15-1.2mdk.src.rpm