Package name
Advisory ID
Affected versions
8.0 i586 , SNF7.2 i586 , 7.2 i586

Problem description

A bug exists in xinetd as shipped with Mandrake Linux 8.0 dealing with TCP connections with the WAIT state that prevents linuxconf-web from working properly. As well, xinetd contains a security flaw in which it defaults to a umask of 0. This means that applications using the xinetd umask that do not set permissions themselves (like SWAT, a web configuration tool for Samba), will create world writable files. This update sets the default umask to 022.

Updated packages

8.0 i586

 b5e1f34214417502ca891bd3993a50c5  8.0/RPMS/xinetd-
683f1ce09c630432cf5cd876ef9f0f65  8.0/RPMS/xinetd-ipv6-
e6902c3dd3b9c321f41d2bf95d260972  8.0/SRPMS/xinetd-

SNF7.2 i586

 dcfddcde15315b6798d4303096eb41b6  snf7.2/RPMS/xinetd-
06f6fe56ea492d021538863f08c297ce  snf7.2/SRPMS/xinetd-

7.2 i586

 dcfddcde15315b6798d4303096eb41b6  7.2/RPMS/xinetd-
06f6fe56ea492d021538863f08c297ce  7.2/SRPMS/xinetd-