Jump to content


NEW UPDATES RH 9.0!!


  • Please log in to reply
87 replies to this topic

#1 OFFLINE   jong357

jong357

    Message Adept

  • Members
  • PipPipPip
  • 89 posts

Posted 12 June 2003 - 03:57 AM

THIS THREAD WILL RE-APPEAR EACH TIME THERE WILL BE NEW UPDATES Do yourself a favor and make that annoying exclamation mark turn into a less annoying check mark!!! Updating after a clean install can be time consuming with dial up, but once done, will insure that you have the latest packages available for your system. Errata (bug/security fixes) do not apply by running Up2date. You must log in to your account and then visit the "Eratta" tab in order to schedule those fixes. You will have to wait in line to use their server but shouldn't take more than an hour to start downloading at any given time.... Running "up2date" at a prompt or simpliy clicking on the icon in the task bar will enable you to download all other available packages.... All updates and Eratta listed on this thread apply to a Full install of Version 9, excluding all server packages. If you run a server there may be others that are not listed here. It is important to enable "E-mail Notification" on your account to be informed of such updates.ERRATA: ( Do not log out while you are waiting )--Peachy lists a link below for manual download--Security Advisory RHSA-2003:108    Updated Evolution packages fix multiple vulnerabilities   2003-03-31Security Advisory RHSA-2003:120 Updated sendmail packages fix vulnerability 2003-03-31Security Advisory RHSA-2003:101 Updated OpenSSL packages fix vulnerabilities 2003-04-01Security Advisory RHSA-2003:091 Updated kerberos packages fix various vulnerabilities 2003-04-02Security Advisory RHSA-2003:128 Updated Eye of GNOME packages fix vulnerability 2003-04-03Security Advisory RHSA-2003:109 Updated balsa and mutt packages fix vulnerabilities 2003-04-03Security Advisory RHSA-2003:135 Updated 2.4 kernel fixes USB storage 2003-04-08Security Advisory RHSA-2003:137 New samba packages fix security vulnerability 2003-04-09Bug Fix Advisory RHBA-2003:136 glibc bugfix errata 2003-04-09Security Advisory RHSA-2003:126 Updated gtkhtml packages fix vulnerability 2003-04-14Security Advisory RHSA-2003:076 Updated ethereal packages fix security vulnerabilities 2003-04-23Security Advisory RHSA-2003:002 Updated KDE packages fix security issues 2003-05-12Security Advisory RHSA-2003:160 Updated xinetd packages fix a denial-of-service attack and other bugs 2003-05-13Security Advisory RHSA-2003:172 Updated 2.4 kernel fixes security vulnerabilities and various bugs 2003-05-14Security Advisory RHSA-2003:174 Updated tcpdump packages fix privilege dropping error 2003-05-15Security Advisory RHSA-2003:175 Updated gnupg packages fix validation bug 2003-05-20Security Advisory RHSA-2003:171 Updated CUPS packages fix denial of service attack 2003-05-27Security Advisory RHSA-2003:181 Updated ghostscript packages fix vulnerability 2003-05-30Security Advisory RHSA-2003:187 Updated 2.4 kernel fixes vulnerabilities and driver bugs 2003-06-03Bug Fix Advisory RHBA-2003:185 Updated printer database available 2003-06-09UPDATED PACKAGES : ( After applying all Errata )Well, it appears there are none after applying all erata... Every single updated package listed thru "up2date" is contained within the errata themselves... Whether you choose to update thru RHN or up2date, it doesn't matter....( disregard my statement about errata not being applied thru up2date ). For those of you using a winmodem, it will likely not work after upgrading the Kernel. Just a word of warning....

#2 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 12 June 2003 - 04:05 AM

Brilliant Jon !This will make our RedHat users happy and give them a safe and bugfree system. The list is long, but as I understand this is a backlog of several month of updates, since the release of RedHat 9.Thanks a millionB) Bruno

#3 OFFLINE   jong357

jong357

    Message Adept

  • Members
  • PipPipPip
  • 89 posts

Posted 12 June 2003 - 04:08 AM

Yep... That is EVERY update since the OS hit the shelves.... Once you get all that under your belt, it's relatively painless to stay current....Jon

#4 OFFLINE   havnblast

havnblast

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,878 posts

Posted 12 June 2003 - 04:17 AM

:huh:   still don't see how it's free - cause I didn't see any of the package updates in my RedHat account on the web to download.  All I saw was the update pretaining to the Kernal

#5 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 12 June 2003 - 04:29 AM

ABOUT KERNEL UPGRADES WARNING !! NOTE: People with a Nvidia kernel should wait for the right nvidia packages, or will lose their 3D support ! See Mike180´s Thread and This one from Havnblast !!!

Jong357, on June 12 2003, said:

I also don't update the Kernel.... Many things are dependent on the Kernel version. Every six months there will be a new release anyway, so why bother.....
:huh: Bruno

#6 OFFLINE   havnblast

havnblast

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,878 posts

Posted 12 June 2003 - 04:57 AM

Bruno you need to fix the one link - it is messed up with the URLWhat I was hoping was that the new kernal version would be more stable than the one I got.  I wonder if this is an issue with all video cards and RH 9.0 or just nvidia.

#7 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 12 June 2003 - 05:02 AM

Thanks Kelly, fixed the link . . . it´s O.K. now. ( the google-site it pointed to first did not hold any good info :huh: ):( Bruno

#8 OFFLINE   Peachy

Peachy

    Anarquista De Sartorial

  • Forum Moderators
  • 5,426 posts

Posted 12 June 2003 - 08:55 AM

havnblast, on Jun 12 2003, 04:17 AM, said:

:unsure:   still don't see how it's free - cause I didn't see any of the package updates in my RedHat account on the web to download.  All I saw was the update pretaining to the Kernal
Kelly,Use this url: http://www.redhat.co.../support/errata. You can download the RPMs directly.

'freedom...is actually the reason that men live together in political organisations at all. Without it, political life as such would be meaningless. The raison d'Être of politics is freedom, and its field of experience is action'.
My Flickr Photo Blog Posted Image
del.icio.us bookmarks Posted Image


#9 OFFLINE   havnblast

havnblast

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,878 posts

Posted 12 June 2003 - 11:26 AM

Thanks!That works - downloading as we speak  :unsure:  I'll just skip the up2date concept and download em directly - than I got a copy for later if needed

#10 OFFLINE   jong357

jong357

    Message Adept

  • Members
  • PipPipPip
  • 89 posts

Posted 12 June 2003 - 01:55 PM

Thanks Peachy... That should be links for everything now..... :unsure: I also noticed that once you apply all the errata, your list of updated packages decrease significantly.... I'll have to take those out...Jon

#11 OFFLINE   havnblast

havnblast

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,878 posts

Posted 13 June 2003 - 01:48 AM

Ok, so quick question on the errata updates - If you see a bunch of em and you download the most current one does that include the previous ones too?I am mainly talking about the ones you see that are Updated 2.4 kernel fixes,  since I just update kernal to 2.4.20-18.9 would I need the updates prior to that release date?

#12 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 13 June 2003 - 04:55 AM

havnblast, on Jun 13 2003, 07:48 AM, said:

Ok, so quick question on the errata updates - If you see a bunch of em and you download the most current one does that include the previous ones too?I am mainly talking about the ones you see that are Updated 2.4 kernel fixes,  since I just update kernal to 2.4.20-18.9 would I need the updates prior to that release date?
KellyIn most cases, a security update fixes a hole (vunerabillety ), the same hole is not fixed twice, if there is a new hole, that one gets fixed after . . . . so what I´m saying is you need all the updates, and the best is to do them in the order of the dates the patches came out., only a kernel upgrade would replace the old one with a new one, so previous patches are useless.Linux is always very quick to patch new vunerabilleties, that is why most of them are small and only target one problem at a time. Also this is why there are so many. Saving up bugs and security issues for one big fix is a policy of an( other ) well known software maker :blink: B) :DB) Bruno

#13 OFFLINE   nlinecomputers

nlinecomputers

    Discussion Deity

  • No Longer a Member
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,932 posts

Posted 13 June 2003 - 05:35 AM

Bruno,

Quote

Ok, so quick question on the errata updates - If you see a bunch of em and you download the most current one does that include the previous ones too?

Quote

In most cases, a security update fixes a hole (vunerabillety ), the same hole is not fixed twice, if there is a new hole, that one gets fixed after . . . . so what I´m saying is you need all the updates, and the best is to do them in the order of the dates the patches came out., only a kernel upgrade would replace the old one with a new one, so previous patches are useless.
Perhaps I'm incorrect or I am missunderstanding you but I disagree with that line.When a linux distro makes a patch to a package (a RPM file) the old version of the package is removed and replaced with the new RPM file.  It will have a new (higher) version number.  Most programers use a three place version number scheme  of x.y.z  X is a major revison.  Y a minor revision.  And Z is used to denote patches.  For example  Mandrake 9.1 shipped with apache 2.0.45.  A patch came out to push the version number to 2.0.46.  If you don't have apache on your system and deside to install it it is NOT required for you to install 2.0.45 off your CDs and then "patch" it.  You can simply download and install 2.0.46 from the update website.
Nathan Williams, N-Line Computers

How to kill a programmer:  Give him a shampoo bottle.  Lather, Rinse, Repeat.

#14 OFFLINE   jong357

jong357

    Message Adept

  • Members
  • PipPipPip
  • 89 posts

Posted 13 June 2003 - 08:19 AM

You are both right and it's confusing me.... It seems to be that you are both making seperate points. I don't know. I just woke up and am not happy about it...  :blink: If I understand you right Kelly, you want to know if you download the most recent dated Errata, will you need all the others? Yes you do... You need all of them. They all contain diffirent packages and fix diffirent things.... Patching with a new kernel will not fix the vulnerabilities in cups or anything else for that matter... That kernel upgrade was specificly related to some problems with usb and a few others... On another note, I sort of mistated something on the first post of this thread. You can apply errata thru using up2date in your task launcher. I had 30 updated packages that it was telling me about. With each Errata that I scheduled and then applied thru RHN that list went down with every one.... If you noticed, that list at the bottom got decimated from what I originally posted... I still haven't done a few errata so more of those will probably get booted... So whether you choose to run "up2date" or just log in to RHN and apply all the errata, they are they same thing.... If you do a manual download of the eratta, you will see that they are nothing but all the packages that are listed thru Up2Date..... Anywho.....I'm in the process of manually downloading everything. I'm going to make a script that will execute one after the other. If you don't already have a package installed, the script will skip over it and move to the next one... If the script specifies a package that was not downloaded, it will skip over that (obviously).... I figured I would just list EVERYTHING in the script and gzip it for download or something... If anyone could use something like that. I'm getting tired of updating. Takes hours upon hours on a dial up... So if anyone was going to download them all like I am and burn them to disk, this script will be really nice.... It won't install anything that you don't already have or didn't want.... I'll link it after my downloads are complete and I test it out on a new install...Jon

#15 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 13 June 2003 - 09:23 AM

Nathan and Jon, Thanks for your remarks and clarifying things.  I have to admit that in my wish to keep it simple, I did overlook a few aspects and was not accurate.  The version numbers are indeed a good lead in this. As ultimate evidence of my split personality: The last post yesterday ( only ten hours earlier ) in The Tips for Linux Starters was a story explaining the version- and patch numbers :)  If you both keep a close eye on me, I´m sure the members of this forum will get the right information in the end :blink: ! Thanks again   B) Bruno

#16 OFFLINE   nlinecomputers

nlinecomputers

    Discussion Deity

  • No Longer a Member
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,932 posts

Posted 13 June 2003 - 09:30 AM

Quote

You are both right and it's confusing me.... It seems to be that you are both making seperate points.
Ok I see your view point.  Let me see if I can address both.Kelly and anyone else lurking in this thread.   EVERY update bullitin that Red Hat issues you should get a copy of or at least be aware of it.  Pay attention to Red Hat's advisory page that is found here.  Now it is not necessary to install every RPM on the update list. You should only use the packages that you allready have installed. For example if you have never loaded MySQL and don't want MySQL and there is a patched RPM for MySQL then don't install it.  BUT in the future should you want MySQL you should load the new RPM off the update site not the one on your CD.  For whatever package your trying to install use the latest package you can find.Now to be honest if you've got a fast connection to the internet it is almost just as easy to use the CDs to install the RPM and then immediately run up2date.(We Mandrake users have it easier.  With URPMI we can tell it to load  "MySQL" and if the lattest packages are on our CDs it prompts us for the CDs if the lattest package is on the net it downloads off the net instead.  Debian's Apt-get works the same way.)  The point is for best performance and highest security use the latest packages.  Can you hear me now?  Good. :blink:
Nathan Williams, N-Line Computers

How to kill a programmer:  Give him a shampoo bottle.  Lather, Rinse, Repeat.

#17 OFFLINE   jong357

jong357

    Message Adept

  • Members
  • PipPipPip
  • 89 posts

Posted 13 June 2003 - 07:39 PM

Quote

Can you hear me now? Good.
Did you switch computers when you typed that? :D Yea, your right... It will remove an old rpm if you update with a new one. And you don't need the old one. They are complete packages unto themselves. Apt-Get works with Red Hat as well.... Man, I love that program... I just stumbled upon it not too long ago. When I first started using Linux, I wanted Mplayer... I downloaded the rpm, ran it.. It had several dependencies... Downloaded those. Each one of those had dependencies. I pulled my hair out, said a few cuss words and said "to **** with mplayer". apt-get downloaded everything and then installed them all... Pretty slick....   You can also type: apt-get upgrade, and it will snag all your up2date packages. Still haven't really figured out Synaptic. Don't really want to... It's better thru a prompt..Jon

#18 OFFLINE   nlinecomputers

nlinecomputers

    Discussion Deity

  • No Longer a Member
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,932 posts

Posted 13 June 2003 - 11:36 PM

Synaptic is easy enought.  You see the list of RPMs you click on one hit the install Icon and bam it grabs it all.  It just a fancy front end for apt-get.  Nice thing about synaptic is that you can browse the list of RPMs.  Find cool things you never heard of before.
Nathan Williams, N-Line Computers

How to kill a programmer:  Give him a shampoo bottle.  Lather, Rinse, Repeat.

#19 OFFLINE   havnblast

havnblast

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,878 posts

Posted 14 June 2003 - 01:36 AM

I understand now - thanks guys and yes apt-get is a great tool I used it with 8.0 and installed it right away after I installed 9.0.  I agree with you Jon about doing updates on a dial up modem - very time consumingSynaptic - hmmmmm never heard of that program, will have to look into it.  I tried updating Evolution for 1.4.4 to 1.4.5 but it tells me it conflicts with files in 1.4.4 during install so it stop and doesn't do the update.  I quit doing updates after that - still waiting on my Knoppix CD - gonna give it whirl.

#20 OFFLINE   jong357

jong357

    Message Adept

  • Members
  • PipPipPip
  • 89 posts

Posted 14 June 2003 - 03:19 AM

Yea, Synaptic is pretty cool I guess. Atleast you can see what packages are available....Kelly, just type this:suapt-get install synapticAfter it is installed, just type "synaptic" at a prompt and a gui will come up listing a whole bunch of stuff available for download....Don't forget to type:apt-get updatebefore you try to grab anything... It helps to keep your list current. It is a pain to download all those errata.... I went to a nieghbors and bought some beer and used his broadband/burner to snag em' all..... For those of you who don't know about "apt", you can get it from here. Just:cd /to/directory/where/apt/issurpm -Uvh apt-0.5.5cnc5-fr2.i386.rpmassuming that is the name of the file you downloaded... It is a program that will eliminate ALL dependencies of a particular RPM..... It makes installing programs a BREEZE.... It does everything for you... As long as apt can find the program in it's database list.... It's a really slick program....Jon

#21 OFFLINE   havnblast

havnblast

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,878 posts

Posted 16 June 2003 - 07:09 AM

Ran across this and figured it would fit here perfectlyYoLinux Tutorial - How To Install and Update A Redhat Linux Kernel RPMThis tutorial covers downloading and installing a new kernel for the Redhat distribution of Linux. The Kernel is loaded from the "RPM" package format. This tutorial is most useful for Red Hat 7.1 installations and older which used the Lilo operating system boot loader. Red Hat 7.2 introduced GRUB as the default boot loader and it is configured automatically by the RPM installation. Thus users of Red Hat 7.2 and later using the GRUB boot loader need not concern themselves with any special configuration requirements. Just install the RPM's and that is it. Use the RPM command "rpm -ivh kernel-2xxx.rpm" and NOT "rpm -Uvh kernel-2xxx.rpm" as is common for most RPM upgrades. The "rpm -Uvh" RPM upgrade command will remove the kernel which is still executing! Use the command "rpm -e kernel-2-OLD.rpm" to remove the old kernel after a system reboot. Also remove reference to the old kernel in the GRUB config file /etc/grub.conf.View Full Article

#22 OFFLINE   quint

quint

    Linux Miner

  • Forum MVP
  • 3,899 posts

Posted 16 June 2003 - 02:48 PM

Thanks for the info on "Apt-Get" - what a great little program for RH. :D It's almost too easy. While I'm here, was wondering if anyone has had any luck installing "gkrellm" in RH 9.0? I installed it and "lm_sensors" (latest versions), but cannot get the temperature, fan, and voltage sensors to work. Bruno had a thread awhile back where he helped me get it running in Mandrake 9.1, but when I followed those directions, they will not work in RH. :( I'm stuck at the most important part: <modprobe i2c-proc> as well as <sensors-detect>. :( Any help is greatly appreciated; Bruno really picked another great little program here, with "gkrellm". :rolleyes:
~ Linux User # 314972 ~ Ubuntu User # 12930 ~

If you tell the truth you don't have to remember anything.
                -- Mark Twain



#23 OFFLINE   jong357

jong357

    Message Adept

  • Members
  • PipPipPip
  • 89 posts

Posted 18 June 2003 - 08:44 AM

I've never looked into that. I found their home page and will look into that... I use a laptop so it might be something cool to mess with... Still don't really know anything about it tho... If I get it working, I'll let you know Quint....Still no more updates....Jon

#24 OFFLINE   jong357

jong357

    Message Adept

  • Members
  • PipPipPip
  • 89 posts

Posted 18 June 2003 - 02:52 PM

WOO HOO!!!!Update:xpdf-2.01-8 ---------> xpdf-2.01-9:1Download4062 kbSummary:Updated Xpdf packages fix security vulnerabilityUpdated Xpdf packages are available that fix a vulnerability where amalicious PDF document could run arbitrary code.

#25 OFFLINE   quint

quint

    Linux Miner

  • Forum MVP
  • 3,899 posts

Posted 18 June 2003 - 03:18 PM

jong357, on Jun 18 2003, 02:52 PM, said:

WOO HOO!!!!Update:xpdf-2.01-8 ---------> xpdf-2.01-9:14062 kb
Thanks, Jon - got it. :D
~ Linux User # 314972 ~ Ubuntu User # 12930 ~

If you tell the truth you don't have to remember anything.
                -- Mark Twain






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users