2nd attempt: AIX techlibss follows links

Subject: 2nd attempt: AIX techlibss follows links
From: Klaus.KuscheOOE.GV.AT
Date: Mon Jan 10 2000 - 02:20:46 CST

• Next message: Eivind Eklund: "Re: Hotmail security hole - injecting JavaScript using <IMG"
• Previous message: Andrew Pimlott: "Re: Hotmail security hole - injecting JavaScript using <IMG"
• Next in thread: Bacano: "NIS2k"
• Reply: Bacano: "NIS2k"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2nd attempt:

"techlibss" is the program used to install IBM's monthly AIX service CD's.

The program is run as "root" and creates log files with a fixed name in /tmp
using shell redirection. Hence, it happily follows any existing symbolic
link with that name, blindly overwriting any file the link happens to point
to.

The problem is fixed with the fileset "techlib.service.rte.1.0.0.4" on the
service CD for Jan 2000.

If you have installed an older version of "techlib.service.rte", upgrade
manually (following the instructions on the CD cover), because that fileset
is not updated automatically, even if you choose to automatically update all
installed AIX filesets from the CD.

DI. Dr. Klaus Kusche
Oberoesterreichische Landesregierung / Government of Upper Austria
Rechenzentrum / Computing Centre
Smail: Kaerntnerstrasse 16, A-4020 Linz, Austria (Europe)
Phone: +43 732 7720 - 3394 Fax: +43 732 7720 3198
Email: Klaus.Kuscheooe.gv.at

• Next message: Eivind Eklund: "Re: Hotmail security hole - injecting JavaScript using <IMG"
• Previous message: Andrew Pimlott: "Re: Hotmail security hole - injecting JavaScript using <IMG"
• Next in thread: Bacano: "NIS2k"
• Reply: Bacano: "NIS2k"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b27 : Mon Jan 10 2000 - 23:50:51 CST