COMMAND

    NFS server

SYSTEMS AFFECTED

    Linux

PROBLEM

    Potential security problems have  been identified in all  versions
    of nfs-server packages shipped with Red Hat Linux and other  Linux
    implementations.   Expect  similar  announces  from  other   Linux
    vendors to follow this one.  The bug is in Linux  specific portmap
    code so this is unlikely to affect non Linux portmappers.

SOLUTION

    Users  of  Red  Hat  Linux  are  recommended to upgrade to the new
    packages available under updates directory on our ftp site:

    * Red Hat Linux 5.1 and 5.0:
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/5.1/alpha/nfs-server-2.2beta29-7.alpha.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/5.1/alpha/nfs-server-clients-2.2beta29-7.alpha.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/5.1/i386/nfs-server-2.2beta29-7.i386.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/5.1/i386/nfs-server-clients-2.2beta29-7.i386.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/5.1/sparc/nfs-server-2.2beta29-7.sparc.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/5.1/sparc/nfs-server-clients-2.2beta29-7.sparc.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/5.1/SRPMS/nfs-server-2.2beta29-7.src.rpm

    * Red Hat Linux 4.2:
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/4.2/alpha/nfs-server-2.2beta16-9.alpha.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/4.2/alpha/nfs-server-clients-2.2beta16-9.alpha.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/4.2/i386/nfs-server-2.2beta16-9.i386.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/4.2/i386/nfs-server-clients-2.2beta16-9.i386.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/4.2/sparc/nfs-server-2.2beta16-9.sparc.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/4.2/sparc/nfs-server-clients-2.2beta16-9.sparc.rpm
        rpm -Uvh ftp://ftp.redhat.com/pub/redhat/updates/4.2/SRPMS/nfs-server-2.2beta16-9.src.rpm

    A fix for a potential  security problem in the NFS  server package
    shipped with TurboLinux 2.0 is now available at:

    * i386 binary RPMs:
        ftp://ftp.pht.com/pub/turbolinux-2.0-updates/i386/nfs-server-2.2beta29-8TL.i386.rpm
        ftp://ftp.pht.com/pub/turbolinux-2.0-updates/i386/nfs-server-clients-2.2beta29-8TL.i386.rpm

    * Source RPM (SRPM):
        ftp://ftp.pht.com/pub/turbolinux-2.0-updates/SRPMS/nfs-server-2.2beta29-8TL.src.rpm