COMMAND

    umb-scheme

SYSTEMS AFFECTED

    Linux

PROBLEM

    New umb-scheme packages are available  for Red Hat Linux 6.2  that
    fix  a  problem  with  file  permissions.   The umb-scheme package
    included with Red Hat Linux 6.2 included two world-writable files.
    For more details, see:

        http://oliver.efri.hr/~crv/security/bugs/Linux/various.html

SOLUTION

    RPMs required:

        ftp://updates.redhat.com/6.2/sparc/umb-scheme-3.2-12.sparc.rpm
        ftp://updates.redhat.com/6.2/alpha/umb-scheme-3.2-12.alpha.rpm
        ftp://updates.redhat.com/6.2/i386/umb-scheme-3.2-12.i386.rpm
        ftp://updates.redhat.com/6.2/SRPMS/umb-scheme-3.2-12.src.rpm

    Conectiva Linux also ships umb-scheme, but is not affected by this
    vulnerability.

    In response to Red Hat Advisory RHSA-2000:047-03,  Linux-Mandrake,
    which also ships umb-scheme, is not affected by this problem.