≡ Menu

red hat enterprise

An updated autofs package that fixes a bug is now available. The autofs utility controls the operation of the automount daemon, which automatically mounts, and then unmounts file systems after a period of inactivity. File systems can include network file systems, CD-ROMs, diskettes, and other media.

How do I update my autofs package?

Simply type the following command:
# yum update

Red hat issued important security update for freetype package that that fix various security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. Multiple flaws were discovered in FreeType's Printer Font Binary (PFB) font-file format parser. If a user loaded a carefully crafted font-file with a program linked against FreeType, it could cause the application to crash, or possibly execute arbitrary code

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a font server or a complete text-rendering library.

How do I fix this issue?

Simply type the following command at a shell promot:
# yum update
Sample output:

Loading "rhnplugin" plugin
Loading "security" plugin
rhel-x86_64-server-vt-5   100% |=========================| 1.2 kB    00:00
rhel-x86_64-server-5      100% |=========================| 1.2 kB    00:00
Skipping security plugin, no data
Setting up Update Process
Resolving Dependencies
Skipping security plugin, no data
--> Running transaction check
---> Package freetype.i386 0:2.2.1-20.el5_2 set to be updated
---> Package freetype.x86_64 0:2.2.1-20.el5_2 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Updating:
 freetype                i386       2.2.1-20.el5_2   rhel-x86_64-server-5  313 k
 freetype                x86_64     2.2.1-20.el5_2   rhel-x86_64-server-5  311 k
Transaction Summary
=============================================================================
Install      0 Package(s)
Update       2 Package(s)
Remove       0 Package(s)
Total download size: 624 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): freetype-2.2.1-20. 100% |=========================| 311 kB    00:00
(2/2): freetype-2.2.1-20. 100% |=========================| 313 kB    00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating  : freetype                     ######################### [1/4]
  Updating  : freetype                     ######################### [2/4]
  Cleanup   : freetype                     ######################### [3/4]
  Cleanup   : freetype                     ######################### [4/4]
Updated: freetype.i386 0:2.2.1-20.el5_2 freetype.x86_64 0:2.2.1-20.el5_2

Red Hat Enterprise Linux 5.2 Released

Red Hat enterprise Linux version 5.2 has been released and available via a Red Hat Network subscription. This update brings broad refresh of hardware support and improved quality, combined with new features and enhancements in areas such as virtualization, desktop, networking, storage & clustering and security.

Virtualization of very large systems, with up to 64 CPUs and 512 GB of memory, is now possible. Virtualization support for NUMA-based architectures is provided, as well as security, performance, manageability and robustness improvements. CPU frequency scaling support for virtualized environments also allows for reduced power consumption.

Red Hat Enterprise Linux 5.2 provides enhanced capabilities for several hardware architectures, covering x86/x86-64, Itanium, IBM POWER and IBM System z, which provide improved performance, power usage, scalability and manageability. For example, support for Intel's Dynamic Acceleration Technology permits power saving by quiescing idle CPU cores, and offers performance gains by potentially overclocking busy cores within safe thermal levels. Other hardware enhancements include extensive device driver updates, covering storage, network and graphics devices, and certification of IBM's new Cell Blade systems.

Red Hat Enterprise Linux becomes a certified operating system for IBM's new high-performance blade server based on Cell Broadband Engine (Cell/B.E) Architecture.

Desktop version includes latest cutting edge softwares:

  • Evolution 2.12.3
  • Firefox 3
  • OpenOffice 2.3.0
  • Thunderbird 2.0

Red Hat Cluster Suite, which is included in Red Hat Enterprise Linux 5 Advanced Platform, now has a Resource Event Scripting Language that enables sophisticated application failover capabilities. It also newly supports SCSI-3 reservation fencing support for active/active and active/passive DM/MPIO (multipathing), which widens the range of storage devices that can be used in clusters.

Improved iSCSI support allows users to set-up diskless systems with a root volume on the iSCSI server, a common requirement in high-density Blade environments.


How do I upgrade my system?

First, make sure you backup existing configuration and data. Next, simply type the following two commands:
# yum update
# reboot

Verify that everything is working fine including all services:
# netstat -tulpn
# netstat -nat
# tail -f /var/log/messages
# egrep -i 'error|warn' /var/log/messages
# egrep -i 'error|warn' /path/to/apps/log/file

Alternatively, you can click on the "Red Hat Network Alert Notification GUI Tool" - which is a notifier that appears on the panel and alerts users when software package updates are available for the systems. This is point and click method.

If you are CentOS Linux user wait for some time to get all updates. More information available at Red Hat web site.

An updated caching-nameserver package that fixes a bug is now available under Red Hat Enterprise Linux.

The caching-nameserver package includes the configuration files that will make BIND, the DNS name server, act as a simple caching nameserver. Many users on dial-up connections use this package along
with BIND for this purpose. The address of L root server have been updated. All users of caching-nameserver should upgrade to this updated package, which resolves this issue.

To update just enter the following command as root user:
# up2date -u

Red Hat released updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5.

OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program.

Sean Larsson found a heap overflow flaw in the OpenOffice memory allocator. If a carefully crafted file was opened by a victim, an attacker could use the flaw to crash OpenOffice.org or, possibly, execute arbitrary code.

It was discovered that certain libraries in the Red Hat Enterprise Linux 3 and 4 openoffice.org packages had an insecure relative RPATH (runtime library search path) set in the ELF (Executable and Linking Format) header. A local user able to convince another user to run OpenOffice in an attacker-controlled directory, could run arbitrary code with the privileges of the victim.

All users of openoffice.org are advised to upgrade to these updated packages, which contain backported fixes which correct these issues.

How do I patch openoffice.org productivity suite ?

Simply type the following command at a shell prompt:
# yum update

You may be aware that after kernel upgrade and kernel security patching you need to reboot Linux box. Now, there is a new patch called - Ksplice. It provides rebootless Linux kernel security update. It is available under GPL 2 and has been tested on Linux kernel versions from 2.6.8 to the recently released 2.6.25 and on several Linux distributions including Debian, Ubuntu, Red Hat Enterprise Linux and Gentoo Linux.

Ksplice allows system administrators to apply security patches to the Linux kernel without having to reboot. Ksplice takes as input a source code change in unified diff format and the kernel source code to be patched, and it applies the patch to the corresponding running kernel. The running kernel does not need to have been prepared in advance in any way.

To be fully automatic, Ksplice's design is limited to patches that do not introduce semantic changes to data structures, but most Linux kernel security patches don't make these kinds of changes. An evaluation against Linux kernel security patches from May 2005 to December 2007 finds that Ksplice can automatically apply 84% of the 50 significant kernel vulnerabilities from this interval.

Ksplice has been implemented for Linux on the x86-32 and x86-64 architectures.

=> Ksplice: Rebootless Linux kernel security updates (via zdnet)

Red Hat Enterprise Linux 5.2 Beta Released

RHEL 5.2 beta has been released. Red Hat engineers backport many of the new features from later kernels to the Red Hat Enterprise Linux 5 kernel, such as support for new hardware and virtualization enhancements. This provides Red Hat Enterprise Linux subscribers with important new capabilities while maintaining stable application interfaces -- so that applications continue to run after new updates are installed. And, of course, it’s always worth repeating that updates, which are released about twice a year, are included with every Red Hat Enterprise Linux subscription.

This will give our you a chance to see what your systems will be running later this year. You can grab beta version from RHN.

=> Press Release : Red Hat Enterprise Linux 5.2 Beta