Re: [cobalt-users] Corrupt PKG's

[SteelHead <Bill@xxxxxxxxxxxxxxx>]

Are you installing the pkg over the net or from a local 
browser enabled machine?  

I don't understand why, if I attempt to install a pkg from 
my "local to the raq" Workstation, it works, (or I suppose, 
any box local to the browser ({ead same box}), it works as 
well.)  If I attempt to install the pkg using the gui, it 
will not work if the pkg is on a box seperate from the 
browser I am using, even if the files are local on the raq 
itself or on the cobalt FTP site.  In thoses instances, the 
raq gui tells me the pkg is corrupt.

I only use a Raq2, so I am not sure if it is symptomatic of 
all raqs.

SteelHead

On Friday 02 November 2001 06:43, Robbert Hamburg \(HaVa 
Web- & Processdesign\) wrote:
> Just a few moments our brand new raq4r arrived. When
> trying to install the patches which were released i get
> an error saying that this packagefile is corrupt.
> (http://ftp.cobalt.com/pub/packages/raq4/eng/RaQ4-All-Sec
>urity-1.0.1-8747.pk g Security: ncurses Update 1.0.1 HTTP
> RaQ4-All-Security-1.0.1-8747.pkg Posted: January 25, 2001
>  FTP Point your FTP client to ftp://ftp.cobalt.com Size:
> 1,038,655 bytes There used to be an overflowable buffer
> in the part of the ncurses library handling cursor
> movement. Attackers can force a privileged application to
> use their own termcap file containing a special terminal
> entry which will trigger the ncurses vulnerability,
> allowing them to execute arbitrary code with the
> privileges of the exploited binary. ) is there anyway to
> get a working version of this patch ?
>
>
> Furthermore I need to know wheter I can continue with
> installing the rest of the released updates ??
>
> I would to thank you in advance for your answer.
>
> Robbert
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users