LinuxAnswers - the LQ Linux tutorial section.
Go Back > Forums > Linux Forums > Linux - Distributions > Mandriva > Conectiva
User Name
Conectiva This forum is for the discussion of Conectiva Linux.


Search this Thread
Old 03-07-2005, 05:38 PM   #1
Registered: Oct 2004
Location: USA
Distribution: Vector Linux 5.1 Std., Vector Linux 5.8 Std., Win2k, XP, OS X (10.4 & 10.5)
Posts: 344

Rep: Reputation: 42
Bugfixes & vulnerability patches

Here is the link for obtaining the updates:


Last edited by thorn168; 03-18-2005 at 03:33 PM.
Old 03-18-2005, 03:38 PM   #2
Registered: Oct 2004
Location: USA
Distribution: Vector Linux 5.1 Std., Vector Linux 5.8 Std., Win2k, XP, OS X (10.4 & 10.5)
Posts: 344

Original Poster
Rep: Reputation: 42
Conectiva Linux 10 Update 1 Final - Release Notes

Apologies for the long post but interested parties should not have to D/L an iso just to see what has been fixed in this release.

This patch enables SELinux support in the kernel. (Yeah now my favorite distro has secure computing options!)

1. Contents

1. Contents
2. Introduction
3. Kernel Fixes and Enhancements
4. Installer Fixes
5. Official Updates
6. Original CL 10 Release Notes

2. Introduction

Welcome to Conectiva Linux 10 Update 1.
This CD includes:

* official updates
* installer with fixes
* kernel 2.6.10 final plus extra patches
* new mozilla version 1.7.3
* new nvidia driver 6629
* new mozilla version 1.7.3
* drbd 0.7.5
* alsa-lib 1.0.7
* alsa-oss 1.0.7

This CD can be used basically in two ways:
* To update an already installed system with Conectiva Linux 10, doing:

- apt-cdrom add
- apt-get dist-upgrade

* To fresh install Conectiva Linux 10:
- simply boot this update CD and follow the normal installation
procedures. The installer will use the updated packages and will
ask for the other CL 10 CDs accordly to the installation profile.

Due to installer architecture, you can also make a minimal install with
only this update CD.

Please report any problem with this CD in our bugzilla:

3. Kernel Fixes and Enhancements

* updated to 2.6.10 final plus extra patches
* support for adaptec "hostraid" controllers
* fixed kernel to be able to use new version 6629 of nvidia driver.
* fixed VIA audio interrupt.
* added support for Siemens x65 series of mobiles.
* enabled SELinux kernel support.
* fixed bug with cdrom model LTN486S (DMA).
* removed support orinoco rfmon dragorn.
* ACPI fixes.
* Various security fixes.
* added drbd module and updated userlevel utilities

4. Installer Fixes

* some Compaq CCISS based controllers are now correctly detected
(bugzilla tickets #12752, #13042, #13058, #13171);
* rewritten gtk fe user cfg screen. Fixed tab order bug (bugzilla ticket
* added 'splash=silent' into bootsplash KERNEL_PARAMETER option on
kernel-postinstall.conf file.
* fixed binfmt-310 modprobe.conf alias;
* setted root name to 'System Administrator' into /etc/passwd;
* fixed scsi alias on modprobe.conf (bugzilla ticket #12367);
* added mount option into fstab for jfs partitions (bugzilla ticket
* some others fixes into jfs management;
* disabled get_CPU_type resource function to allow the user to overwrite
the cpu type value. The cpu_type can be setted by passing
'cpu_type=i{4,5,6}86' on bootloader cmd line. This option sets synaptic
to force the architecture package on installation;
* fixing wrong cmdline path when reading the proc command line to get
some informations. This fix is usefull when the user need to pass some
kernel options in the GRUB command line.
* fixed problem when user tries to create some partition that ends with
..lib, ..sbin, etc. (bugzilla ticket #12850);
* added support for detection of sata_sis and sata_nv kernel module;
* fixed problem with Dell Poweredge 1800 (bugzilla ticket #13378);
* fixed problem with "noexec" option in fstab (bugzilla ticket #13384);

5. Known problems

* Some sata devices (specially those based on sata_via used in VIA
chipsets) have been renamed from /dev/hdX to /dev/sdX. In order to
boot corretly, you need to change the "root=/dev/hdXn" to
"root=/dev/sdXn" in /boot/grub/menu.lst and change /etc/fstab
* nvidia based VGA controllers are not working in some cases. There is
no solution at this point other than to boot again with the old
kernel and wait for a new NVidia release (or use the opensource "nv" driver)
* slmodem and ltmodem modules are not working with kernel 2.6.10

6. Official updates

2005-01-26 13:41:00 squid Multiple vulnerabilities in squid
2005-01-25 13:50:00 xpdf Multiple vulnerabilities in xpdf
2005-01-20 12:13:00 libtiff3 Multiple vulnerabilities in libtiff
2005-01-13 11:56:00 krb5 Fix for buffer overflow
in libkadm5srv
2005-01-13 11:40:00 php4 Multiple vulnerabilities in php4
2005-01-06 17:10:00 samba Multiple vulnerabilities in Samba
2005-01-06 16:53:00 sarg New sarg version
2004-12-21 10:59:00 linuxconf-cnc_rbc Fixes for remote boot
2004-12-01 18:21:00 cyrus-imapd Multiple vulnerabilities
in cyrus-imapd
2004-12-01 15:50:00 bittorrent New bittorrent version
2004-12-01 13:28:00 abiword Fix for buffer overflow vulnerability
2004-12-01 13:22:00 clamav New upstream for clamav
2004-11-26 18:31:00 sun-jre Java plugin vulnerability
2004-11-25 13:03:00 samba Fix for Samba's denial of service
2004-11-25 11:38:00 dhcpcd Fix for an incorrect dhcpcd behavior
2004-11-25 11:16:00 smbldap-tool smbldap-tools new version
2004-11-23 13:43:00 bugzilla Fix for remote vulnerability
2004-11-23 11:12:00 shadow-utils Fix for shadow-utils
authentication bypass vulnerability
2004-11-23 11:09:00 setup Fixes for incorrect handling of white
spaces in main group names
2004-11-22 10:01:00 chkrootkit Fixes for missing dependencies
2004-11-18 11:48:00 MySQL Fixes for several mysql
2004-11-18 11:42:00 linuxconf Better support for kernel 2.6
2004-11-18 09:20:00 libxml2 Fixes for libxml2 buffer overflow
2004-11-11 15:16:00 sasl2 Fix for buffer overflow vulnerability
2004-11-08 11:19:00 libtiff3 Fixes for libtiff vulnerabilities
2004-11-08 11:13:00 xpdf Fixes for xpdf vulnerabilities
2004-11-08 11:05:00 rsync Backward compatibility for rsync
2004-11-04 12:51:00 gaim Fixes for gaim's vulnerabilities
2004-11-04 12:47:00 apache Fix for mod_ssl vulnerability
2004-11-04 12:39:00 subversion Fixes for subverion's
2004-11-03 10:48:00 squid Fixes for squid vulnerabilities
2004-11-01 12:20:00 rsync Fix for path sanitation
2004-10-27 14:36:00 foomatic-filters Fix for foomatic vulnerability
2004-10-26 18:05:00 kernel Fixes for kernel vulnerabilities
2004-10-25 15:45:00 zlib Fix for denial of service vulnerab.
2004-10-22 16:18:00 mozilla New upstream for mozilla
2004-10-20 14:14:00 apt Fix for invalid version comparison
2004-10-18 14:01:00 gtk+ Fixes for image loading
2004-10-14 14:15:00 glibc Daylight saving time for Brazil
2004-10-14 11:44:00 samba Fix for samba vulnerabilities
2004-10-14 11:12:00 cups Fix for CUPS denial of service vulner.
2004-10-05 12:15:00 amanda Fixes for the amanda package
2004-09-28 11:37:00 imlib Fix for a buffer overflow in imlib and imlib2
2004-09-23 12:10:00 apache Several vulnerabilities in apache,
mod_ssl and mod_dav
2004-09-22 11:02:00 spamassassin Fix for denial of service vulnerab.
in SpamAssassin
2004-09-22 10:55:00 qt3 Fixes for image loader vulnerabilities
2004-09-13 12:11:00 zlib Fix for denial of service vulnerab.
2004-09-13 11:35:00 kde Fix for multiple security vulnerab.
2004-09-10 17:35:00 wv Fix for buffer overflow vulnerability
2004-09-09 20:53:00 krb5 Multiple vulnerabilities in Kerberos 5
2004-08-31 10:48:00 cups Added support for Okidata B4300/B4350
2004-08-06 09:53:00 libpng Several vulnerabilities in libpng
2004-07-30 16:39:00 sox Buffer overflow vulnerability
2004-07-28 12:39:00 kernel Fixes for kernel vulnerabilities
2004-07-22 13:01:00 samba Multiple potential buffer overruns
2004-07-22 11:53:00 kdenetwork Updates for kopete's ICQ and Yahoo!
protocol handlers
2004-07-22 11:22:00 php4 Fixes mail() function support
2004-07-16 19:06:00 webmin Vulnerability in Webmin's ACL
2004-07-16 11:56:00 php4 Remote arbitrary code execution
vulnerabilities and other

7. Original CL 10 Release Notes

7.1. Contents

6.1. Contents
6.2. Introduction
6.3. System installation
6.4. System environment
6.5. Kernel
6.6. Hardware support
6.7. Package upgrade issues
6.8. New packages
6.9. Other important package changes

7.2. Introduction

Welcome to Conectiva Linux 10. This file describes some of the new
features and known system upgrade issues. Please read the "Package
upgrade issues" section below before upgrading from a previous version
of Conectiva Linux.

7.3. System installation

Conectiva Linux 10 may be installed on a new system or upgrade a
previously installed Conectiva Linux 9. The system administrator may
upgrade the distribution using APT from a running system or booting
the CL10 installation CD (in such case the installer needs 200Mb under
/tmp to store transient data).

To upgrade using APT, remove CL9 entries from your
/etc/apt/source.list file, add CL10 entries running "apt-cdrom
add" for each CD, install apt-static with apt-get install apt-static
and run /bin/update-to-cl10. Notice that better upgrading results are
achieved by using the set of 3 CDs.

Other installation notes:
* Press F2 to open an X terminal if you run the installer in expert
* The standard installation requires only the first CD
* A "media check" option is available in the bootloader menu. Use
this option to check media integrity should you run into
installation problems.
* Sound cards: at the first boot after the installation, a script
will attempt to detect and configure PCI sound cards.
* Extra packages (not included in the CDs) are available for
download at Conectiva's APT server and mirrors.
* DAC960 owners may need to choose LILO instead of GRUB as the
system bootloader.
* Check for further
documentation on advanced options, tricks to work around problems
or to learn how to build custom installation disks.

7.4. System environment

* Webmin replaced Linuxconf as the default administration tool.
* Supermount is enabled by default for removable media (CD-ROM,
floppies, usb-storage, etc.)
* SCSI emulation is no longer needed to use CD recorders.
* POSIX ACLs: the option to use POSIX ACLs is now available, just
add "acl" to the mount options. Samba can also take advantage of
this to emulate NT-type ACLs.
* Conectiva Linux is not generating core dumps anymore by default.
If you need to inspect core dumps, just change the value passed to
ulimit -c at /etc/profile. See man bash for more information about
ulimit. Note that this is not changed if /etc/profile was
* When printing with any application that is not CUPS-aware, a
second printing dialog will be shown, giving the user the
possibility to choose printer destination, printer quality, page
size and more. If you don't like it, you may safely disable it at
/etc/cups/lpd.conf and /etc/cups/lpq.conf. Applications that know
CUPS doesn't need that window and so it is not shown.

7.5. Kernel

Conectiva Linux 10 ships with the Linux kernel 2.6.5.
* Building third-party modules: to build an external kernel module,
such as VMware modules, just copy the configuration file from
/usr/src/linux/configs/ to /usr/src/linux/.config, and run the
command make prepare-all.
* Kernel post-install: kernel upgrades are now somewhat automatic,
meaning that apt/synaptic installs the new kernel and a
post-install script kicks in in order to insert the new kernel
configuration in the grub bootloader (/boot/grub/menu.lst) and to
create the necessary initrd image. The new kernel is not loaded by
default, but it's there in the grub menu. If you are satisfied
with it, just change the default to the new kernel in
/boot/grub/menu.lst afterwards. NOTE: boot parameters from the
previous kernel, including bootsplash parameters, are NOT copied
automatically to the new kernel entry. The system administrator
must review and copy these parameters manually.

7.6. Hardware support

A number of hardware devices that require drivers supplied by the
device manufacturer are now configured at system installation time.
* NVIDIA 3D drivers: Conectiva Linux 10 ships with the NVIDIA
display drivers (kernel module, glx library and xfree86 additional
modules). NVIDIA cards should work in accelerated 3D mode out of
the box.
* Softmodems: CL10 includes drivers for some softmodem models
* Printers: the CUPS driver includes support for over a thousand
printer models and can be configured from the command line, GNOME,
KDE or its own configuration interface. By installing any package
in the format task-printer-<manufacturer> you will be able to
print to almost any printer from that manufacturer.

7.7. Package upgrade issues

Please read this section carefully to avoid problems arising from
system upgrade.
* OpenLDAP: When upgrading from OpenLDAP-2.1.17 or earlier (in the
2.1 series) to openldap 2.1.18 or higher, the indexes need to be
rebuild with the slapindex command. OpenLDAP now uses the DB 4.2.x
backend instead of DB 4.1.x in CL9. This requires a db4.1_recover
to be run prior to upgrade, and db4.2_recover after the upgrade.
The log file format has changed.
* cyrus-imap: Cyrus-imap has been updated to the 2.2.x branch. The
upgrade process is automated, but backups should be made just in
case. One of the new features of this release is support for
virtual domains.
* Linuxconf: Linuxconf tools and utils will be obsoleted in CL11.
Some modules were removed in CL10 due to not being in sync with
the tools they used to manage. These modules are: linuxconf-tools,
linuxconf-drbdconf, linuxconf-heartbeatconf, linuxconf-printer and
* Mailman: The following directories have been moved from
/usr/lib/mailman to /var/lib/mailman: qfiles, spam, lists, locks,
data and archives. It's up to the system administrator to
copy/move the previous data from /usr/lib. Administrators must
take special precautions when upgrading: turn off your incoming
mail daemon (for example, postfix) and temporarily disable web
access to Mailman. The update script is run automatically by the
rpm package.
* Postgresql: a database dump is required before upgrading
postgresql to the version available in CL10. After the upgrade,
the dumped database can be reloaded. If this step is not
performed, the database will not be accessible any more in the new
database environment.
* mplayer: the directory for win32 codecs was moved from
/usr/lib/mplayer/win32 to /usr/lib/win32 to be compatible with
other players (like xine). The RPM package will attempt to move
the codecs from the old directory to the new one if it detects the
old installation.

7.8. New packages

Several new packages have been added in this release, a few of them
are highlighted below:
* Macromedia Flash 7 plugin.
* Anti-virus: Conectiva Linux 10 ships with clamav and amavisd-new.
Samba is also being shipped with several VFS anti-virus modules.
* Ximian connector: Ximian connector is included as a plugin for the
Evolution mail client. This plugin allows Evolution users to
access the groupware features on Exchange 2000 or 2003 server, as
well as email.
* Personal firewall: starting with CL10, we now ship a personal
firewall script (cnc-personal-firewall) and its graphical
configuration utility, myfirewallcontrol. This firewall is aimed
for desktop users, not servers, with a simple enough configuration
that should be sufficient for most users.

7.9. Other important package changes

* APT: Lua scripting interface has been added to the Advanced
Packaging Tool. Apt now has a log of transactions in
/var/log/apt.log, and default installation of apt has AutoClean
on, to auto remove obsoleted packages of local cache. This allows
a cache to be maintained over a long period without it growing out
of control.
* CVS: The cvs package went through some changes at this new release
that focused on security. Updating from previous Conectiva Linux
releases shouldn't be a problem, since the main package only got a
default xinetd config file. The server now runs under a chroot
environment and uses remote access based on ssh. cvs-chroot
maintenance tools include: cvs_mkrepos (creates a new repository),
cvs_useradd (add a new user) and cvs_userdel (remove an user).
* Bind: there is no option now for running bind in or out a chrooted
environment. For security reasons, bind's main package will
automatically install bind into a chroot jail and run it in there.
Upgrading from old packages should be clean.
* Default DB_CONFIG configuration file: Both OpenLDAP and
cyrus-imapd are now shipped with default DB_CONFIG files which
raise some default values to more appropriate levels, such as
caching and buffering. The default values are too low. Performance
should increase on a default installation, but further tuning in
this file could increase performance even more.
* Samba: The default configuration file has been rewritten and an
option to automatically create machine accounts has been added, as
well as an option to automatically download printer drivers. Samba
log files have also been changed from the "log.%m" format to
"%m.log" to make it easier on the logrotate script which can now
use just "*.log" for the file specification. Previously it was
using "log.*", which also included already rotated (and
compressed) log files.
* Mozilla and Galeon: Galeon has been obsoleted in favor of
epiphany, the GNOME 2 official browser. Mozilla (and other
browsers based on it, such as epiphany) now also has
support for NTLM authentication.
Old 05-05-2005, 03:40 PM   #3
Registered: Oct 2004
Location: USA
Distribution: Vector Linux 5.1 Std., Vector Linux 5.8 Std., Win2k, XP, OS X (10.4 & 10.5)
Posts: 344

Original Poster
Rep: Reputation: 42
How-to install the Conectiva updated kernal via Floppies.

Burn the Update iso to CD

Then on the CD goto the dosutils folder and find rawwrite.exe

Get 3 freashly formatted floppies

open rawwrite and navigate to the floppies folder.

First select boot.img and write it to the first disk.

Then select floppy.img and write it to the 2nd disk.

(The third disk is optional in my opinion.)

then select floppy-drivers.img and write it to the 3rd disk.

(Why is this useful you may ask? Because the CD-Rom in my machine will not boot!)

The boot sequence will be:

1. Boot.img

2. Floppy.img

Then if the updated cd-rom is in the drive the installer will begin to read the rest of the install info from the disk.

Conectiva did not document this proceedure well so I had to "discover" it and translate it from the original Portuguese.

So a fresh Conectiva 10 install should be installed using the Update disk then select your install profile, then install the required files from the initial release disks.

I hope this helps the Conectiva faithful out there.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Ph&#7909;c h&#7891;i d&#7919; li&#7879;u b&#7883; m&#7845;t???, c&#7913; pollsite General 1 06-27-2005 12:39 PM
Howto manually download and install Mandrake bugfixes? Fnurr Mandriva 2 01-18-2005 03:27 PM
optimal kernel cooking & dealing with incompatible patches Ben2210 Linux - Software 5 10-31-2004 12:32 PM
RedHat patches vs open source patches paulsh2k4 Linux - Software 1 10-14-2004 03:18 AM
wget & Slack patches revenant Linux - Software 2 08-30-2004 12:53 PM

All times are GMT -5. The time now is 03:19 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration