-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

		Caldera International, Inc.  Security Advisory

Subject:		Linux: REVISED: Updated Caldera Public Keys
Advisory number: 	CSSA-2002-007.2
Issue date: 		2002 May 17
Cross reference:
______________________________________________________________________________


1. Problem Description

	Caldera has generated new security keys. These keys are already
	in the 3.1.1 product.

	This update's rpms are signed with the original, expired,
	keys.

	In addition, the installation procedure for the previous
	advisory was incorrect. The rpm must be simply installed, not
	freshened.

2. Vulnerable Supported Versions

	System				Package
	----------------------------------------------------------------------

	OpenLinux 3.1 Server		prior to OpenLinux-newkeys-2002-2.i386.rpm

	OpenLinux 3.1 Workstation	prior to OpenLinux-newkeys-2002-2.i386.rpm


3. Solution

	The proper solution is to install the latest packages.


4. OpenLinux 3.1 Server

	4.1 Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS

	4.2 Packages

	dc576d3a83a101d938c54a6ed68b6129	OpenLinux-newkeys-2002-2.i386.rpm

	4.3 Installation

	rpm -i OpenLinux-newkeys-2002-2.i386.rpm

	4.4 Source Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS

	4.5 Source Packages

	26ef8f544251bba8553b1e6efd9c5e78	OpenLinux-newkeys-2002-2.src.rpm


5. OpenLinux 3.1 Workstation

	5.1 Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS

	5.2 Packages

	c896e6c967bc288159d2203c3a1235ca	OpenLinux-newkeys-2002-2.i386.rpm

	5.3 Installation

	rpm -i OpenLinux-newkeys-2002-2.i386.rpm

	5.4 Source Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS

	5.5 Source Packages

	1341973344234814061c4acda3337995	OpenLinux-newkeys-2002-2.src.rpm


6. References

	Specific references for this advisory:
		none


	Caldera OpenLinux security resources:
		http://www.caldera.com/support/security/index.html

	Caldera UNIX security resources:
		http://stage.caldera.com/support/security/

	This security fix closes Caldera incident sr860753.


7. Disclaimer

	Caldera International, Inc. is not responsible for the misuse
	of any of the information we provide on this website and/or
	through our security advisories. Our advisories are a service
	to our customers intended to promote secure installation and
	use of Caldera products.

______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjzlOacACgkQbluZssSXDTFJegCcCFeZ9UZLtElhHZGK2XuZELxs
ODEAoL46fVYIv8Pebbc69XX7aQyt7jpF
=7XXA
-----END PGP SIGNATURE-----