drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Unsichere Verwendung temporärer Dateien in mindi
Name: |
Unsichere Verwendung temporärer Dateien in mindi
|
|
ID: |
200309-05 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Di, 2. September 2003, 13:00 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
Mindi Linux |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200309-05 --------------------------------------------------------------------
PACKAGE : mindi SUMMARY : insecure file creations DATE : 2003-09-02 10:37 UTC EXPLOIT : local VERSIONS AFFECTED : <mindi-0.86 FIXED VERSION : >=mindi-0.86 CVE : CAN-2003-0617
--------------------------------------------------------------------
Mindi creates files in /tmp which could allow local user to overwrite arbitrary files.
SOLUTION
It is recommended that all Gentoo Linux users who are running sys-apps/mindi upgrade to mindi-0.86 as follows:
emerge sync emerge mindi emerge clean
-------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz -------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/VHLdfT7nyhUpoZMRAjnKAJ0ZvugZaxlmYi2iMiBRjg0CGsptYQCgqPtF jKnwQrfogmpyoGXbfjyRsMU= =uUAM -----END PGP SIGNATURE-----
|
|
|
|