Pufferüberlauf in sudo (Aktualisierung)
ID: | DSA-031-2 |
Distribution: | Debian |
Plattformen: | Debian potato |
Datum: | Di, 6. März 2001, 12:00 |
Referenzen: | Keine Angabe |
Applikationen: | sudo |
Update von: | Pufferüberlauf in sudo |
Originalnachricht |
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ---------------------------------------------------------------------------- Debian Security Advisory DSA-031-2 security@debian.org http://www.debian.org/security/ Martin Schulze March 6, 2001 ---------------------------------------------------------------------------- Package : sudo Vulnerability : buffer overflow Debian-specific: no Todd Miller announced a new version of sudo which corrects a buffer overflow that could potentially be used to gain root privilages on the local system. This bugfix has been backported to the version which was used in Debian GNU/Linux 2.2. The most recent advisory covering sudo missed one architecture that was released with 2.2. Therefore this advisory is only an addition to DSA 031-1 and only adds the relevant package for the powerpc architecture. We recommend you upgrade your sudo packages for powerpc immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato ------------------------------------ Potato was released for the alpha, arm, i386, m68k, powerpc and sparc architectures. PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/sudo_1.6.2p2-1potato1_powerpc.deb MD5 checksum: aed5d9d437b614ab8495cbafe2d421ac These files will be moved into ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . ---------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show |