drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in sudo
Name: |
Pufferüberlauf in sudo
|
|
ID: |
DSA-128-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian potato |
|
Datum: |
Fr, 26. April 2002, 13:00 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
sudo |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
------------------------------------------------------------------------ Debian Security Advisory DSA-128-1 security@debian.org http://www.debian.org/security/ Wichert Akkerman April 26, 2002 ------------------------------------------------------------------------
Package : sudo Problem type : buffer overflow Debian-specific: no
fc found a buffer overflow in the variable expansion code used by sudo for its prompt. Since sudo is necessarily installed suid root a local user can use this to gain root access.
This has been fixed in version 1.6.2-2.2 and we recommend that you upgrade your sudo package immediately.
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
Debian GNU/Linux 2.2 alias potato ---------------------------------
Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
Source archives: sudo_1.6.2p2-2.2.diff.gz MD5 checksum: 958560c409b43bd13463b3d380fc534a sudo_1.6.2p2-2.2.dsc MD5 checksum: 7323f0f3614513156120ccc4772524f8 sudo_1.6.2p2.orig.tar.gz MD5 checksum: dd5944c880fd5cc56bc0f0199e92d2b4
Alpha architecture: sudo_1.6.2p2-2.2_alpha.deb MD5 checksum: 66cb0d4f730560fddba65e44dd78c34d
ARM architecture: sudo_1.6.2p2-2.2_arm.deb MD5 checksum: f74bae46ebd07bd8f430261153d13f90
Intel IA-32 architecture: sudo_1.6.2p2-2.2_i386.deb MD5 checksum: 9ac9b91818dd7b2f2888aa39aac0da98
Motorola 680x0 architecture: sudo_1.6.2p2-2.2_m68k.deb MD5 checksum: 46f6d595363d23c96701cd303511e1a5
PowerPC architecture: sudo_1.6.2p2-2.2_powerpc.deb MD5 checksum: 66c23d2544e9a8f19c57c919a4a751c9
Sun Sparc architecture: sudo_1.6.2p2-2.2_sparc.deb MD5 checksum: 9654ecac0230abe0f28524469fb5887e
These packages will be moved into the stable distribution on its next revision.
-- ---------------------------------------------------------------------------- apt-get: deb http://security.debian.org/ stable/updates main dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv
iQB1AwUBPMiNiqjZR/ntlUftAQErEwL/Xi3i/N5tGqezLTsuJlgChy6MLnX7gJG4 cMa5MzW+1xUH39xz6JAgPKQv9C4FyPqgEOOwa5xt/0vkNasj8ARiu/avLM4Uk6uS 22t9YWRjlnP4tPIi4DPhv20LFu1jeSNH =0Rd2 -----END PGP SIGNATURE-----
-- To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
|
|
|
|