Debian Security Advisory - Recently two local vulnerabilities have been found in the glibc suite, which could be used to trick setuid applications to run arbitrary code.
3d3701f6b2368041d54be2e3f06b6df813bb30308a5056eb1b2fc090d37ae51a-----BEGIN PGP SIGNED MESSAGE-----
- ------------------------------------------------------------------------
Debian Security Advisory security@debian.org
http://www.debian.org/security/ Wichert Akkerman
September 5, 2000
- ------------------------------------------------------------------------
Package: glibc
Vulnerability: local exploit
Debian-specific: no
Recently two problems have been found in the glibc suite, which could be
used to trick setuid applications to run arbitrary code.
An earlier advisory listed the updates for Debian 2.2/potato. This
advisory contains updates for Debian 2.1/slink. For information
about the found problems please see the previous advisory which is
available online at http://www.debian.org/security/2000/20000902 .
UPDATE: the packages mentioned in the previous problem had a bug
that prevented some patches from being applied. This has been
fixed in version 2.0.7.19981211-6.3 .
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.1 alias slink
- ------------------------------------
Fixed packages are available for the Intel ia32 architecture.
Source archives:
http://security.debian.org/dists/slink/updates/source/glibc_2.0.7.19981211-6.3.diff.gz
MD5 checksum: 2b311a94e69a4a7f68cb0102e196a44b
http://security.debian.org/dists/slink/updates/source/glibc_2.0.7.19981211-6.3.dsc
MD5 checksum: f3952ccdd5915da0dcc86666e63ef63b
http://security.debian.org/dists/slink/updates/source/glibc_2.0.7.19981211.orig.tar.gz
MD5 checksum: 91724410e14a2b2b719dc44cf95067f1
Intel ia32 architecture:
http://security.debian.org/dists/slink/updates/binary-i386/libc6-dbg_2.0.7.19981211-6.3_i386.deb
MD5 checksum: 0642d23a5535c266b8ded9f5db1d0aa2
http://security.debian.org/dists/slink/updates/binary-i386/libc6-dev_2.0.7.19981211-6.3_i386.deb
MD5 checksum: 25a4ea99261834928afb208491ae3b23
http://security.debian.org/dists/slink/updates/binary-i386/libc6-pic_2.0.7.19981211-6.3_i386.deb
MD5 checksum: 999c8024a1afb6c972379cf92f81251a
http://security.debian.org/dists/slink/updates/binary-i386/libc6_2.0.7.19981211-6.3_i386.deb
MD5 checksum: aa1e224108d653c9d7f5fdc8c62e51fb
http://security.debian.org/dists/slink/updates/binary-i386/locales_2.0.7.19981211-6.3_i386.deb
MD5 checksum: ec5b14e87f3db3dbc0448c9d72276ef1
http://security.debian.org/dists/slink/updates/binary-i386/timezones_2.0.7.19981211-6.3_i386.deb
MD5 checksum: 34f86dde61ac8b5725eff2cf891858cc
- --
- ----------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
dpkg-ftp:ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQB1AwUBObUJ5KjZR/ntlUftAQGJEwL/UFR6YWwQ9furE8vwxgQHD7UHQaChV/A5
8UCufQ/QBam6X6LKpWTBtplWctRk5DzH4A78MMZ0aMvuWB07WBINc+Yk1PgrLzCz
xMYF7okdASDTMSWuXO0goMgViBfqioPE
=ZhPq
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed