[ISN] Security hole found in junkbuster program.

From: mea culpa (jerichoat_private)
Date: Thu Nov 12 1998 - 06:55:18 PST

  • Next message: mea culpa: "[ISN] Cracking the Code of Ethics"

    >From the Debian security mailing list, Wichert Akkerman writes:
    Security hole found in junkbuster program.
    Nov 12th, 04:23:15
    We have received reports that junkbuster had a couple buffer overflow
    vulnerabilities.  We fixed those in version 2.0-3.2. All later version are
    also not vulnerable. The patches were backported from 2.0.2 . 
    We recommend you upgrade your junkbuster package immediately.
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    Debian GNU/Linux 2.0 alias hamm
      This version of Debian was released only for the Intel and the
      Motorola 68xxx architecture.
      Source archives:
          MD5 checksum: b6f523b4a3a43761e58f98b971c0ad15
          MD5 checksum: 3a504521a91ef2e0e33d6c3a4a2352e8
          MD5 checksum: 8b0582f3001967964343f1fa5fe4c7aa
      Intel architecture:
          MD5 checksum: 7bb42ed33c19f49788d232b13119dc40
      Motorola 68xxx architecture:
          MD5 checksum: e5bb0b3e5eae51140bcbd3b43f71b4cb
      These files will be moved into
      ftp://ftp.debian.org/debian/dists/hamm/*/binary-$arch/ soon.
    For not yet released architectures please refer to the appropriate
    directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:11:06 PDT