-----BEGIN PGP SIGNED MESSAGE----- We have received reports that the lsof package is distributed in Debian GNU/Linux 2.0 contains a buffer overflow. Using this overflow it is possible for local users to gain root-access. We have fixed this problem in version 4.37-3. We recommend you upgrade your lsof package immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.0 alias hamm - ------------------------------- This version of Debian was released only for the Intel and the Motorola 68xxx architecture. Source archives: ftp://ftp.debian.org/debian/dists/proposed-updates/lsof_4.37-3.diff.gz MD5 checksum: d85b3e241693c64c64a523dbc36227ef ftp://ftp.debian.org/debian/dists/proposed-updates/lsof_4.37-3.dsc MD5 checksum: 55472cf9e28bddc396ddda653b064a29 ftp://ftp.debian.org/debian/dists/proposed-updates/lsof_4.37.orig.tar.gz MD5 checksum: af883ff0eb3b1c0f0134a79f18158257 Intel architecture: ftp://ftp.debian.org/debian/dists/proposed-updates/lsof-2.0.35_4.37-3_i386.deb MD5 checksum: e91000cbaaf9661a1fbb1a268fb5cf7b Motorola 680x0 architecture: ftp://ftp.debian.org/debian/dists/proposed-updates/lsof-2.0.36_4.37-3_m68k.deb MD5 checksum: 09aa6eccd186a12aeb152f265e37c8b2 These files will be moved into ftp://ftp.debian.org/debian/dists/hamm/*/binary-$arch/ soon. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . - -- Debian GNU/Linux . Security Managers . securityat_private debian-security-announceat_private Christian Hudon . Wichert Akkerman . Martin Schulze <chrishat_private> . <wakkermaat_private> . <joeyat_private> -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQB1AwUBNtcR4ajZR/ntlUftAQFVBgMAg0A/HjleQ3ljBjggOVQ4VEGvkV8WP6Y6 /N9Jak7HP2Wy8hG7W/Wq5cZ0+JWwLPNDv6MbPItCCuIrC8803hm5ie6hpiAo8fiS o/xS6VcJTeBGxF/2UXz7vvS7AA/FuaNc =g5Hf -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-security-announce-requestat_private with a subject of "unsubscribe". Trouble? Contact listmasterat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:37:49 PDT