--FcSpk3Icpd/Pbul4
Content-Type: text/plain; charset=us-ascii
One year ago, we have received a report from SGI that a vulnerability
has been discovered in the seyon program which can lead to a root
compromise. Any user who can execute the seyon program can exploit
this vulnerability.
However, the license of Seyon doesn't permit us to provide a fix, now
is the Seyon author responsive, nor do we have a patch, nor do we know
an exploit and can't develop a fixe therefore.
We recommend you switch to minicom instead.
The maintainer of Seyon told us the following:
I notice from reading the SGI announcement that their problem is
a root exploit because of a setuid Seyon. The Seyon we ship is
not setuid, so I doubt we'll have a serious problem.
--
Debian GNU/Linux . Security Managers . securityat_private
debian-security-announceat_private
Christian Hudon . Wichert Akkerman . Martin Schulze
<chrishat_private> . <wakkermaat_private> . <joeyat_private>
--FcSpk3Icpd/Pbul4
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
iQCVAwUBN7xlIBRNm5Suj3z1AQGe+AP/Vi5ujmQOO678or6aA2vbeBMdoV7ka9U4
I6R4bDkB2PgHqPI0cn0pNKaGedJSFTitswnbs47cbTebKeRmV8gaxtK2kBQiO7kt
II0GG5nk26YyP/c3EVlttEdtHIWbixILnsl9s3bI0fDhBUiByK6I18SCwSPlJWH4
Bi+YQJXRemY=
=mIOA
-----END PGP SIGNATURE-----
--FcSpk3Icpd/Pbul4--
--
To UNSUBSCRIBE, email to debian-security-announce-requestat_private
with a subject of "unsubscribe". Trouble? Contact listmasterat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:57:43 PDT