>> > Debian has >> > discovered this bug two years ago and fixed it. Therefore versions in >> > both, the stable and the unstable, distributions of Debian are not >> > vulnerable to this problem.. Regardless of which, I was successfully able to take advantage of the overflow on Debian (GNU/Linux) 2.1, every time, every machine. However the patch which was supplied to this list earlier in the week indeed fixes the issue. URL re-posted below... >> Does anyone know if Debian never sent the fix to Paul Vixie, or if it was >> sent and Paul "missed it"? Seems like a good question. But it's really old news at this point, and some of it has been for quite a while now. --Ethan -- Ethan King Unix Group, SSG. The MathWorks 1999 -- [re-posted from aleph1's forward from debian, earlier this week] We recommend you upgrade your cron package immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.1 alias slink -------------------------------- This version of Debian was released only for the Intel, the Motorola 68xxx, the alpha and the Sun sparc architecture. Source archives: http://security.debian.org/dists/stable/updates/source/cron_3.0pl1-50.2.diff .gz MD5 checksum: 96a4b55e06127c4a6cf31ee511227adb http://security.debian.org/dists/stable/updates/source/cron_3.0pl1-50.2.dsc MD5 checksum: 3998735f00d3f10a5e290227db6bf611 http://security.debian.org/dists/stable/updates/source/cron_3.0pl1.orig.tar. gz MD5 checksum: 4c64aece846f8483daf440f8e3dd210f Alpha architecture: http://security.debian.org/dists/stable/updates/binary-alpha/cron_3.0pl1-50. 2_alpha.deb MD5 checksum: cbab162fffd7dba71373b3eb62201b52 Intel ia32 architecture: http://security.debian.org/dists/stable/updates/binary-i386/cron_3.0pl1-50.2 _i386.deb MD5 checksum: 85d9ffff103d0121101b7b80817d0abe Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/binary-m68k/cron_3.0pl1-50.2 _m68k.deb MD5 checksum: 62a039991c237a92c4a3cdcef4a328d7 Sun Sparc architecture: http://security.debian.org/dists/stable/updates/binary-sparc/cron_3.0pl1-50. 2_sparc.deb MD5 checksum: 56f5e099ab621572b560706e1eec9ebb Debian GNU/Linux pre2.2 alias potato ------------------------------------ Source archives: http://security.debian.org/dists/unstable/updates/source/cron_3.0pl1-52.diff .gz MD5 checksum: f500a0dc7175d64de4822f159a51d739 http://security.debian.org/dists/unstable/updates/source/cron_3.0pl1-52.dsc MD5 checksum: 1a16af335a106805ecdd6585a75ee61a http://security.debian.org/dists/unstable/updates/source/cron_3.0pl1.orig.ta r.gz MD5 checksum: 4c64aece846f8483daf440f8e3dd210f Alpha architecture: http://security.debian.org/dists/unstable/updates/binary-alpha/cron_3.0pl1-5 2_alpha.deb MD5 checksum: 8e5246a79269b8f489a3cdb7efc41661 ARM architecture: http://security.debian.org/dists/unstable/updates/binary-arm/cron_3.0pl1-52_ arm.deb MD5 checksum: 8d103d4a60ec94d1f0fb07caabd34575 Intel ia32 architecture: http://security.debian.org/dists/unstable/updates/binary-i386/cron_3.0pl1-52 _i386.deb MD5 checksum: a7f8de4f43aa21e2fe94fe602c6c2c83 Motorola 680x0 architecture: http://security.debian.org/dists/unstable/updates/binary-m68k/cron_3.0pl1-52 _m68k.deb MD5 checksum: b2e866ecc10e95094202327eab5fc0fd PowerPC architecture: http://security.debian.org/dists/unstable/updates/binary-powerpc/cron_3.0pl1 -52_powerpc.deb MD5 checksum: 058a25564bc7c9c6fb153eafa0126cee Sun Sparc architecture: http://security.debian.org/dists/unstable/updates/binary-sparc/cron_3.0pl1-5 2_sparc.deb MD5 checksum: ed34f37c41d9322ba094ede04d8d2e16 For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . ---------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable updates For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates Mailing list: debian-security-announceat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:02:18 PDT