Nitro
Bodhisattva
Joined: 08 Apr 2002
Posts: 661
Location: San Francisco
|
 Posted: Tue Mar 11, 2003 12:58 pm Post subject: [gentoo-security] GLSA: file (200303-8) |
 |
|
| Daniel Ahlberg wrote: | - - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200303-8
- - ---------------------------------------------------------------------
PACKAGE : file
SUMMARY : buffer overflow
DATE : 2003-03-08 22:11 UTC
EXPLOIT : local
VERSIONS AFFECTED : <3.41
FIXED VERSION : =>3.41
CVE : CAN-2003-0102
- - ---------------------------------------------------------------------
- From advisory:
"The file(1) command contains a buffer overflow vulnerability that can
be leveraged by an attacker to execute arbitrary code under the
privileges of another user."
Read the full advisory at:
http://www.idefense.com/advisory/03.04.03.txt
SOLUTION
It is recommended that all Gentoo Linux users who are running
sys-apps/file upgrade to file-3.41 as follows:
emerge sync
emerge file
emerge clean
- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz
- - --------------------------------------------------------------------- |
Mailing List Archive: Unavailable
_________________
- Kyle Manna
Please, please SEARCH before posting.
There are three kinds of people in the world: those who can count, and those who can't. |
|
News & Announcements
