pjp Administrator
Joined: 16 Apr 2002 Posts: 20488
|
Posted: Wed May 14, 2003 3:28 am Post subject: [gentoo-security] GLSA: shadow (200305-02) |
|
|
Daniel Ahlberg wrote: | - - - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200305-02
- - - ---------------------------------------------------------------------
PACKAGE : shadow
SUMMARY : PAM workaround for OpenSSH user identification
DATE : 2003-05-13 10:13 UTC
EXPLOIT : remote
VERSIONS AFFECTED : <shadow-4.0.3-r5
FIXED VERSION : >=shadow-4.0.3-r5
CVE : CAN-2003-0190
- - - ---------------------------------------------------------------------
Updated shadow package that contains a workarkaround for OpenSSH user
identification problem discussed in
http://lab.mediaservice.net/advisory/2003-01-openssh.txt
SOLUTION
It is recommended that all Gentoo Linux users who are running
sys-apps/shadow upgrade to shadow-4.0.3-r5 as follows:
emerge sync
emerge shadow
emerge clean
- - - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz
- - - --------------------------------------------------------------------- |
Mailing List Archive: Unavailable _________________ Quis separabit? Quo animo? |
|