To: suse-security@suse.com, suse-security-announce@suse.com Date: Fri, 21 Apr 2000 22:09:56 +0200 (MEST) From: marc@suse.de (Marc Heuse) Subject: [suse-security-announce] imwheel is not vulnerable Please note that a local root vulnerability has been found in the imwheel package, however: SuSE Linux is not affected We dont ship the vulnerable suidperl script. From the /usr/doc/packages/imwheel/README.SuSE file: For security reasons suid root installation as mentioned in the README file is disabled in the distribution. If you terminate/restart the X-Server all running instances of imwheel are killed anyway. Thank you for your attention. Greets, Marc -- Marc Heuse, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: marc@suse.de Function: Security Support & Auditing "lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka" Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C -- To unsubscribe, e-mail: suse-security-announce-unsubscribe@suse.com For additional commands, e-mail: suse-security-announce-help@suse.com