Date: Tue, 18 Jul 2000 11:16:13 +0200 From: Oystein Viggen <oysteivi@TRUSTIX.COM> Subject: Trustix Security Advisory - nfs-utils To: BUGTRAQ@SECURITYFOCUS.COM Hi A bug recently discovered in the nfs-utils package can theoretically be used for gaining remote root. While there is currently no known exploits for this hole "in the wild", we suggest that all users of Trustix Secure Linux 1.0x and 1.1 upgrade. The new package is called nfs-utils-0.1.9.1-1tr.i586.rpm, and can be found at: http://www.trustix.net/download/Trustix/updates/1.1/RPMS/ ftp://ftp.trustix.com/pub/Trustix/updates/1.1/RPMS/ For source packages, switch RPMS in the URL with SRPMS. All current updates have also been merged into the 1.1 tree and iso-images availible at our download site. Oystein -- TSL developer