Date: Mon, 18 Sep 2000 19:32:01 -0300 To: lwn@lwn.net, bugtraq@securityfocus.com, security-alert@linuxsecurity.com, Subject: Conectiva Linux Security Announcement - sysklogd From: secure@conectiva.com.br ----------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT ----------------------------------------------------------------------- PACKAGE : sysklogd SUMMARY : Format bug in klogd and other issues DATE : 2000-09-18 19:31:00 RELEVANT RELEASES : 4.0, 4.0es, 4.1, 4.2, 5.0, prg gráficos, ecommerce, 5.1 ---------------------------------------------------------------------- DESCRIPTION Vulnerabilities have been found in the sysklogd package that, if exploited, would allow local users to obtain root access. It is also possible that a remote exploit could be used under certain circumstances. The main issue are two calls to Syslog in klogd.c which are vulnerable to a format string attack. SOLUTION All users must upgrade immediately. Please note that the syslog service must be restarted in order for the new version to be used. As root, issue the following command: /etc/rc.d/init.d/syslog restart We would like to thank Jouko Pynnönen for warning the linux distributions, Solar Designer for providing the main security fixes and Daniel Jacobowitz and the sysklogd maintainers and contributors for providing other fixes. DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/sysklogd-1.4-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.0/i386/sysklogd-1.4-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/sysklogd-1.4-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.0es/i386/sysklogd-1.4-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/sysklogd-1.4-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.1/i386/sysklogd-1.4-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/sysklogd-1.4-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.2/i386/sysklogd-1.4-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/sysklogd-1.4-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/sysklogd-1.4-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/sysklogd-1.4-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/sysklogd-1.4-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/sysklogd-1.4-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/sysklogd-1.4-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/sysklogd-1.4-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/sysklogd-1.4-1cl.i386.rpm ---------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key can be obtained at http://www.conectiva.com.br/contato ---------------------------------------------------------------------- subscribe: atualizacoes-anuncio-subscribe@bazar.conectiva.com.br unsubscribe: atualizacoes-anuncio-unsubscribe@bazar.conectiva.com.br