![[LWN Logo]](/images/lcorner.png) |
|
![[Timeline]](/images/Included.png) |
Date: Tue, 21 Nov 2000 15:38:51 -0600
From: Bryan Paxton <bpaxton@SECURITYPORTAL.COM>
Subject: LSLID:2000112103 - Immunix - joe - IMNX-2000-70-007-01
To: LINUX-SECURITY@LISTSERV.SECURITYPORTAL.COM
LSLID:2000112103
-----------------------------------------------------------------------
Immunix OS Security Advisory
Packages updated: joe
Effected products: Immunix OS 6.2, Immunix OS 7.0-beta
Bugs Fixed: immunix/1293
Date: November 21, 2000
Advisory ID: IMNX-2000-70-007-01
Author: Greg Kroah-Hartman <greg@wirex.com>
-----------------------------------------------------------------------
Description:
A local root exploit is possible if the root user is running the joe
editor.
This problem was originally found by Patrik Birgersson of Wkit
Security AB (see http://www.securityfocus.com/archive/1/145305 for
more information.)
This problem effects both Immunix 6.2 and 7.0 beta. Packages have
been created and released for both versions.
Package names and locations:
Precompiled binary packages for Immunix 6.2 are available at:
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/joe-2.8-42.62_StackGu
ard.i386.rpm
Source packages for Immunix 6.2 are available at:
http://www.immunix.org:8080/ImmunixOS/6.2/updates/SRPMS/joe-2.8-42.62_StackG
uard.src.rpm
Precompiled binary packages for Immunix System 7 beta are available at:
http://www.immunix.org:8080/ImmunixOS/7.0-beta/updates/RPMS/joe-2.8-43_Stack
Guard.i386.rpm
Source packages for Immunix 7.0 are available at:
http://www.immunix.org:8080/ImmunixOS/7.0-beta/updates/SRPMS/joe-2.8-43_Stac
kGuard.src.rpm
md5sums of the packages:
218717db00d428575d87187e3434193d
6.2/updates/SRPMS/joe-2.8-42.62_StackGuard.src.rpm
8cc21d3c9e077aa16be381ce25f1c4b5
6.2/updates/RPMS/joe-2.8-42.62_StackGuard.i386.rpm
56831a982a06cdf37e5c358b2f41aa34
7.0-beta/updates/RPMS/joe-2.8-43_StackGuard.i386.rpm
13cde529ffe31325eb2d704ca66d06f1
7.0-beta/updates/SRPMS/joe-2.8-43_StackGuard.src.rpm