Date: Fri, 28 Aug 1998 02:07:04 +0200
From: Martin Schulze <joey@kuolema.Infodrom.North.DE>
To: Debian Security Announcements <debian-security-announce@lists.debian.org>
Subject: [SECURITY] Current versions of lpr fixes security problem


--17pEHd4RhPHOinZp
Content-Type: text/plain; charset=us-ascii

We have received reports that buffer overflows in lprm may allow users
to gain root access to the local system.  We recommend that you use
the binaries from hamm or any newer release.

dpkg -i file.deb
        will install the referred file.

Debian GNU/Linux 2.0 alias hamm
-------------------------------

  Source archives:
    ftp://ftp.debian.org/debian/hamm/hamm/source/net/lpr_5.9-29.diff.gz
      MD5 checksum: c87354b7ae2d2378c21ded59669b0233
    ftp://ftp.debian.org/debian/hamm/hamm/source/net/lpr_5.9-29.dsc
      MD5 checksum: 81bf5193c72468c52bb4ad979aa1cc0d
    ftp://ftp.debian.org/debian/hamm/hamm/source/net/lpr_5.9.orig.tar.gz
      MD5 checksum: 30a796a5a71030bf080b939b35497894

  Intel architecture:
    ftp://ftp.debian.org/debian/hamm/hamm/binary-i386/net/lpr_5.9-29.deb
      MD5 checksum: 392214b6ac654dee8798223412716723

  Motorola 68xxx architecture:
    ftp://ftp.debian.org/debian/hamm/hamm/binary-m68k/net/lpr_5.9-29.deb
      MD5 checksum: 6cd4d38288d8d8253fee282d6447c96d


--
Debian GNU/Linux    .    Security Managers    .    security@debian.org

Christian Hudon <chrish@debian.org> . Martin Schulze <joey@debian.org>

--17pEHd4RhPHOinZp
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia

iQCVAwUBNeX0qBRNm5Suj3z1AQERgwP/f2dcjFBBb71fhlIdbMkfh1aDyyK0wz8d
zJ4S11MrTS+w2BReOJK14Oq8naX6xrNd0QNV2meiO5TUtkb9sYnqmOi6rBVBdDZn
zb7wSHpFAIypgJajcEM7dlDUsLQ85lchb9PHb/LNry5COX6hkvi7Zk4lZDx+Z4Da
1k14gmk1DwU=
=Jnbc
-----END PGP SIGNATURE-----

--17pEHd4RhPHOinZp--


--  
To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org