![[LWN Logo]](/images/lc.png) |
|
![[Timeline]](/images/Included.png) |
Date: Tue, 11 Jul 2000 14:55:30 -0600
From: Kurt Seifried <listuser@SEIFRIED.ORG>
Subject: Fw: New man packages availible
To: BUGTRAQ@SECURITYFOCUS.COM
----- Original Message -----
From: Erlend Midttun <erlendbm@trustix.com>
To: <tsl-announce@trustix.com>
Sent: Tuesday, July 11, 2000 6:47 AM
Subject: New man packages availible
Hi
We have released new man packages, fixing the hole in makewhatis, on our
www/ftp/rsync site.
The hole allows any local user to trick the makewhatis script into
overwriting any file on the system, making this update fairly
critical. The hole can not trivially be used to gain higher privileges
on the system.
All users of TSL, 1.0x and 1.1, are encouraged to upgrade to this
version of the man package.
URLs:
Binary:
http://www.trustix.net/download/Trustix/updates/1.1/RPMS/man-1.5g-11tr.i586.
rpm
ftp://ftp.trustix.com/pub/Trustix/updates/1.1/RPMS/man-1.5g-11tr.i586.rpm
Source:
http://www.trustix.net/download/Trustix/updates/1.1/SRPMS/man-1.5g-11tr.src.
rpm
ftp://ftp.trustix.com/pub/Trustix/updates/1.1/SRPMS/man-1.5g-11tr.src.rpm
Erlend..
--
Erlend Midttun erlendbm@trustix.com
Product Development Manager, Trustix Secure Linux
http://www.tihlde.org/~erlendbm/ A Unix Admin
Java, the sendmail of WWW
-
To unsubscribe, send a message to majordomo@trustix.com with the
following line in the BODY:
unsubscribe tsl-announce