[LWN Logo]
[Timeline]
Date:         Mon, 9 Oct 2000 14:00:07 +0200
From: TSL Team <tsl@TRUSTIX.COM>
Subject:      Trustix Security Advisory - tmpwatch
To: BUGTRAQ@SECURITYFOCUS.COM

Hi

All versions of Trustix Secure Linux have hitherto been shipped with a
version of tmpwatch that can be tricked into excessive fork()ing filling
up the process table, requiring the box to be rebooted. The version of
tmpwatch can also, in certain cases, be tricked into giving local users
a root shell.

All users of TSL should upgrade to the new rpm:
tmpwatch-2.6.2-1tr.i586.rpm  (MD5sum: 3200b3812bfe6e87f326e240fed0686a)

This file can be found at:
http://www.trustix.net/download/Trustix/updates/1.1/RPMS/
or
ftp://ftp.trustix.com/pub/Trustix/updates/1.1/RPMS/

Questions or comments? Feel free to ask us at tsl@trustix.com.

TSL Team