Date: Tue, 7 Nov 2000 16:39:52 -0700 From: Kurt Seifried <seifried@SECURITYPORTAL.COM> Subject: LSLID:2000110701 - Kondara - dump To: LINUX-SECURITY@LISTSERV.SECURITYPORTAL.COM LSLID:2000110701 [mod note]: been a quite few days dump(2000/11/04) Description The "dump" packages included in Kondara MNU/Linux 1.2 has a vulnerability, that allows suid root execution of other executables. You should update the following software packages. Thank you! RPMS/SRPMS alpha: ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/security/alpha/dum p-0.4b19-2k.alpha.rpm ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/security/alpha/dum p-static-0.4b19-2k.alpha.rpm ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/security/alpha/rmt -0.4b19-2k.alpha.rpm i586: ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/security/i586/dump -0.4b19-2k.i586.rpm ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/security/i586/dump -static-0.4b19-2k.i586.rpm ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/security/i586/rmt- 0.4b19-2k.i586.rpm SRPMS: ftp://ftp.jaist.ac.jp/os/linux/kondara/Kondara-1.2/errata/security/SRPMS/SRPMS/d ump-0.4b19-2k.nosrc.rpm