[LWN Logo]
[Timeline]
Date:         Tue, 21 Nov 2000 15:38:51 -0600
From:         Bryan Paxton <bpaxton@SECURITYPORTAL.COM>
Subject:      LSLID:2000112103 - Immunix - joe - IMNX-2000-70-007-01
To:           LINUX-SECURITY@LISTSERV.SECURITYPORTAL.COM

LSLID:2000112103



-----------------------------------------------------------------------
        Immunix OS Security Advisory

Packages updated:       joe
Effected products:      Immunix OS 6.2, Immunix OS 7.0-beta
Bugs Fixed:             immunix/1293
Date:                   November 21, 2000
Advisory ID:            IMNX-2000-70-007-01
Author:                 Greg Kroah-Hartman <greg@wirex.com>
-----------------------------------------------------------------------

Description:
  A local root exploit is possible if the root user is running the joe
  editor.
  This problem was originally found by Patrik Birgersson of Wkit
  Security AB (see http://www.securityfocus.com/archive/1/145305 for
  more information.)

  This problem effects both Immunix 6.2 and 7.0 beta.  Packages have
  been created and released for both versions.

Package names and locations:
  Precompiled binary packages for Immunix 6.2 are available at:

 http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/joe-2.8-42.62_StackGu
ard.i386.rpm

  Source packages for Immunix 6.2 are available at:

 http://www.immunix.org:8080/ImmunixOS/6.2/updates/SRPMS/joe-2.8-42.62_StackG
uard.src.rpm

  Precompiled binary packages for Immunix System 7 beta are available at:

 http://www.immunix.org:8080/ImmunixOS/7.0-beta/updates/RPMS/joe-2.8-43_Stack
Guard.i386.rpm

  Source packages for Immunix 7.0 are available at:

 http://www.immunix.org:8080/ImmunixOS/7.0-beta/updates/SRPMS/joe-2.8-43_Stac
kGuard.src.rpm

md5sums of the packages:
  218717db00d428575d87187e3434193d
 6.2/updates/SRPMS/joe-2.8-42.62_StackGuard.src.rpm
 8cc21d3c9e077aa16be381ce25f1c4b5
 6.2/updates/RPMS/joe-2.8-42.62_StackGuard.i386.rpm

  56831a982a06cdf37e5c358b2f41aa34
 7.0-beta/updates/RPMS/joe-2.8-43_StackGuard.i386.rpm
 13cde529ffe31325eb2d704ca66d06f1
 7.0-beta/updates/SRPMS/joe-2.8-43_StackGuard.src.rpm