pjp Administrator
Joined: 16 Apr 2002 Posts: 20054
|
Posted: Sun Feb 02, 2003 6:52 pm Post subject: [gentoo-security] GLSA: slocate |
|
|
Daniel Ahlberg wrote: | - - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200302-02
- - --------------------------------------------------------------------
PACKAGE : slocate
SUMMARY : buffer overflow
DATE : 2003-02-02 13:36 UTC
EXPLOIT : local
- - --------------------------------------------------------------------
- From advisory:
"The overflow appears when the slocate is runned with two parameters:
- -c and -r, using as arguments a 1024 (or 10240, as Knight420 has
informed us earlier) bytes string."
Read the full advisory at
http://www.usg.org.uk/advisories/2003.001.txt
SOLUTION
It is recommended that all Gentoo Linux users who are running
sys-apps/slocate upgrade to slocate-2.7 as follows:
emerge sync
emerge -u slocate
emerge clean
- - --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - -------------------------------------------------------------------- |
Mailing List Archive: Unavailable _________________ Quis separabit? Quo animo? |
|