Debian alert: glibc update for Debian GNU/Linux 2.1 (update)

Posted by dave on Sep 5, 2000 6:58 AM EDT
Mailing list
Mail this story
Print this story

Recently two problems have been found in the glibc suite, which could be used to trick setuid applications to run arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----

- ------------------------------------------------------------------------
Debian Security Advisory                             security@debian.org
http://www.debian.org/security/                         Wichert Akkerman
September  5, 2000
- ------------------------------------------------------------------------


Package: glibc
Vulnerability: local exploit
Debian-specific: no

Recently two problems have been found in the glibc suite, which could be
used to trick setuid applications to run arbitrary code.

An earlier advisory listed the updates for Debian 2.2/potato. This
advisory contains updates for Debian 2.1/slink. For information
about the found problems please see the previous advisory which is
available online at http://www.debian.org/security/2000/20000902 .

UPDATE: the packages mentioned in the previous problem had a bug
that prevented some patches from being applied. This has been
fixed in version 2.0.7.19981211-6.3 .

wget url
	will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.1 alias slink
- ------------------------------------

  Fixed packages are available for the Intel ia32 architecture.

  Source archives:
    http://security.debian.org/dists/slink/updates/source/glibc_2.0.7.19981211-6.3.diff.gz
      MD5 checksum: 2b311a94e69a4a7f68cb0102e196a44b
    http://security.debian.org/dists/slink/updates/source/glibc_2.0.7.19981211-6.3.dsc
      MD5 checksum: f3952ccdd5915da0dcc86666e63ef63b
    http://security.debian.org/dists/slink/updates/source/glibc_2.0.7.19981211.orig.tar.gz
      MD5 checksum: 91724410e14a2b2b719dc44cf95067f1

  Intel ia32 architecture:
    http://security.debian.org/dists/slink/updates/binary-i386/libc6-dbg_2.0.7.19981211-6.3_i386.deb
      MD5 checksum: 0642d23a5535c266b8ded9f5db1d0aa2
    http://security.debian.org/dists/slink/updates/binary-i386/libc6-dev_2.0.7.19981211-6.3_i386.deb
      MD5 checksum: 25a4ea99261834928afb208491ae3b23
    http://security.debian.org/dists/slink/updates/binary-i386/libc6-pic_2.0.7.19981211-6.3_i386.deb
      MD5 checksum: 999c8024a1afb6c972379cf92f81251a
    http://security.debian.org/dists/slink/updates/binary-i386/libc6_2.0.7.19981211-6.3_i386.deb
      MD5 checksum: aa1e224108d653c9d7f5fdc8c62e51fb
    http://security.debian.org/dists/slink/updates/binary-i386/locales_2.0.7.19981211-6.3_i386.deb
      MD5 checksum: ec5b14e87f3db3dbc0448c9d72276ef1
    http://security.debian.org/dists/slink/updates/binary-i386/timezones_2.0.7.19981211-6.3_i386.deb
      MD5 checksum: 34f86dde61ac8b5725eff2cf891858cc

- -- 
- ----------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
dpkg-ftp:ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQB1AwUBObUJ5KjZR/ntlUftAQGJEwL/UFR6YWwQ9furE8vwxgQHD7UHQaChV/A5
8UCufQ/QBam6X6LKpWTBtplWctRk5DzH4A78MMZ0aMvuWB07WBINc+Yk1PgrLzCz
xMYF7okdASDTMSWuXO0goMgViBfqioPE
=ZhPq
-----END PGP SIGNATURE-----


  Nav
» Read more about: Story Type: Security; Groups: Debian

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.