Debian alert: gpm (gpm-root) format string vulnerabilities
The package 'gpm' contains the 'gpm-root' program, which can be used to
create mouse-activated menus on the console.
Among other problems, the gpm-root program contains a format string
vulnerability, which allows an attacker to gain root privileges.
|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-095-1 security@debian.org
http://www.debian.org/security/ Robert van der Meulen
December 27, 2001
- ------------------------------------------------------------------------
Package : gpm
Problem type : local root vulnerability
Debian-specific: no
The package 'gpm' contains the 'gpm-root' program, which can be used to
create mouse-activated menus on the console.
Among other problems, the gpm-root program contains a format string
vulnerability, which allows an attacker to gain root privileges.
This has been fixed in version 1.17.8-18.1, and we recommend that you upgrade
your 1.17.8-18 package immediately.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.2 alias potato
- ---------------------------------
Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
Source archives:
http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8-18.1.diff.gz
MD5 checksum: 8c48aa1656391d3755c289a87db13bf0
http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8-18.1.dsc
MD5 checksum: bafbe8ffe73d3b5783e9841f1894af77
http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8.orig.tar.gz
MD5 checksum: 9d50c299bf925996546efaf32de1db7b
Alpha architecture:
http://security.debian.org/dists/stable/updates/main/binary-alpha/gpm_1.17.8-18.1_alpha.deb
MD5 checksum: 0e50705cadfd58777d02fa6806c10bdf
http://security.debian.org/dists/stable/updates/main/binary-alpha/libgpmg1-dev_1.17.8-18.1_alpha.deb
MD5 checksum: cbeeeac3795318255126814d71b7b945
http://security.debian.org/dists/stable/updates/main/binary-alpha/libgpmg1_1.17.8-18.1_alpha.deb
MD5 checksum: f5dd9e395259b037d20e013e112a55e8
ARM architecture:
http://security.debian.org/dists/stable/updates/main/binary-arm/gpm_1.17.8-18.1_arm.deb
MD5 checksum: 6b41896ddfed4a119d17e5d8e8391384
http://security.debian.org/dists/stable/updates/main/binary-arm/libgpmg1-dev_1.17.8-18.1_arm.deb
MD5 checksum: f02444fc5a9a6a7c7da0e1cb19df24a6
http://security.debian.org/dists/stable/updates/main/binary-arm/libgpmg1_1.17.8-18.1_arm.deb
MD5 checksum: 0ae3eb96377394d65e0e8031d0019147
Intel IA-32 architecture:
http://security.debian.org/dists/stable/updates/main/binary-i386/gpm_1.17.8-18.1_i386.deb
MD5 checksum: 18c837abec8360db146681d2a713177a
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpm1-altdev_1.17.8-18.1_i386.deb
MD5 checksum: f60aa2b9720ee597f18fa3fa86a8af6e
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpm1_1.17.8-18.1_i386.deb
MD5 checksum: 815a1e90fe36e603f0803f92b6898f19
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpmg1-dev_1.17.8-18.1_i386.deb
MD5 checksum: 514a1baee569e548349f7c4dc2941f3d
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpmg1_1.17.8-18.1_i386.deb
MD5 checksum: 52014c36f8155a0c89e9ade02d91cdbe
Motorola 680x0 architecture:
http://security.debian.org/dists/stable/updates/main/binary-m68k/gpm_1.17.8-18.1_m68k.deb
MD5 checksum: ce61772d26c799bce33d729ed7fc67b7
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpm1-altdev_1.17.8-18.1_m68k.deb
MD5 checksum: 923894ee7bdc1a8e648881eaf5f372da
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpm1_1.17.8-18.1_m68k.deb
MD5 checksum: 019de1ecb144e3d10b5978ea640a24c4
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpmg1-dev_1.17.8-18.1_m68k.deb
MD5 checksum: 88d75f4b1f85e6aee903f886b311e127
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpmg1_1.17.8-18.1_m68k.deb
MD5 checksum: 1ea940b2e3c5d7fade43d75ed3253569
PowerPC architecture:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/gpm_1.17.8-18.1_powerpc.deb
MD5 checksum: aa2415e6f489af235e173d6d5a69b05f
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libgpmg1-dev_1.17.8-18.1_powerpc.deb
MD5 checksum: cd823ce39eb4125ed4a8dd0c17362107
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libgpmg1_1.17.8-18.1_powerpc.deb
MD5 checksum: 0188cb6c4ffd82a146812e53c1387918
Sun Sparc architecture:
http://security.debian.org/dists/stable/updates/main/binary-sparc/gpm_1.17.8-18.1_sparc.deb
MD5 checksum: b703c2e30b52446508f18951551839a3
http://security.debian.org/dists/stable/updates/main/binary-sparc/libgpmg1-dev_1.17.8-18.1_sparc.deb
MD5 checksum: b8a75b6ab45f649b9e458cf778545a9e
http://security.debian.org/dists/stable/updates/main/binary-sparc/libgpmg1_1.17.8-18.1_sparc.deb
MD5 checksum: fa4ae1bda04f3b13622d6e6bc9ffcb35
These packages will be moved into the stable distribution on its next
revision.
For not yet released architectures please refer to the appropriate
directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
- --
- ----------------------------------------------------------------------------
apt-get: deb http://security.debian.org/ stable/updates main
dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8K4LkFLJHZigagQ4RAqikAKC7ogsUzIlAreE5/Mki78uqCnvPpgCgqdRl
t+b1OntlAE3rvVNBC/0vej8=
=ByVf
-----END PGP SIGNATURE-----
|
This topic does not have any threads posted yet!
You cannot post until you login.