Slackware alert: klogd Kernel Logger vulnerability and fix
A string format / buffer overflow bug has been discovered in klogd, the kernel
logging daemon. Please upgrade to the new sysklogd 1.4 package available on
the Slackware FTP site.
|
|
A string format / buffer overflow bug has been discovered in klogd, the kernel
logging daemon. Please upgrade to the new sysklogd 1.4 package available on
the Slackware FTP site.
=========================================================================
sysklogd 1.4 AVAILABLE - (a1/sysklogd.tgz)
=========================================================================
PACKAGE INFORMATION:
--------------------
a1/sysklogd.tgz:
This package contains a new version of klogd (1.4) which is not vulnerable
to this string format hole. Most users will have a previous version
installed, and should upgrade to the new version on the FTP site.
WHERE TO FIND THE NEW PACKAGES:
-------------------------------
All new packages can be found in the -current branch:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/a1/sysklogd.tgz
MD5 SIGNATURES AND CHECKSUMS:
-----------------------------
Here are the md5sums and checksums for the packages:
d2a7c649c19fc14e6668c583feaf62ae a1/sysklogd.tgz
4100951056 58926 a1/sysklogd.tgz
INSTALLATION INSTRUCTIONS:
--------------------------
The packages above should be upgraded in single user mode (runlevel
1). Bring the system into runlevel 1:
# telinit 1
Then upgrade the packages:
# upgradepkg <package name>.tgz
Then bring the system back into multiuser mode:
# telinit 3
Remember, it's also a good idea to back up configuration files before
upgrading packages.
+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back. Follow the instructions to |
| complete the unsubscription. Do not reply to this message to |
| unsubscribe! |
+------------------------------------------------------------------------+
- Slackware Linux Security Team
http://www.slackware.com
|
This topic does not have any threads posted yet!
You cannot post until you login.