Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Security hole found in junkbuster program.

Nov 12, 1998, 04:23 (1 Talkback[s])

From the Debian security mailing list, Wichert Akkerman writes:

We have received reports that junkbuster had a couple buffer overflow
vulnerabilities.  We fixed those in version 2.0-3.2. All later version
are also not vulnerable. The patches were backported from 2.0.2 .

We recommend you upgrade your junkbuster package immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.0 alias hamm
-------------------------------

  This version of Debian was released only for the Intel and the
  Motorola 68xxx architecture.

  Source archives:
    ftp://ftp.debian.org/pub/debian/dists/proposed-updates/junkbuster_2.0-3.2.diff.gz
      MD5 checksum: b6f523b4a3a43761e58f98b971c0ad15
    ftp://ftp.debian.org/pub/debian/dists/proposed-updates/junkbuster_2.0-3.2.dsc
      MD5 checksum: 3a504521a91ef2e0e33d6c3a4a2352e8
    ftp://ftp.debian.org/pub/debian/dists/hamm/main/source/web/junkbuster_2.0.orig.tar.gz
      MD5 checksum: 8b0582f3001967964343f1fa5fe4c7aa

  Intel architecture:
    ftp://ftp.debian.org/pub/debian/dists/proposed-updates/junkbuster_2.0-3.2_i386.deb
      MD5 checksum: 7bb42ed33c19f49788d232b13119dc40

  Motorola 68xxx architecture:
    ftp://ftp.debian.org/pub/debian/dists/proposed-updates/junkbuster_2.0-3.2_m68k.deb
      MD5 checksum: e5bb0b3e5eae51140bcbd3b43f71b4cb


  These files will be moved into
  ftp://ftp.debian.org/debian/dists/hamm/*/binary-$arch/ soon.


For not yet released architectures please refer to the appropriate
directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .