Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


New version of lsof for Debian GNU/Linux

Feb 26, 1999, 15:35 (0 Talkback[s])

Recently, a security problem was foud in the lsof package. Debian has issued an update for their users.

-----BEGIN PGP SIGNED MESSAGE-----

We have received reports that the lsof package is distributed in
Debian GNU/Linux 2.0 contains a buffer overflow. Using this overflow
it is possible for local users to gain root-access. We have fixed
this problem in version 4.37-3.

We recommend you upgrade your lsof package immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.0 alias hamm
- -------------------------------

  This version of Debian was released only for the Intel and the
  Motorola 68xxx architecture.


  Source archives:
    ftp://ftp.debian.org/debian/dists/proposed-updates/lsof_4.37-3.diff.gz
      MD5 checksum: d85b3e241693c64c64a523dbc36227ef
    ftp://ftp.debian.org/debian/dists/proposed-updates/lsof_4.37-3.dsc
      MD5 checksum: 55472cf9e28bddc396ddda653b064a29
    ftp://ftp.debian.org/debian/dists/proposed-updates/lsof_4.37.orig.tar.gz
      MD5 checksum: af883ff0eb3b1c0f0134a79f18158257

  Intel architecture:
    ftp://ftp.debian.org/debian/dists/proposed-updates/lsof-2.0.35_4.37-3_i386.deb
      MD5 checksum: e91000cbaaf9661a1fbb1a268fb5cf7b

  Motorola 680x0 architecture:
    ftp://ftp.debian.org/debian/dists/proposed-updates/lsof-2.0.36_4.37-3_m68k.deb
      MD5 checksum: 09aa6eccd186a12aeb152f265e37c8b2


  These files will be moved into
  ftp://ftp.debian.org/debian/dists/hamm/*/binary-$arch/ soon.


For not yet released architectures please refer to the appropriate
directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .

- -- 
Debian GNU/Linux      .    Security Managers     .   security@debian.org
              debian-security-announce@lists.debian.org
  Christian Hudon     .     Wichert Akkerman     .     Martin Schulze
<chrish@debian.org>   .   <wakkerma@debian.org>  .   <joey@debian.org>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQB1AwUBNtcR4ajZR/ntlUftAQFVBgMAg0A/HjleQ3ljBjggOVQ4VEGvkV8WP6Y6
/N9Jak7HP2Wy8hG7W/Wq5cZ0+JWwLPNDv6MbPItCCuIrC8803hm5ie6hpiAo8fiS
o/xS6VcJTeBGxF/2UXz7vvS7AA/FuaNc
=g5Hf
-----END PGP SIGNATURE-----