|
| Current Newswire:
Debian Security Advisory: New version of elvis-tiny releasedNov 22, 2000, 21:15 (0 Talkback[s])(Other stories by Martin Schulze) Date: Wed, 22 Nov 2000 21:53:33 +0100 Debian Security Advisory security@debian.org http://www.debian.org/security/ Martin Schulze November 22, 2000 Package : elvis-tiny Problem type : /tmp-file vulnerability Debian-specific: noTopi Miettinen audited elvis-tiny and raised an issue covering the use and creation of temporary files. Those files are created with a predictable pattern and O_EXCL flag is not used when opening. This makes users of elvis-tiny vulnerable to race conditions and/or data lossage. This problem has been fixed in version 1.4-10 and we recommend that you upgrade your elvis-tiny packages immediately. This problem does not exist in the big elvis package. wget url will fetch the file for you dpkg -i file.deb will install the referenced file.Debian GNU/Linux 2.1 alias slink Slink is no longer being supported by the Debian Security Team. We highly recommend an upgrade to the current stable release. Debian GNU/Linux 2.2 alias potato Potato was released for the Alpha, ARM, Intel ia32, Motorola 680x0, PowerPC and Sun SPARC architectures. Fixes are available for all of them and will be included in 2.2r2. Source archives: Alpha architecture: ARM architecture: Intel ia32 architecture: Motorola 680x0 architecture: PowerPC architecture: Sun Sparc architecture: These files will be moved into Debian GNU/Linux Unstable alias woody This version of Debian is not yet released. Fixes are already installed in the archive for Alpha, ARM and Intel ia32. Fixes for Motorola 680x0, PowerPC, and SPARC will be made available in the Debian archive over the next several days. For not yet released architectures please refer to the
appropriate directory apt-get: deb http://security.debian.org/
stable/updates main |