Debian Security Advisory: New version of elvis-tiny releasedNov 22, 2000, 21:15 (0 Talkback[s])
(Other stories by Martin Schulze)
Date: Wed, 22 Nov 2000 21:53:33 +0100
Debian Security Advisory firstname.lastname@example.org http://www.debian.org/security/ Martin Schulze November 22, 2000
Package : elvis-tiny Problem type : /tmp-file vulnerability Debian-specific: noTopi Miettinen audited elvis-tiny and raised an issue covering the use and creation of temporary files. Those files are created with a predictable pattern and O_EXCL flag is not used when opening. This makes users of elvis-tiny vulnerable to race conditions and/or data lossage.
This problem has been fixed in version 1.4-10 and we recommend that you upgrade your elvis-tiny packages immediately.
This problem does not exist in the big elvis package.
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.Debian GNU/Linux 2.1 alias slink
Slink is no longer being supported by the Debian Security Team. We highly recommend an upgrade to the current stable release.
Debian GNU/Linux 2.2 alias potato
Potato was released for the Alpha, ARM, Intel ia32, Motorola 680x0, PowerPC and Sun SPARC architectures. Fixes are available for all of them and will be included in 2.2r2.
Intel ia32 architecture:
Motorola 680x0 architecture:
Sun Sparc architecture:
These files will be moved into
Debian GNU/Linux Unstable alias woody
This version of Debian is not yet released.
Fixes are already installed in the archive for Alpha, ARM and Intel ia32. Fixes for Motorola 680x0, PowerPC, and SPARC will be made available in the Debian archive over the next several days.
For not yet released architectures please refer to the
apt-get: deb http://security.debian.org/