Conectiva Linux Security Announcement - ed

Date: Wed, 13 Dec 2000 18:28:25 -0200
From: secure@CONECTIVA.COM.BR
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: [CLA-2000:359] Conectiva Linux Security Announcement –
ed

CONECTIVA LINUX SECURITY ANNOUNCEMENT

PACKAGE   : ed
SUMMARY   : Insecure temporary file handling
DATE      : 2000-12-13 18:27:00
ID        : CLA-2000:359
RELEVANT
RELEASES  : 4.0, 4.0es, 4.1, 4.2, 5.0, 5.1, 6.0

DESCRIPTION
The “ed” editor creates temporary files in an insecure way, making
it vulnerable to symlink attacks.

SOLUTION
All users of the “ed” program should upgrade.

DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES

ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/pam-0.72-23cl.src.rpm

ftp://atualizacoes.conectiva.com.br/4.0/i386/pam-0.72-23cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/pam-0.72-23cl.src.rpm

ftp://atualizacoes.conectiva.com.br/4.0es/i386/pam-0.72-23cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/pam-0.72-23cl.src.rpm

ftp://atualizacoes.conectiva.com.br/4.1/i386/pam-0.72-23cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/pam-0.72-23cl.src.rpm

ftp://atualizacoes.conectiva.com.br/4.2/i386/pam-0.72-23cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/pam-0.72-23cl.src.rpm

ftp://atualizacoes.conectiva.com.br/5.0/i386/pam-0.72-23cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/pam-0.72-23cl.src.rpm

ftp://atualizacoes.conectiva.com.br/5.1/i386/pam-0.72-23cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/pam-0.72-23cl.src.rpm

ftp://atualizacoes.conectiva.com.br/6.0/RPMS/pam-0.72-23cl.i386.rpm

ADDITIONAL INSTRUCTIONS Users of Conectiva Linux version 6.0 or
higher may use apt to perform upgrades:
– add the following line to /etc/apt/sources.list if it is not
there yet (you may also use linuxconf to do this):

rpm [cncbr] ftp://atualizacoes.conectiva.com.br
6.0/conectiva updates

 - run:                 apt-get update
 - after that, execute: apt-get upgrade

Detailed instructions reagarding the use of apt and upgrade
examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en

All packages are signed with Conectiva’s GPG key. The key can be
obtained at http://www.conectiva.com.br/contato

Conectiva Linux Security Announcement – ed

Get the Free Newsletter!

Must Read

Redo Rescue: A Free and Easy Backup & Recovery Solution

JDownloader: An Open-Source Alternative to IDM (Install + Usage)

9to5Linux Weekly Roundup: March 16th, 2025

Linuxiac Weekly Wrap-Up: Week 11 (Mar 10 – 16, 2025)

Best Free and Open Source Alternatives to Progress ShareFile

Our Brands