Conectiva Linux Security Announcement - sysklogd | Linux Today

Conectiva Linux Security Announcement – sysklogd

Written By
Web Webster
Web Webster
Dec 20, 2000

Date: Mon, 18 Sep 2000 19:32:01 -0300
From: secure@CONECTIVA.COM.BR
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Conectiva Linux Security Announcement – sysklogd


CONECTIVA LINUX SECURITY ANNOUNCEMENT

PACKAGE   : sysklogd
SUMMARY   : Format bug in klogd and other issues
DATE      : 2000-09-18 19:31:00
RELEVANT
RELEASES  : 4.0, 4.0es, 4.1, 4.2, 5.0, prg gráficos, ecommerce, 5.1

DESCRIPTION
Vulnerabilities have been found in the sysklogd package that, if
exploited, would allow local users to obtain root access. It is
also possible that a remote exploit could be used under certain
circumstances. The main issue are two calls to Syslog in klogd.c
which are vulnerable to a format string attack.

SOLUTION
All users must upgrade immediately. Please note that the syslog
service must be restarted in order for the new version to be used.
As root, issue the following command:

/etc/rc.d/init.d/syslog restart

We would like to thank Jouko Pynnönen for warning the linux
distributions, Solar Designer for providing the main security fixes
and Daniel Jacobowitz and the sysklogd maintainers and contributors
for providing other fixes.

DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES

ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/sysklogd-1.4-1cl.src.rpm


ftp://atualizacoes.conectiva.com.br/4.0/i386/sysklogd-1.4-1cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/sysklogd-1.4-1cl.src.rpm


ftp://atualizacoes.conectiva.com.br/4.0es/i386/sysklogd-1.4-1cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/sysklogd-1.4-1cl.src.rpm


ftp://atualizacoes.conectiva.com.br/4.1/i386/sysklogd-1.4-1cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/sysklogd-1.4-1cl.src.rpm


ftp://atualizacoes.conectiva.com.br/4.2/i386/sysklogd-1.4-1cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/sysklogd-1.4-1cl.src.rpm


ftp://atualizacoes.conectiva.com.br/5.0/i386/sysklogd-1.4-1cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/sysklogd-1.4-1cl.src.rpm


ftp://atualizacoes.conectiva.com.br/5.1/i386/sysklogd-1.4-1cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/sysklogd-1.4-1cl.src.rpm


ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/sysklogd-1.4-1cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/sysklogd-1.4-1cl.src.rpm


ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/sysklogd-1.4-1cl.i386.rpm


All packages are signed with Conectiva’s GPG key. The key can be
obtained at http://www.conectiva.com.br/contato

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.