---

Home Security

Debian Security Advisory: Package: mtr

By

Date: Thu, 9 Mar 2000 07:00:36 +0100
From: Wichert Akkerman wichert@soil.nl
To: debian-security-announce@lists.debian.org
Subject: [SECURITY] New version of mtr released

Debian Security Advisory security@debian.org
http://www.debian.org/security/
Wichert Akkerman
March 9, 2000

Package: mtr
Vulnerability type: possible local exploit
Debian-specific: no

The version of mtr as distributed in Debian GNU/Linux 2l1 (aka
slink) did not drop root privileges correctly. While there are no
known exploits it is conceivable that a weakness in gtk or ncurses
could be used to exploit this.

This has been fixed in version 0.28-1, and we recommend that you
upgrade your mtr package.

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

Debian GNU/Linux 2.1 alias slink

This version of Debian was released only for Intel ia32, the
Motorola 680×0, the alpha and the Sun sparc architecture.

Source archives:

http://security.debian.org/dists/stable/updates/source/mtr_0.28-1.diff.gz

MD5 checksum: a4fd6dbcc3b50914299b5de93d4b4ce8

http://security.debian.org/dists/stable/updates/source/mtr_0.28-1.dsc

MD5 checksum: 4570f1d02c68225e5819c0d41a9efb45

http://security.debian.org/dists/stable/updates/source/mtr_0.28.orig.tar.gz

MD5 checksum: 40074f51f01fbd295f330401175f9223

Alpha architecture:

http://security.debian.org/dists/stable/updates/binary-alpha/mtr_0.28-1_alpha.deb

MD5 checksum: 2aafabb8fe0e618030cdd5a5cab20769

Intel ia32 architecture:

http://security.debian.org/dists/stable/updates/binary-i386/mtr_0.28-1_i386.deb

MD5 checksum: b1f0fdfa4d213531bd613b69ebe62b14

Motorola 680×0 architecture:

http://security.debian.org/dists/stable/updates/binary-m68k/mtr_0.28-1_m68k.deb

MD5 checksum: 6c2089822ed8283885ccd6ab3564bf08

Sun Sparc architecture:

http://security.debian.org/dists/stable/updates/binary-sparc/mtr_0.28-1_sparc.deb

MD5 checksum: 024ee70deac4dcb0a78b2cb5eedd287e

These files will be moved into
ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/
soon.

For not yet released architectures please refer to the
appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/
.

For apt-get: deb http://security.debian.org/
stable updates
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates
Mailing list: debian-security-announce@lists.debian.org

Complete Story
Previous article
Next article

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.