Date: Mon, 5 Jun 2000 23:51:46 +0200
From: Wichert Akkerman wichert@soil.nl
To: debian-security-announce@lists.debian.org
Subject: [SECURITY] New version of splitvt released (update)
Debian Security Advisory security@debian.org http://www.debian.org/security/ Wichert Akkerman June 5, 2000
Package: splitvt
Vulnerability: local root exploit
Debian-specific: no
This is an update to the previous splitvt advisory. The previous
release had incorrrect addresses for the updates for Debian
GNU/Linux potato.
The version of splitvt distributed in Debian GNU/Linux 2.1
(a.k.a. slink), as well as in the frozen (potato) and unstable
(woody) distributions, is vulnerable to a local buffer overflow.
This could be exploited to give a shell running as root.
This has been fixed in versions 1.6.3-7.0slink1 and 1.6.3-7.1,
and we recommend that you update your splitvt package
immediately.
Debian GNU/Linux 2.1 alias slink
This version of Debian was released only for Intel ia32, the
Motorola 680×0, the Alpha, and the Sun Sparc architecture.
Source archives:
http://security.debian.org/dists/stable/updates/source/splitvt_1.6.3-7.0slink1.diff.gz
MD5 checksum: 883b177488cb1618e757169c383ef563
http://security.debian.org/dists/stable/updates/source/splitvt_1.6.3-7.0slink1.dsc
MD5 checksum: 73b1d7633a59d0b34aefd38409ceaa8e
http://security.debian.org/dists/stable/updates/source/splitvt_1.6.3.orig.tar.gz
MD5 checksum: e95e166145ec51d2a9d80aa6472f9f98
Alpha architecture:
http://security.debian.org/dists/stable/updates/binary-alpha/splitvt_1.6.3-7.0slink1_alpha.deb
MD5 checksum: 52ed7478ad363584cd9f21577abd0365
Intel ia32 architecture:
http://security.debian.org/dists/stable/updates/binary-i386/splitvt_1.6.3-7.0slink1_i386.deb
MD5 checksum: 3531a6ec3009862cd4a3c671a0fa2204
Motorola 680×0 architecture:
http://security.debian.org/dists/stable/updates/binary-m68k/splitvt_1.6.3-7.0slink1_m68k.deb
MD5 checksum: 467646eef73e0285a4ef5d3d2aaa0939
Sun Sparc architecture:
http://security.debian.org/dists/stable/updates/binary-sparc/splitvt_1.6.3-7.0slink1_sparc.deb
MD5 checksum: 0913b4bdbf5a66f915068322f1f133be
Debian 2.2 alias potato
This version of Debian is not yet released. Fixes are currently
available for Intel ia32 and the Sun Sparc architecture. Fixes for
other architectures will be available soon.
Source archives:
http://security.debian.org/dists/potato/updates/main/source/splitvt_1.6.3-7.1.diff.gz
MD5 checksum: 158e4c37b56d09e4fb7e6d4a1eda6551
http://security.debian.org/dists/potato/updates/main/source/splitvt_1.6.3-7.1.dsc
MD5 checksum: c7924da369529b09acf6a7234ec07c08
http://security.debian.org/dists/potato/updates/main/source/splitvt_1.6.3.orig.tar.gz
MD5 checksum: e95e166145ec51d2a9d80aa6472f9f98
Intel ia32 architecture:
http://security.debian.org/dists/potato/updates/main/binary-i386/splitvt_1.6.3-7.1_i386.deb
MD5 checksum: d814d49f46f8108590554abc8ed79737
Sun Sparc architecture:
http://security.debian.org/dists/potato/updates/main/binary-sparc/splitvt_1.6.3-7.1_sparc.deb
MD5 checksum: 4197c4e30fe5e9f48187ba8df3526c7b
Debian Unstable alias woody
A fix will be available in the unstable archive soon.
For apt-get: deb http://security.debian.org/
stable updates
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates
Mailing list: debian-security-announce@lists.debian.org