Recently, a security problem
was foud in the lsof package. Debian has issued an update for their
users.
-----BEGIN PGP SIGNED MESSAGE----- We have received reports that the lsof package is distributed in Debian GNU/Linux 2.0 contains a buffer overflow. Using this overflow it is possible for local users to gain root-access. We have fixed this problem in version 4.37-3. We recommend you upgrade your lsof package immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.0 alias hamm - ------------------------------- This version of Debian was released only for the Intel and the Motorola 68xxx architecture. Source archives: ftp://ftp.debian.org/debian/dists/proposed-updates/lsof_4.37-3.diff.gz MD5 checksum: d85b3e241693c64c64a523dbc36227ef ftp://ftp.debian.org/debian/dists/proposed-updates/lsof_4.37-3.dsc MD5 checksum: 55472cf9e28bddc396ddda653b064a29 ftp://ftp.debian.org/debian/dists/proposed-updates/lsof_4.37.orig.tar.gz MD5 checksum: af883ff0eb3b1c0f0134a79f18158257 Intel architecture: ftp://ftp.debian.org/debian/dists/proposed-updates/lsof-2.0.35_4.37-3_i386.deb MD5 checksum: e91000cbaaf9661a1fbb1a268fb5cf7b Motorola 680x0 architecture: ftp://ftp.debian.org/debian/dists/proposed-updates/lsof-2.0.36_4.37-3_m68k.deb MD5 checksum: 09aa6eccd186a12aeb152f265e37c8b2 These files will be moved into ftp://ftp.debian.org/debian/dists/hamm/*/binary-$arch/ soon. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . - -- Debian GNU/Linux . Security Managers . security@debian.org debian-security-announce@lists.debian.org Christian Hudon . Wichert Akkerman . Martin Schulze <chrish@debian.org> . <wakkerma@debian.org> . <joey@debian.org> -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQB1AwUBNtcR4ajZR/ntlUftAQFVBgMAg0A/HjleQ3ljBjggOVQ4VEGvkV8WP6Y6 /N9Jak7HP2Wy8hG7W/Wq5cZ0+JWwLPNDv6MbPItCCuIrC8803hm5ie6hpiAo8fiS o/xS6VcJTeBGxF/2UXz7vvS7AA/FuaNc =g5Hf -----END PGP SIGNATURE-----