Date: Tue, 18 Jul 2000 11:16:13 +0200
From: Oystein Viggen oysteivi@TRUSTIX.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Trustix Security Advisory – nfs-utils
Hi
A bug recently discovered in the nfs-utils package can
theoretically be used for gaining remote root. While there is
currently no known exploits for this hole “in the wild”, we suggest
that all users of Trustix Secure Linux 1.0x and 1.1 upgrade.
The new package is called nfs-utils-0.1.9.1-1tr.i586.rpm, and
can be found at:
http://www.trustix.net/download/Trustix/updates/1.1/RPMS/
ftp://ftp.trustix.com/pub/Trustix/updates/1.1/RPMS/
For source packages, switch RPMS in the URL with SRPMS.
All current updates have also been merged into the 1.1 tree and
iso-images availible at our download site.
Oystein
—
TSL developer