[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:27162] [SECURITY] [DSA-031-1] New version of sudo released (from debian-security-announce@lists.debian.org)

From: KISE Hiroshi <fuyuneko@xxxxxxxxxxxx>
Subject: [debian-users:27162] [SECURITY] [DSA-031-1] New version of sudo released (from debian-security-announce@lists.debian.org)
Date: Wed, 28 Feb 2001 22:26:06 +0900
X-dispatcher: imput version 20000414(IM141)
X-ml-info: If you have a question, send e-mail with the body "help" (without quotes) to the address debian-users-ctl@debian.or.jp; help=<mailto:debian-users-ctl@debian.or.jp?body=help>
X-ml-name: debian-users
X-mlserver: fml [fml 3.0pl#17]; post only (only members can post)
References: <20010228123231.77B7FFF73@xxxxxxxxxxxxxxxxxx>
Message-id: <200102281326.WAA29345@xxxxxxxxxxxxxxxxxxxxxxxxxx>
X-mail-count: 27162
X-mailer: Mew version 1.94.2 on Emacs 20.7 / Mule 4.0 (HANANOEN)

＃ システムができるまで、とりあえず。

概要だけ。potato用sudoにrootを取れるかもしれない
バッファオーバーフローバグが発見され、修正版が出ました。
アップグレードしてください、とのこと。

debian-security-announce@lists.debian.orgからの情報です。原文は、
http://lists.debian.org/debian-security-announce-01/msg00025.html
で読めるようになるはずです。Web版は、
http://www.debian.org/security/2001/dsa-031
になるでしょう(現時点では両方ともありません)。

以下、引用。

From: mstone@xxxxxxxxxxxxxxxxxx (Michael Stone)
Subject: [SECURITY] [DSA-031-1] New version of sudo released
Date: Wed, 28 Feb 2001 07:32:31 -0500 (EST)
> - ----------------------------------------------------------------------------
> Debian Security Advisory DSA-031-1                       security@debian.org
> http://www.debian.org/security/                                Michael Stone
> February 28, 2001
> - ----------------------------------------------------------------------------
> 
> Package: sudo
> Vulnerability: buffer overflow
> Debian-specific: no
> 
> Todd Miller announced a new version of sudo which corrects a buffer
> overflow that could potentially be used to gain root privilages on the
> local system. The fix from sudo 1.6.3p6 is available in sudo
> 1.6.2p2-1potato1 for Debian 2.2 (potato).
> 
> We recommend you upgrade your sudo package immediately.
> 
> wget url
> 	will fetch the file for you
> dpkg -i file.deb
>         will install the referenced file.
> 
> You may use an automated update by adding the resources from the
> footer to the proper configuration.
(略)
> - ----------------------------------------------------------------------------
> For apt-get: deb http://security.debian.org/ stable/updates main
> For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
> Mailing list: debian-security-announce@lists.debian.org
> Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
(略)
-- 
喜瀬“冬猫”浩＠南国沖縄

Prev by Date: [debian-users:27161] Re: Security information of Linuxdistributions
Next by Date: [debian-users:27163] Re: VFlib を使うと GPL 違反になってませんか？
Previous by thread: [debian-users:27161] Re: Security information of Linuxdistributions
Index(es):
- Date
- Thread