[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[update] security/undated/1svgalib.wml (1.6 -> 1.7)

From: SUGIYAMA Tomoaki <tomos@xxxxxxxxxxxxxxxx>
Subject: [update] security/undated/1svgalib.wml (1.6 -> 1.7)
Date: Mon, 2 Feb 2004 12:57:18 +0900
List-help: <mailto:debian-www-ctl@debian.or.jp?body=help>
List-id: debian-www.debian.or.jp
List-owner: <mailto:debian-www-admin@debian.or.jp>
List-post: <mailto:debian-www@debian.or.jp>
List-software: fml [fml 4.0.3 release (20011202/4.0.3)]
List-unsubscribe: <mailto:debian-www-ctl@debian.or.jp?body=unsubscribe>
X-apparently-from: <debuanjp@xxxxxxxxxxx>
X-ml-info: If you have a question, send e-mail with the body "help" (without quotes) to the address debian-www-ctl@debian.or.jp; help=<mailto:debian-www-ctl@debian.or.jp?body=help>
X-ml-name: debian-www
X-mlserver: fml [fml 4.0.3 release (20011202/4.0.3)]; post only (only members can post)
X-spam-level:
X-spam-status: No, hits=-2.5 required=10.0 tests=ISO2022JP_BODY,PATCH_UNIFIED_DIFF,SPAM_PHRASE_00_01 version=2.44
Message-id: <87broigmlm.wl%tomos@xxxxxxxxxxxxxxxx>
X-mail-count: 05536
User-agent: Wanderlust/2.11.22 (Wonderwall) SEMI/1.14.6 (Maruoka) FLIM/1.14.6 (Marutamachi) APEL/10.6 MULE XEmacs/21.4 (patch 12) (Portable Code) (i386-debian-linux)

杉山です。

標題のファイルの更新です。チェックをお願いします。

原文の差分:
http://cvs.debian.org/webwml/english/security/undated/1svgalib.wml.diff?r1=1.6&r2=1.7&cvsroot=webwml&diff_format=u

--
杉山友章

Index: security/undated/1svgalib.wml
===================================================================
RCS file: /cvs/webwml/webwml/japanese/security/undated/1svgalib.wml,v
retrieving revision 1.1
diff -u -r1.1 1svgalib.wml
--- security/undated/1svgalib.wml	17 Feb 2002 07:11:49 -0000	1.1
+++ security/undated/1svgalib.wml	2 Feb 2004 03:53:50 -0000
@@ -1,8 +1,19 @@
 <define-tag description>ローカルからの管理者特権の奪取</define-tag>
 <define-tag moreinfo>
 svgalib は適切に root 特権を放棄していません。
+
+<p>ksrt advisory からの引用:<br>
+svgalib 1.2.10 とそれ以前のものは適切に特権を無効にしません。
+そして保存されたユーザ ID の使用によって、svgalib アプリケーションはずっと
+バッファオーバーラン (スタックオーバーライト) の脆弱性を持ち続けます。
+
+<p>参照:
+<ul>
+<li><a href="http://www.attrition.org/security/advisory/ksrt/ksrt.001.svgalib.zgv";>Attrition.org advisory ksrt.001</a>
+<li><a href="http://lists.insecure.org/lists/bugtraq/1997/Jun/0128.html";>BugTraq mail list June 1997 (0128)</a>
+</ul>
 </define-tag>
 
 # do not modify the following line
 #include '$(ENGLISHDIR)/security/undated/1svgalib.data'
-#use wml::debian::translation-check translation="1.6"
+#use wml::debian::translation-check translation="1.7"

Prev by Date: [update] security/undated/1bliss.wml
Next by Date: Re: News/weekly/2004/04/index.wml
Previous by thread: [update] security/undated/1bliss.wml
Next by thread: [update] security/undated/1libdb.wml (1.6 -> 1.7)
Index(es):
- Date
- Thread