[Please upgrade if you have xsok installed on any distribution -- Raju] This is an RFC 1153 digest. (1 message) ----------------------------------------------------------------------
Message-Id: <[EMAIL PROTECTED]> From: [EMAIL PROTECTED] (Martin Schulze) To: [EMAIL PROTECTED] Subject: [SECURITY] [DSA 405-1] New xsok packages fix local group games exploit Date: Tue, 30 Dec 2003 10:46:24 +0100 (CET) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 405-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze December 30th, 2003 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : xsok Vulnerability : missing privelige release Problem-Type : local Debian-specific: no CVE ID : CAN-2003-0949 Steve Kemp discovered a problem in xsok, a single player strategy game for X11, related to the Sokoban game, which leads a user to execute arbitrary commands under the GID of games. For the stable distribution (woody) this problem has been fixed in version 1.02-9woody2. For the unstable distribution (sid) this problem has been fixed in version 1.02-11. We recommend that you upgrade your xsok package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2.dsc Size/MD5 checksum: 575 5e3f7f8513b7fb3e8fa1ebfa56a2b4bc http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2.diff.gz Size/MD5 checksum: 5616 6c17b1f0201f583c770b42334be33cb4 http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02.orig.tar.gz Size/MD5 checksum: 114085 f961b329e6577ebefcaa0acece9c94c8 Alpha architecture: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_alpha.deb Size/MD5 checksum: 69860 45a8699a82fb7da43a4ca28f9579fb62 ARM architecture: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_arm.deb Size/MD5 checksum: 64018 0f2ac33af74901cd52d31cb23e2b5b4f Intel IA-32 architecture: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_i386.deb Size/MD5 checksum: 61822 35ede5adbfbdad30eb7ecdc1137f5f33 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_ia64.deb Size/MD5 checksum: 79138 5ff4f9683dce6582219d4907c3f3bc5c HP Precision architecture: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_hppa.deb Size/MD5 checksum: 68178 fa756bb317a7162ac9df2a0b0576ee9a Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_m68k.deb Size/MD5 checksum: 61204 6b32053cc307b3c9bfe4b3036fcab30f Big endian MIPS architecture: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_mips.deb Size/MD5 checksum: 68402 b23adc954aaf6a23ac3e118d9c4150b6 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_mipsel.deb Size/MD5 checksum: 68338 061b40e0768f906db728cf9d3b8574e6 PowerPC architecture: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_powerpc.deb Size/MD5 checksum: 64626 6f95af173c40cc7e2d00501d80c0e308 IBM S/390 architecture: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_s390.deb Size/MD5 checksum: 64706 42386e9b13539154f214a20c464b9988 Sun Sparc architecture: http://security.debian.org/pool/updates/main/x/xsok/xsok_1.02-9woody2_sparc.deb Size/MD5 checksum: 66278 4d061f87360819298c481eb17dd43881 These files will probably be moved into the stable distribution on its next revision. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: [EMAIL PROTECTED] Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/8UlwW5ql+IAeqTIRAivnAJ47ZNx8ciwmJef3TfpZpZDfbAR6XQCdFT5G AAiln4U8+sjX4HqeAMhjH8s= =PFVG -----END PGP SIGNATURE----- ------------------------------ End of this Digest ****************** -- Raj Mathur [EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F It is the mind that moves ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
