----------------------------------------------------------------------- Immunix OS Security Advisory Packages updated: vixie-cron Affected products: Immunix OS 6.2, 7.0-beta, and 7.0 Bugs Fixed: immunix/1326 Date: February 20, 2001 Advisory ID: IMNX-2001-70-003-01 Author: Greg Kroah-Hartman <[EMAIL PROTECTED]> ----------------------------------------------------------------------- Description: RedHat has released an updated version of the vixie-cron packages which fixes a number of buffer overflows that could lead to a possible security problem by allowing a local user to gain elevated privileges. This problem was originally found by flatline <[EMAIL PROTECTED]> and posted to the BugTraq mailing list on Feb 11, 2001. For more information on the problem, please see the original post at: http://marc.theaimsgroup.com/?l=bugtraq&m=98200814418344&w=2 Immunix has tested the versions of the vixie-cron packages that are shipped with Immunix OS 6.2, 7.0-beta, and 7.0 and they are not vulnerable to the buffer overflow (due to the use of the StackGuard compiler). However, we are making updated packages available for those users who want to upgrade. Package names and locations: Precompiled binary packages for Immunix 6.2 are available at: http://immunix.org/ImmunixOS/6.2/updates/RPMS/vixie-cron-3.0.1-40.1_StackGua rd.i386.rpm Source package for Immunix 6.2 is available at: http://immunix.org/ImmunixOS/6.2/updates/SRPMS/vixie-cron-3.0.1-40.1_StackGu ard.src.rpm Precompiled binary package for Immunix 7.0-beta and 7.0 is available at: http://immunix.org/ImmunixOS/7.0/updates/RPMS/vixie-cron-3.0.1-61_imnx.i386. rpm Source package for Immunix 7.0-beta and 7.0 is available at: http://immunix.org/ImmunixOS/7.0/updates/SRPMS/vixie-cron-3.0.1-61_imnx.src. rpm md5sums of the packages: 2d254dc6bb1ddac47984dfabe6fc601d vixie-cron-3.0.1-40.1_StackGuard.i386.rpm 8ee160ce59989746e81aa909af132f7c vixie-cron-3.0.1-40.1_StackGuard.src.rpm ad9a2a5a1e359943b64f5d812508b672 vixie-cron-3.0.1-61_imnx.i386.rpm 91a38f643d1026e8aff9a0ed48478048 vixie-cron-3.0.1-61_imnx.src.rpm Online version of all Immunix 6.2 updates and advisories: http://immunix.org/ImmunixOS/6.2/updates/ Online version of all Immunix 7.0-beta updates and advisories: http://immunix.org/ImmunixOS/7.0-beta/updates/ Online version of all Immunix 7.0 updates and advisories: http://immunix.org/ImmunixOS/7.0/updates/ NOTE: Ibiblio is graciously mirroring our updates, so if the links above are slow, please try: ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/ or one of the many mirrors available at: http://www.ibiblio.org/pub/Linux/MIRRORS.html -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]