>-- Mensaje Original -- >Date: Mon, 14 Mar 2005 17:22:59 +0100 (CET) >To: debian-security-announce@lists.debian.org (Debian Security Announcements) >From: [EMAIL PROTECTED] (Martin Schulze) >Subject: [SECURITY] [DSA 693-1] New luxman packages fix local root exploit >Reply-To: debian-security@lists.debian.org > > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >- -------------------------------------------------------------------------- >Debian Security Advisory DSA 693-1 [EMAIL PROTECTED] >http://www.debian.org/security/ Martin Schulze >March 14, 2005 http://www.debian.org/security/faq >- -------------------------------------------------------------------------- > >Package : luxman >Vulnerability : buffer overflow >Problem-Type : local >Debian-specific: no >CVE ID : CAN-2005-0385 > >Kevin Finisterre discovered a buffer overflow in luxman, an SVGA based >PacMan clone, that could lead to the execution of arbitrary commands >as root. > >For the stable distribution (woody) this problem has been fixed in >version 0.41-17.2. > >For the unstable distribution (sid) this problem has been fixed in >version 0.41-20. > >We recommend that you upgrade your luxman package. > > >Upgrade Instructions >- -------------------- > >wget url > will fetch the file for you >dpkg -i file.deb > will install the referenced file. > >If you are using the apt-get package manager, use the line for >sources.list as given below: > >apt-get update > will update the internal database >apt-get upgrade > will install corrected packages > >You may use an automated update by adding the resources from the >footer to the proper configuration. > > >Debian GNU/Linux 3.0 alias woody >- -------------------------------- > > Source archives: > > http://security.debian.org/pool/updates/main/l/luxman/luxman_0.41-17.2.dsc > Size/MD5 checksum: 570 a55086f936bbcfe22598ac0aeb94f8da > > http://security.debian.org/pool/updates/main/l/luxman/luxman_0.41-17.2.diff.gz > Size/MD5 checksum: 7105 8719173e012bab5680d138d25e30b619 > > http://security.debian.org/pool/updates/main/l/luxman/luxman_0.41.orig.tar.gz > Size/MD5 checksum: 268279 aa389327578e2d65f3f5035193e407cb > > Intel IA-32 architecture: > > > http://security.debian.org/pool/updates/main/l/luxman/luxman_0.41-17.2_i386.deb > Size/MD5 checksum: 290762 c4123222e992a37dcf609768a20e7e8f > > > These files will probably be moved into the stable distribution on > its next update. > >- >--------------------------------------------------------------------------------- >For apt-get: deb http://security.debian.org/ stable/updates main >For dpkg-ftp: ftp://security.debian.org/debian-security >dists/stable/updates/main >Mailing list: debian-security-announce@lists.debian.org >Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> > >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.4.0 (GNU/Linux) > >iD8DBQFCNbpiW5ql+IAeqTIRAhtSAJ0d3a6I8wMPZUxKMaOGXtd5oZ7MJgCeI3NF >FIFFNlRq/R/T9Qs2asyHLSo= >=NXet >-----END PGP SIGNATURE----- > > >-- >To UNSUBSCRIBE, email to [EMAIL PROTECTED] >with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
______________________________________________________________________ Obtenga gratis su cuenta @Argentina.com con AntiVirus, 20mb de espacio, acceso POP3 y SMTP en 24 ciudades www.Argentina.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]