[1377] in linux-security and linux-alert archive
[linux-security] BoS: hmm..seen this one?
daemon@ATHENA.MIT.EDU (Richard Jones)
Thu Jan 16 00:55:51 1997
Date: Thu, 16 Jan 1997 11:32:15 +1100
From: Richard Jones <richard@a42.deep-thought.org>
Reply-To: best-of-security@suburbia.net
To: best-of-security@suburbia.net
X-Resent-From: best-of-security@suburbia.net
Resent-From: Yuri Volobuev <volobuev@t1.chem.umn.edu>
Resent-To: linux-security@redhat.com
------- Forwarded Message
Return-Path: redhat-announce-list-request@redhat.com
Return-Path: <redhat-announce-list-request@redhat.com>
Received: from mail2.redhat.com ([199.183.24.247]) by a42.deep-thought.org
with smtp id m0vkfIy-0024vtC
(Debian Smail-3.2 1996-Jul-4 #2); Thu, 16 Jan 1997 11:03:40 +1100 (EST)
Received: (qmail 21028 invoked by uid 501); 16 Jan 1997 00:02:55 -0000
Resent-Date: 16 Jan 1997 00:02:55 -0000
Resent-Cc: recipient list not shown: ;
MBOX-Line: From redhat-announce-list-request@redhat.com Wed Jan 15 19:02:52
Approved: proff@suburbia.net
1997
Approved: marc@redhat.com
Date: Wed, 15 Jan 1997 15:18:11 -0500 (EST)
From: Erik Troan <ewt@redhat.com>
Reply-To: Erik Troan <ewt@redhat.com>
To: redhat-announce-list@redhat.com
Subject: SECURITY: Important bug fix for /sbin/login
Message-ID: <Pine.LNX.3.93.970114225211.29704B-100000@redhat.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Resent-Message-ID: <"-BtPN2.0._75.i0Nto"@mail2.redhat.com>
Resent-From: redhat-announce-list@redhat.com
X-Mailing-List: <redhat-announce-list@redhat.com> archive/latest/376
X-Loop: redhat-announce-list@redhat.com
Precedence: list
Resent-Sender: redhat-announce-list-request@redhat.com
X-URL: http://www.redhat.com
Their is a buffer overrun in /bin/login which has the potential to
allow any user of your system to gain root access. util-linux-2.5-29
contains a fix for this and is available for Red Hat Linux 4.0 on
all four platforms. We strongly recommend that all of Red Hat 4.0
usres apply this fix.
Users of Red Hat Linux versions earlier then 4.0 should upgrade to 4.0 and
then apply all available security pacakges.
Users whose computers have direct internet connections may apply
this update by using one of the following commands:
Intel:
rpm -Uvh ftp://ftp.redhat.com/updates/4.0/i386/util-linux-2.5-29.i386.rpm
Alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/4.0/axp/util-linux-2.5-29.axp.rpm
SPARC:
rpm -Uvh ftp://ftp.redhat.com/updates/4.0/sparc/util-linux-2.5-29.sparc.rpm
All of these packages have been signed with Red Hat's PGP key.
Erik
- -----------------------------------------------------------------------------
--
| I told you I'm not very bright -- Sugar in "Some Like It Hot" |
| "RPM is the greatest thing since swap-space" - Bryan C. Andregg
| |
| Erik Troan = ewt@redhat.com = ewt@sunsite.unc.edu |
- --
To unsubscribe:
mail -s unsubscribe redhat-announce-list-request@redhat.com < /dev/null
------- End of Forwarded Message