[1583] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] URGENT: Update to ld.so advisory

daemon@ATHENA.MIT.EDU (KSR\[T\])
Fri Jul 18 11:05:10 1997

Date: Fri, 18 Jul 1997 06:01:19 -0700 (PDT)
From: "KSR\[T\]" <ksrt@dec.net>
To: BUGTRAQ@NETSPACE.ORG
cc: linux-security@redhat.com
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com




Update to KSR[T] Advisory #002

Our advisory contained one serious piece of mis-information.  The latest
version of ld.so that we tested (1.9.2) still appeared to be 
vulnerable to this overflow.  

We strongly recommend that anyone running linux install the patch 
distributed with the advisory, or wait for your vendor to release
an updated ld.so package and install that as soon as possible.

The patch is available from our web site (http://www.dec.net/ksrt).

We apologize for any confusion this might have caused.

KSR[T] Team

-----
KSR[T] Website : http://www.dec.net/ksrt
E-mail: ksrt@dec.net


home help back first fref pref prev next nref lref last post