[12067] in bugtraq
Re: Linux GNOME exploit
daemon@ATHENA.MIT.EDU (Slackware Security Team)
Thu Sep 30 14:08:07 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.9909291739120.31945-100000@www.slackware.com>
Date: Wed, 29 Sep 1999 17:52:59 -0700
Reply-To: Slackware Security Team <security@SLACKWARE.COM>
From: Slackware Security Team <security@SLACKWARE.COM>
X-To: Ron DuFresne <dufresne@WINTERNET.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.GSO.4.05.9909290227060.11603-100000@tundra.winternet.com>
On Wed, 29 Sep 1999, Ron DuFresne wrote:
> Also, since slackware as well <slackware 4.0> documents:
>
> - Large repository of contributed software compiled and ready to run. This
> includes GNOME 1.0.
It doesn't include any setuid programs linked with the GNOME libraries
(not a good idea), and isn't vulnerable to this problem. Try looking next
time.
> The GNOME troubles were cross posted to slackware-security@slackware.com,
> though, this looks to be a dead list since nothing has rooled backout of
> it for two days....
You must have prior approval to post on slackware-security. Security
reports should be mailed to this address, or support@slackware.com. If
they're legit, we'll pass them along to the list.
Take care,
Pat
---
Patrick J. Volkerding
volkerdi@slackware.com
