[17900] in bugtraq
Immunix OS Security update for ghostscript
daemon@ATHENA.MIT.EDU (Greg KH)
Mon Dec 4 13:38:50 2000
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="EDJsL2R9iCFAt7IV"
Content-Disposition: inline
Message-Id: <20001201164109.U23287@wirex.com>
Date: Fri, 1 Dec 2000 16:41:09 -0800
Reply-To: Greg KH <greg@WIREX.COM>
From: Greg KH <greg@WIREX.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
--EDJsL2R9iCFAt7IV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
-----------------------------------------------------------------------
Immunix OS Security Advisory
Packages updated: ghostscript
Effected products: Immunix OS 6.2, Immunix OS 7.0-beta
Bugs Fixed: immunix/1299
Date: November 30, 2000
Advisory ID: IMNX-2000-70-010-01
Author: Greg Kroah-Hartman <greg@wirex.com>
-----------------------------------------------------------------------
Description:
The ghostscript program creates easily guessable temp files which can
lots of potential problems. It also uses improper LD_RUN_PATH values
which can cause it to search for libraries in the current directory.
=20
This problem effects both Immunix 6.2 and 7.0 beta. Packages have
been created and released for both versions.
Package names and locations:
Precompiled binary package for Immunix 6.2 are available at:
http://www.immunix.org/ImmunixOS/6.2/updates/RPMS/ghostscript-5.50-8_6.=
x_StackGuard.i386.rpm
Source package for Immunix 6.2 are available at:
http://www.immunix.org/ImmunixOS/6.2/updates/SRPMS/ghostscript-5.50-8_6=
.x_StackGuard.src.rpm
Precompiled binary package for Immunix System 7 beta are available at:
http://www.immunix.org/ImmunixOS/7.0-beta/updates/RPMS/ghostscript-5.50=
-8_StackGuard.i386.rpm
Source package for Immunix 7.0 are available at:
http://www.immunix.org/ImmunixOS/7.0-beta/updates/SRPMS/ghostscript-5.5=
0-8_StackGuard.src.rpm
md5sums of the packages:
ed34fdd9f58b404e80612b96430892d2 6.2/updates/RPMS/ghostscript-5.50-8_6.x=
_StackGuard.i386.rpm
8dcec9893aac66864a82890c554e8bb1 6.2/updates/SRPMS/ghostscript-5.50-8_6.=
x_StackGuard.src
863ae311e2ac05717a9a84b26faf2c37 7.0-beta/updates/RPMS/ghostscript-5.50-=
8_StackGuard.i386.rpm
397f59a1456d1955a76f05155e7e929d 7.0-beta/updates/SRPMS/ghostscript-5.50=
-8_StackGuard.src.rpm
Online version of all Immunix 6.2 updates and advisories:
http://www.immunix.org/ImmunixOS/6.2/updates/
Online version of all Immunix 7.0-beta updates and advisories:
http://www.immunix.org/ImmunixOS/7.0-beta/updates/
--EDJsL2R9iCFAt7IV
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6KEUlAl5ylTeuKpURAkldAJsFp7QhDZOepT/eMiPu7kGhb7HpSwCePqBY
ZOaM0wMZrP/azLao8tTk8ek=
=8lGG
-----END PGP SIGNATURE-----
--EDJsL2R9iCFAt7IV--
