[17990] in bugtraq
Immunix OS Security update for tcsh
daemon@ATHENA.MIT.EDU (Greg KH)
Sun Dec 10 17:51:18 2000
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="VUDLurXRWRKrGuMn"
Content-Disposition: inline
Message-Id: <20001208134654.H8470@wirex.com>
Date: Fri, 8 Dec 2000 13:46:54 -0800
Reply-To: Greg KH <greg@WIREX.COM>
From: Greg KH <greg@WIREX.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
--VUDLurXRWRKrGuMn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
-----------------------------------------------------------------------
Immunix OS Security Advisory
Packages updated: tcsh
Effected products: Immunix OS 6.2, Immunix OS 7.0-beta
Bugs Fixed: immunix/1303
Date: December 4, 2000
Advisory ID: IMNX-2000-70-014-01
Author: Greg Kroah-Hartman <greg@wirex.com>
-----------------------------------------------------------------------
Description:
A problem was found in the tcsh shell released for Immunix OS 6.2 and
Immunix OS 7.0-beta that could lead to a root exploit through a temp
file bug. This vulnerability was first found by photon in the BugTraq
posting archived at http://www.securityfocus.com/archive/1/141897
=20
Packages have been created and released for both Immunix 6.2 and 7.0
beta.
Package names and locations:
Precompiled binary package for Immunix 6.2 are available at:
http://www.immunix.org/ImmunixOS/6.2/updates/RPMS/tcsh-6.10-0.6.x_Stack=
Guard.i386.rpm
Source package for Immunix 6.2 are available at:
http://www.immunix.org/ImmunixOS/6.2/updates/SRPMS/tcsh-6.10-0.6.x_Stac=
kGuard.src.rpm
Precompiled binary package for Immunix 7.0 beta are available at:
http://www.immunix.org/ImmunixOS/7.0-beta/updates/RPMS/tcsh-6.10-1_Stac=
kGuard.i386.rpm
Source package for Immunix 7.0 beta are available at:
http://www.immunix.org/ImmunixOS/7.0-beta/updates/SRPMS/tcsh-6.10-1_Sta=
ckGuard.src.rpm =20
md5sums of the packages:
604b1bdb21fa27e244cd9297328d5fc2 6.2/updates/RPMS/tcsh-6.10-0.6.x_StackG=
uard.i386.rpm
e127bb820fa6adae094072a86f22938f 6.2/updates/SRPMS/tcsh-6.10-0.6.x_Stack=
Guard.src.rpm
=20
0d8a2e6700e8a08f7325c87ea92222ee 7.0-beta/updates/RPMS/tcsh-6.10-1_Stack=
Guard.i386.rpm
9c1ec75734fe5643c1d5020ea3e47f47 7.0-beta/updates/SRPMS/tcsh-6.10-1_Stac=
kGuard.src.rpm =20
=20
Online version of all Immunix 6.2 updates and advisories:
http://www.immunix.org/ImmunixOS/6.2/updates/
Online version of all Immunix 7.0-beta updates and advisories:
http://www.immunix.org/ImmunixOS/7.0-beta/updates/
--VUDLurXRWRKrGuMn
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6MVbOAl5ylTeuKpURAljZAKC1h7hlYXt8cVrfck9TMKrHuwU5ngCePdRk
tbHZA1CQi51DhcXlUkjpFTg=
=YTc3
-----END PGP SIGNATURE-----
--VUDLurXRWRKrGuMn--
