[6583] in bugtraq
SECURITY: lpr-0.31 now available
daemon@ATHENA.MIT.EDU (Erik Troan)
Thu Apr 23 14:54:10 1998
Date: Thu, 23 Apr 1998 11:41:14 -0400
Reply-To: redhat-list@redhat.com
From: Erik Troan <ewt@REDHAT.COM>
X-To: redhat-announce-list@redhat.com
To: BUGTRAQ@NETSPACE.ORG
More buffer overflows have been found in lpr 0.30 as released on
Saturday. As these flaws may allow users to gain root access to the
local system, Red Hat Software recommends that all users upgrade to
lpr 0.31 immediately.
Thanks to Niall Smart for finding this problem.
Red Hat 5.0
-------------
i386:
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/lpr-0.31-1.i386.rpm
alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/alpha/lpr-0.31-1.alpha.rpm
Red Hat 4.2
-------------
i386:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/lpr-0.31-0.i386.rpm
alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/lpr-0.31-0.alpha.rpm
SPARC:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/lpr-0.31-0.sparc.rpm
