[31367] in bugtraq
GLSA: vmware (200308-03.1)
daemon@ATHENA.MIT.EDU (Daniel Ahlberg)
Tue Sep 2 13:56:44 2003
To: gentoo-announce@gentoo.org, bugtraq@securityfocus.com,
full-disclosure@lists.netsys.com
Message-Id: <20030901134241.8207F9FBB1@noc.internal.fairytale.se>
Date: Mon, 1 Sep 2003 15:42:41 +0200 (CEST)
From: aliz@gentoo.org (Daniel Ahlberg)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200308-03.1
- - - ---------------------------------------------------------------------
PACKAGE : vmware
SUMMARY : insecure symbolic links
DATE : 2003-09-01 13:42 UTC
EXPLOIT : local
VERSIONS AFFECTED : <vmware-workstation-4.0.2.5592
FIXED VERSION : >=vmware-workstation-4.0.2.5592
CVE :
- - - ---------------------------------------------------------------------
The previous GLSA 200308-03 was wrong when it stated that
vmware-workstation-4.0.1-5289 would fix the problems described in the
advisory.
SOLUTION
It is recommended that all Gentoo Linux users who are running
app-emulation/vmware-workstation-4.x upgrade to
vmware-workstation-4.0.1-5289 as follows
emerge sync
emerge \=app-emulation/vmware-workstation/vmware-workstation-4.0.2.5592
emerge clean
- - - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz
- - - ---------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/U0zRfT7nyhUpoZMRAhh1AKC4xNS3mE4ub4NcBufMhbxl0EZgdQCfZqbY
QbX+wWrTeZJawox7cWMY4/k=
=7SA8
-----END PGP SIGNATURE-----
