linux, säkerhet

5802801 2000-11-30 11:42 -0800  /31 rader/ Greg KH <greg@WIREX.COM>
Sänt av: joel@lysator.liu.se
Importerad: 2000-11-30  22:49  av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: greg@WIREX.COM
Mottagare: Bugtraq (import) <13985>
Ärende: Immunix OS Security update for bash 1.x
------------------------------------------------------------
-----------------------------------------------------------------------
	Immunix OS Security Advisory

Packages updated:	bash1
Effected products:	Immunix OS 6.2
Bugs Fixed:		immunix/1296
Date:			November 30, 2000
Advisory ID:		IMNX-2000-62-043-01
Author:			Greg Kroah-Hartman <greg@wirex.com>
-----------------------------------------------------------------------

Description:
  The << operator in bash 1.x used predictable filenames, which could
  lead to a potential denial of service attack.  This is the same
  vulnerability that tsch had.  It does not exist in bash2 

Package names and locations:
  Precompiled binary packages for Immunix 6.2 are available at:
    http://www.immunix.org/ImmunixOS/6.2/updates/RPMS/bash-1.14.7-23.6x_StackGuard.i386.rpm

  Source packages for Immunix 6.2 are available at:
    http://www.immunix.org/ImmunixOS/6.2/updates/SRPMS/bash-1.14.7-23.6x_StackGuard.src.rpm

md5sums of the packages:
  7811263e6a87a4334148ded8aa007007  bash-1.14.7-23.6x_StackGuard.i386.rpm
  001a53eb0da5feb3b26d959586b3486a  bash-1.14.7-23.6x_StackGuard.src.rpm

Online location of all updates for Immunix 6.2:
   http://www.immunix.org/ImmunixOS/6.2/updates/
(5802801) ------------------------------------------
Bilaga (application/pgp-signature) i text 5802802
5802802 2000-11-30 11:42 -0800  /10 rader/ Greg KH <greg@WIREX.COM>
Importerad: 2000-11-30  22:49  av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: greg@WIREX.COM
Mottagare: Bugtraq (import) <13986>
Bilaga (text/plain) till text 5802801
Ärende: Bilaga till: Immunix OS Security update for bash 1.x
------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6Jq2wAl5ylTeuKpURAt+TAJ44idbcYUXeItqbEVkwVjUvYTiLKgCdEhKs
+SG893Jt/UPTFg7Qq3eRurI=
=PsAh
-----END PGP SIGNATURE-----
(5802802) ------------------------------------------