linux, säkerhet

6092330 2001-02-13 15:19 +0100  /50 rader/ Trustix Security Advisory Team <tsl@TRUSTIX.COM>
Sänt av: joel@lysator.liu.se
Importerad: 2001-02-14  02:42  av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: tsl@TRUSTIX.COM
Mottagare: Bugtraq (import) <15434>
Ärende: Trustix Security Advisory - proftpd, kernel
------------------------------------------------------------
From: Trustix Security Advisory Team <tsl@TRUSTIX.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Message-ID: <03wvausm0w.fsf@colargol.tihlde.hist.no>

Hi

Trustix has made available security updates for Trustix secure linux.

kernel: Trustix specific: no Distribution versions: All A race
condition in ptrace allows a malicious user to gain root.  A
signedness error in the sysctl interface also potentially allows a
user to gain root.

proftpd: Trustix specific: no Distribution versions: All Several
memory leaks connected to the USER and SIZE ftp commands leading to
potential DoS have been fixed.  Several other improvements have also
been made.

MD5Sums:
0c5f58bdaa46a3548a249e88458e713e  1.2/kernel-2.2.17-6tr.i586.rpm
2c4448c6ff20753ea6d56132657e377d  1.2/proftpd-1.2.0rc3-1tr.i586.rpm
b378af55cdf0cb09aa239eee5254fca9  1.1/proftpd-1.2.0rc3-1tr.i586.rpm

Attention:
When upgrading the kernel, follow the howto at:
http://www.trustix.net/doc/kernel-upgrade/kernel-upgrade.html

If an update is not available for your (old) version of Trustix Secure
Linux, use the closest one.Packages can be downloaded from:
ftp://ftp.trustix.net/pub/Trustix/updates/
http://www.trustix.net/pub/Trustix/updates/

Or from one of our mirrors:
http://www.trustix.net/mirrors.php3

1.2 users who have installed the optional SWUP-package (from
ftp://ftp.trustix.com/pub/Trustix/software/swup/) can use
'swup --upgrade' to automatically download and install the new
packages.  An exception to this is the kernel.

For a full update history of the 1.2 release, see:
ftp://ftp.trustix.com/pub/Trustix/updates/1.2/ChangeLog

Trustix Security Team
(6092330) --------------------------------(Ombruten)