[prev in list] [next in list] [prev in thread] [next in thread]
List: redhat-announce
Subject: SECURITY: util-linux-2.5-39 (RH4.2)
From: Marcin Bohosiewicz <marcus () venus ! wis ! pk ! edu ! pl>
Date: 1997-12-22 0:29:27
[Download RAW message or body]
Hi!
Security problem have been found chfn tool, which didn't test length of
strings, which have been written by user. If those strings were too long
other applications, while read /etc/passwd, had a "Segmentation fault" and
corruped /etc/passwd file structure.
All this problem has been described in BUGTRAQ list. I prepared patch,
which correct this bug. I uploaded it to ftp.redhat.com/pub/incoming
(files: util-linux-2.5-39.src.rpm and util-linux-2.5-39.i386.rpm).
They are also available on my ftp server:
ftp://venus.krakow.linux.org.pl/pub/marcus/RPMS/util-linux-2.5-39.i386.rpm
ftp://venus.krakow.linux.org.pl/pub/marcus/SRPMS/util-linux-2.5-39.src.rpm
My packages are PGP-signed (public key available on my ftp-server
in /pub/marcus directory).
Best regards.
Martin
-| == Marcin Bohosiewicz marcus@venus.wis.pk.edu.pl == |-
-| == tel. +48 (0-601) 48-50-97 marcus@krakow.linux.org.pl == |-
-| == Strona Domowa - http://venus.wis.pk.edu.pl/marcus/ == |-
-| == PLUG - Komisja Rewizyjna - http://www.linux.org.pl/ == |-
--
To unsubscribe:
mail -s unsubscribe redhat-announce-list-request@redhat.com < /dev/null
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic