5261191 2000-07-08 00:24 /95 rader/ Postmaster
Mottagare: Bugtraq (import) <11645>
Ärende: inn update
------------------------------------------------------------
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Delivered-To: bugtraq@securityfocus.com
X-Authentication-Warning: devel.danen.net: vdanen set sender t
vdanen@mandrakesoft.com using -f
Mail-Followup-To: security-announce@linux-mandrake.com
mdk-security@freezer-burn.org, bugtraq@securityfocus.com
linux-security@redhat.com
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.2.2i
X-Operating-System: Linux Mandrake 2.2.15-4mdk i586
Message-ID: <20000707131211.A5735@mandrakesoft.com>
Date: Fri, 7 Jul 2000 13:12:11 -0600
Reply-To: vdanen@mandrakesoft.com
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: Vincent Danen <vdanen@mandrakesoft.com>
Organization: Danen Consulting Services (www.danen.net)
X-To: security-announce@linux-mandrake.com
X-cc: mdk-security@freezer-burn.org, linux-security@redhat.com
To: BUGTRAQ@SECURITYFOCUS.COM
_____________________________________________________________________
Linux-Mandrake Security Update Advisory.
_____________________________________________________________________
Date: July 7th, 2000
Package name: inn
Affected versions: 6.0, 6.1, 7.0, 7.1
Problem: A vulnerability exists when verifycancels is enabled in
/etc/news/inn.conf. This vulnerability could be used to gain root
access on any system with inn installed.
Please upgrade to:
md5sum: 8d76f507f7111048dbb65e4b4418015d
6.0/RPMS/inews-2.2-13mdk.i586.rpm
md5sum: 2f55fd16b4a6423b1e7c6dc919a9940f
6.0/RPMS/inn-2.2-13mdk.i586.rpm
md5sum: 85709c0479537e4fabdf7f159723ec0e
6.0/RPMS/inn-devel-2.2-13mdk.i586.rpm
md5sum: 06f33642731ec3f24cb67038bfb67e9e
6.0/SRPMS/inn-2.2-13mdk.src.rpm
md5sum: 0c7d289d3335126504e23ebcb2ac8df9
6.1/RPMS/inews-2.2-13mdk.i586.rpm
md5sum: e89291adbbccd244bef4ef7a0f699276
6.1/RPMS/inn-2.2-13mdk.i586.rpm
md5sum: 1a1f6e554928761887eb99f468e3d82a
6.1/RPMS/inn-devel-2.2-13mdk.i586.rpm
md5sum: 06f33642731ec3f24cb67038bfb67e9e
6.1/SRPMS/inn-2.2-13mdk.src.rpm
md5sum: 69a81deaf708d282c9c54606645239bd
7.0/RPMS/inews-2.2.2-6mdk.i586.rpm
md5sum: 26fe527cfc5ae46e732a37a5e617c250
7.0/RPMS/inn-2.2.2-6mdk.i586.rpm
md5sum: 78d6553703f493bc795a61595174e024
7.0/RPMS/inn-devel-2.2.2-6mdk.i586.rpm
md5sum: fc3ec63010930e50aed0cea3bb316023
7.0/SRPMS/inn-2.2.2-6mdk.src.rpm
md5sum: c9218a4698fefd7f6e24757c7f6d140b
7.1/RPMS/inews-2.2.2-6mdk.i586.rpm
md5sum: 8a642083edcada45518966496a6fc5d4
7.1/RPMS/inn-2.2.2-6mdk.i586.rpm
md5sum: bde6519c5192f706d83db0a3aa78fb94
7.1/RPMS/inn-devel-2.2.2-6mdk.i586.rpm
md5sum: fc3ec63010930e50aed0cea3bb316023
7.1/SRPMS/inn-2.2.2-6mdk.src.rpm
To upgrade automatically, use « MandrakeUpdate ». If you want to
upgrade manually, download the updated package from one of our FTP
server mirrors and uprade with "rpm -Uvh package_name". All mirrors
are listed on http://www.mandrake.com/en/ftp.php3. Updated packages
are available in the "updates/" directory.
For example, if you are looking for an updated RPM package for
Mandrake 7.1, look for it in: updates/7.1/RPMS/
Notes:
- We give the md5 sum for each package. It lets you check the integrity of
the downloaded package by running the md5sum command on the package
("md5sum package.rpm").
- You generally do not need to download the source package with a
.src.rpm
suffix
- All the updated packages are listed on the website on
http://www.linux-mandrake.com/en/fupdates.php3
- To subscribe/unsubscribe from the "security-announce" list and
subscribe/unsubscribe from the "security-discuss" list see:
http://www.linux-mandrake.com/en/flists.php3#security
(5261191) ------------------------------------------(Ombruten)