93129 2003-03-07 18:23 /40 rader/ Daniel Ahlberg <aliz@gentoo.org>
Importerad: 2003-03-07 18:23 av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <3873>
Ärende: GLSA: mysqlcc (200303-7)
------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200303-7
- - ---------------------------------------------------------------------
PACKAGE : mysqlcc
SUMMARY : information leakage
DATE : 2003-03-07 16:03 UTC
EXPLOIT : local
VERSIONS AFFECTED : <0.8.9
FIXED VERSION : =>0.8.9
CVE :
- - ---------------------------------------------------------------------
Versions prior to 0.8.9 had all configuration and connection files
world readable.
SOLUTION
It is recommended that all Gentoo Linux users who are running
dev-db/mysqlcc upgrade to mysqlcc-0.8.10-r1 as follows:
emerge sync
emerge -u mysqlcc
emerge clean
- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz
- - ---------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+aMK+fT7nyhUpoZMRAoq2AKDE1Xc6ler9UoKz2bVNtN4B4OMlLgCgtj4Y
a6RAI1/TyhIthLVSXYCcRj0=
=EL3y
-----END PGP SIGNATURE-----
(93129) /Daniel Ahlberg <aliz@gentoo.org>/----------