------------------------------------------------------------------------
Debian Security Advisory DSA-095-1                   security@debian.org 
Debian -- Security Information                     Robert van der Meulen
December 27, 2001
------------------------------------------------------------------------


Package        : gpm
Problem type   : local root vulnerability
Debian-specific: no

The package 'gpm' contains the 'gpm-root' program, which can be used to
create mouse-activated menus on the console.
Among other problems, the gpm-root program contains a format string
vulnerability, which allows an attacker to gain root privileges.

This has been fixed in version 1.17.8-18.1, and we recommend that you upgrade
your 1.17.8-18 package immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.


Debian GNU/Linux 2.2 alias potato
---------------------------------

  Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

  Source archives:
      
      MD5 checksum: 8c48aa1656391d3755c289a87db13bf0
      
      MD5 checksum: bafbe8ffe73d3b5783e9841f1894af77
      
      MD5 checksum: 9d50c299bf925996546efaf32de1db7b

  Alpha architecture:
      
      MD5 checksum: 0e50705cadfd58777d02fa6806c10bdf
     
 
      MD5 checksum: cbeeeac3795318255126814d71b7b945
     
 
      MD5 checksum: f5dd9e395259b037d20e013e112a55e8

  ARM architecture:
      
      MD5 checksum: 6b41896ddfed4a119d17e5d8e8391384
     
 
      MD5 checksum: f02444fc5a9a6a7c7da0e1cb19df24a6
      
      MD5 checksum: 0ae3eb96377394d65e0e8031d0019147

  Intel IA-32 architecture:
      
      MD5 checksum: 18c837abec8360db146681d2a713177a
     
 
      MD5 checksum: f60aa2b9720ee597f18fa3fa86a8af6e
      
      MD5 checksum: 815a1e90fe36e603f0803f92b6898f19
     
 
      MD5 checksum: 514a1baee569e548349f7c4dc2941f3d
     
 
      MD5 checksum: 52014c36f8155a0c89e9ade02d91cdbe

  Motorola 680x0 architecture:
      
      MD5 checksum: ce61772d26c799bce33d729ed7fc67b7
     
 
      MD5 checksum: 923894ee7bdc1a8e648881eaf5f372da
      
      MD5 checksum: 019de1ecb144e3d10b5978ea640a24c4
     
 
      MD5 checksum: 88d75f4b1f85e6aee903f886b311e127
     
 
      MD5 checksum: 1ea940b2e3c5d7fade43d75ed3253569

  PowerPC architecture:
     
 
      MD5 checksum: aa2415e6f489af235e173d6d5a69b05f
     
 
      MD5 checksum: cd823ce39eb4125ed4a8dd0c17362107
     
 
      MD5 checksum: 0188cb6c4ffd82a146812e53c1387918

  Sun Sparc architecture:
      
      MD5 checksum: b703c2e30b52446508f18951551839a3
     
 
      MD5 checksum: b8a75b6ab45f649b9e458cf778545a9e
     
 
      MD5 checksum: fa4ae1bda04f3b13622d6e6bc9ffcb35
  These packages will be moved into the stable distribution on its next
  revision.

For not yet released architectures please refer to the appropriate
directory    .
--
----------------------------------------------------------------------------
apt-get: deb  Debian -- Security Information  stable/updates main
dpkg-ftp:    dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Debian: 'gpm' local root vulnerability

December 27, 2001
Among other problems, the gpm-root program contains a format stringvulnerability, which allows an attacker to gain root privileges.

Summary

Package : gpm
Problem type : local root vulnerability
Debian-specific: no

The package 'gpm' contains the 'gpm-root' program, which can be used to
create mouse-activated menus on the console.
Among other problems, the gpm-root program contains a format string
vulnerability, which allows an attacker to gain root privileges.

This has been fixed in version 1.17.8-18.1, and we recommend that you upgrade
your 1.17.8-18 package immediately.

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.


Debian GNU/Linux 2.2 alias potato
---------------------------------

Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

Source archives:

MD5 checksum: 8c48aa1656391d3755c289a87db13bf0

MD5 checksum: bafbe8ffe73d3b5783e9841f1894af77

MD5 checksum: 9d50c299bf925996546efaf32de1db7b

Alpha architecture:

MD5 checksum: 0e50705cadfd58777d02fa6806c10bdf


MD5 checksum: cbeeeac3795318255126814d71b7b945


MD5 checksum: f5dd9e395259b037d20e013e112a55e8

ARM architecture:

MD5 checksum: 6b41896ddfed4a119d17e5d8e8391384


MD5 checksum: f02444fc5a9a6a7c7da0e1cb19df24a6

MD5 checksum: 0ae3eb96377394d65e0e8031d0019147

Intel IA-32 architecture:

MD5 checksum: 18c837abec8360db146681d2a713177a


MD5 checksum: f60aa2b9720ee597f18fa3fa86a8af6e

MD5 checksum: 815a1e90fe36e603f0803f92b6898f19


MD5 checksum: 514a1baee569e548349f7c4dc2941f3d


MD5 checksum: 52014c36f8155a0c89e9ade02d91cdbe

Motorola 680x0 architecture:

MD5 checksum: ce61772d26c799bce33d729ed7fc67b7


MD5 checksum: 923894ee7bdc1a8e648881eaf5f372da

MD5 checksum: 019de1ecb144e3d10b5978ea640a24c4


MD5 checksum: 88d75f4b1f85e6aee903f886b311e127


MD5 checksum: 1ea940b2e3c5d7fade43d75ed3253569

PowerPC architecture:


MD5 checksum: aa2415e6f489af235e173d6d5a69b05f


MD5 checksum: cd823ce39eb4125ed4a8dd0c17362107


MD5 checksum: 0188cb6c4ffd82a146812e53c1387918

Sun Sparc architecture:

MD5 checksum: b703c2e30b52446508f18951551839a3


MD5 checksum: b8a75b6ab45f649b9e458cf778545a9e


MD5 checksum: fa4ae1bda04f3b13622d6e6bc9ffcb35
These packages will be moved into the stable distribution on its next
revision.

For not yet released architectures please refer to the appropriate
directory .
--
----------------------------------------------------------------------------
apt-get: deb Debian -- Security Information stable/updates main
dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org





Severity

Related News

28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for
4.Lock AbstractDigital Esm H320
2 - 3 min read
Canonical , the company behind Ubuntu , has introduced Netplan 1.0 , a network configuration tool that simplifies networking configuration on Linux

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved