Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Debian 2.2 DSA-037-1 Critical: Insecure Tempfile Bug Fix

debian
Calendar Grey March 7, 2001
Debian Logo
Debian has issued an alert regarding vulnerable tempfile handling found in Nextaw, Xaw3D, and Xaw95, advising users to upgrade to the most recent package releases.
It has been reported that the AsciiSrc and MultiSrc widget in the Athena widget library handle temporary files insecurely.

Summary

It has been reported that the AsciiSrc and MultiSrc widget in the
Athena widget library handle temporary files insecurely. Joey Hess
has ported the bugfix from XFree86 to these Xaw replacements
libraries.

We recommend you upgrade your nextaw, xaw3d and xaw95 packages.

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 2.2 alias potato
------------------------------------

Potato was released for the alpha, arm, i386, m68k, powerpc and sparc
architectures. This package, though, is only fixed for i386 and
m68k. The version for sparc is still vulnerable and isn't
maintained anymore.


Source archives:


MD5 checksum: 39f64281940612d3fcd9caab2e577aec

MD5 checksum: 8f4d5420ccb9a10eeba1bbbbf4039618

MD5 checksum: ca6b7f0cd5929c67d31bec1cc85597fd

MD5 checksum: a0253eff70f0e295471a57b08547...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: nextaw, xaw3d, xaw95

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.