---------------------------------------------------------------------------- Debian Security Advisory DSA-031-2 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze March 6, 2001 ---------------------------------------------------------------------------- Package : sudo Vulnerability : buffer overflow Debian-specific: no Todd Miller announced a new version of sudo which corrects a buffer overflow that could potentially be used to gain root privilages on the local system. This bugfix has been backported to the version which was used in Debian GNU/Linux 2.2. The most recent advisory covering sudo missed one architecture that was released with 2.2. Therefore this advisory is only an addition to DSA 031-1 and only adds the relevant package for the powerpc architecture. We recommend you upgrade your sudo packages for powerpc immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato ------------------------------------ Potato was released for the alpha, arm, i386, m68k, powerpc and sparc architectures. PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/sudo_1.6.2p2-1potato1_powerpc.deb MD5 checksum: aed5d9d437b614ab8495cbafe2d421ac These files will be moved into ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . ---------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show' and http://packages.debian.org/
Debian: 'sudo' update
The most recent advisory covering sudo missed one architecture that was released with 2.2. Therefore this advisory is only an addition to DSA 031-1 and only adds the relevant package for the powerpc architecture.
You are not authorised to post comments.