Debian 2.1 Security Advisory: Critical Dump Symbolic Link Fix
debian
December 13, 1999
The version of dump that was distributed with Debian GNU/Linux 2.1
suffers from a problem with restoring symbolic links
Topics Covered
Summary
The version of dump that was distributed with Debian GNU/Linux 2.1
suffers from a problem with restoring symbolic links.
This has been fixed in version 0.4b9-0slink1. We recommend you upgrade
your dump package immediately.
This version "Uses lchown instead of chown, fixing a possible security
problem when restoring symlinks (a malicious user could use this to
deliberately corrupt the ownership of important system files)".
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.1 alias slink
This version of Debian was released only for Intel, the Motorola
680x0, the alpha and the Sun sparc architecture.
Source archives:
b9-
0slink1.dsc
MD5 checksum: 02974dac4f42f1b4959fabda825ebca3
b9-0slink1.diff.gz
MD5 checksum: 0323e77166ae759ed6b8de3687f97384
.
gz
MD5 checksum: d865a4e26c528138d633618fb7f6a829
Alpha architecture:
alpha/dump_0.4b9-0slink1_alpha.deb
MD5 checksum: ee335c04fef89dab51cac3443cd9cea4
Intel ia32 architecture:
...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!