Fedora Core 3: 2005-771 Critical: Slocate File System Threat
fedora
August 22, 2005
A carefully prepared directory structure could stop the updatedb file system scan, resulting in an incomplete slocate database
Summary
Slocate is a security-enhanced version of locate. Just like locate,
slocate searches through a central database (which is updated nightly)
for files that match a given pattern. Slocate allows you to quickly
find files anywhere on your system.
A carefully prepared directory structure could stop the
updatedb file system scan, resulting in an incomplete slocate
database. The Common Vulnerabilities and Exposures project has
assigned the name CAN-2005-2499 to this issue.
- s/Copyright/License/
- Skip subtrees with paths longer than 32k
- Drop the ineffective fts patch
858e1b03ea946b5c03e00721dc1709dd SRPMS/slocate-2.7-12.fc3.1.src.rpm
dd00e1dc7ec8e90b51e404f2cae597e3 x86_64/slocate-2.7-12.fc3.1.x86_64.rpm
48d65ce1efe5f1e303b05ba46f74f7d7 x86_64/debug/slocate-debuginfo-2.7-12.fc3.1.x86_64.rpm
c83bfb7641c6c2e6bfc6209ea33f0157 i386/slocate-2.7-12.fc3.1.i386.rpm
364b3432b2b09a96b7a447f0fcd6aa23 i386/debug/slocate-debuginfo-2.7-12.fc3.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
fedora-announce-list@redhat.com
Topics Covered
Change Log
References
Update Instructions
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: slocate
Version: 2.7
Release: 12.fc3.1
Summary: Finds files on a system via a central database.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!