Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Warning: Undefined array key "Description" in /var/www/www.linuxsecurity.com-443/html/lsadvisories/lsadvisories.php on line 220

Fedora Coreutils Integer Overflow Advisory - Critical Denial of Service

fedora
Calendar Grey March 11, 2004
Dist Fedora Esm H88
A critical buffer overflow flaw in Fedora's coreutils suite may result in service disruption or allow local users to run unauthorized code. Urgent updates are highly recommended.
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code.

Summary

These are the GNU core utilities. This package is the combination of

the old GNU fileutils, sh-utils, and textutils packages.

Update Information:

An updated coreutils package is available fixing an issue in the ls(1) utility, described at:

CVE -CVE-2003-0853

Note that this vulnerability affects Internet-facing services which execute ls(1) with user-supplied input, and although wu-ftpd is one such service it is not supplied with Fedora Core 1.

* Wed Mar 03 2004 Tim Waugh <twaugh@redhat.com> 5.0-34.1

- Build for Fedora Core 1.

* Thu Dec 04 2003 Tim Waugh <twaugh@redhat.com> 5.0-34.sel

- Fix column widths problems in ls.

* Tue Dec 02 2003 Tim Waugh <twaugh@redhat.com> 5.0-33.sel

- Speed up md5sum by disabling speed-up asm.

* Wed Nov 19 2003 Dan Walsh <dwalsh@redhat.com> 5.0-32.sel

- Try again

* Wed Nov 19 2003 Dan Walsh <dwalsh@redhat.com> 5.0-31.sel

- Fix move on non SELinux kernels

* Fri Nov 14 2003 Tim Waugh <twaugh@redhat.com> 5.0-30.sel

- Fixed useless acl dependencies (bug #106141).

* Fri Oct 24 2003 Dan Walsh <dwalsh@redhat.com> 5.0-29.sel

- Fix id -Z

* Tue Oct 21 2003 Dan Walsh <dwalsh@redhat.com> 5.0-28.sel

- Turn on SELinux - Fix chcon error handling

* Wed Oct 15 2003 Dan Walsh <dwalsh@redhat.com> 5.0-28

- Turn off SELinux

* Mon Oct 13 2003 Dan Walsh <dwalsh@redhat.com> 5.0-27.sel

- Turn on SELinux

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service fedora coreutils integer overflow

Change Log

References

Fedora Update Notification FEDORA-2004-091 2004-03-10
Name : coreutils Version : 5.0 Release : 34.1 Summary : The GNU core utilities: a set of tools commonly used in shell scripts Description : These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages.

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Name: coreutils
Version: 5.0
Release: 34.1
Summary: The GNU core utilities: a set of tools commonly used in shell scripts

Topics%20covered

Topics Covered

security advisory denial of service fedora coreutils integer overflow

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here