5541572 2000-10-03  01:00  /43 rader/ Brevbäraren (som är implementerad i) Python
Mottagare: Bugtraq (import) <13050>
Ärende: GnoRPM local /tmp vulnerability
------------------------------------------------------------
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
To: BUGTRAQ@SECURITYFOCUS.COM
Message-ID: <E13gAul-0004bG-00@the-village.bc.nu>

While fixing other problems with the gnorpm package a locally
exploitable security hole was found where a normal user could trick
root running GnoRPM into writing to arbitary files due to a bug in
the gnorpm tmp file handling.

A new release of GnoRPM (0.95.1) is now available. This fixes
significant numbers of gnorpm bugs including the security
hole. Administrators who use this program on multi-user machines may
well want to update it, and anyone who uses it regularly will
probably appreciate the fact it now works rather better than before.

All versions of GnoRPM before 0.95 are believe vulnerable

MD5Sum:
80521433f88fa09899e9105a24c69ef9	gnorpm-0.95.1.tar.gz

Download sites:
ftp.linux.org.uk:/pub/linux/alan/GNORPM/gnorpm-0.95.1.tar.gz
ftp.gnome.org:/pub/GNOME/stable/sources/gnorpm/gnorpm-0.95.1.tar.gz
(soon)

Linux Vendor Update Information:

Conectiva Linux
~~~~~~~~~~~~~~~
ftp://atualizacoes.conectiva.com.br/
	{4.0,4.0es,5.0,5.1,ferramentas/ecommerce,ferramentas/graficas}

MandrakeSoft
~~~~~~~~~~~~
http://www.linux-mandrake.com/cooker/

Red Hat Linux
~~~~~~~~~~~~~
[URLS to be confirmed]

Linux Vendors Not Shipping Gnorpm
	Caldera OpenLinux
	Debian GNU Linux
(5541572) ------------------------------------------(Ombruten)