-----------------------------------------------------------------------
Immunix OS Security Advisory
Packages updated: sudo
Affected products: Immunix OS 7.0-beta and 7.0
Bugs Fixed: immunix/1328
Date: February 26, 2001
Advisory ID: IMNX-2001-70-004-01
Author: Greg Kroah-Hartman <greg@wirex.com>
-----------------------------------------------------------------------
Description:
The version of sudo shipped in Immunix OS 7.0-beta and 7.0 contains a
buffer overflow of a variable that is on the heap (which StackGuard
does not protect against.) This problem was originally reported by
Chris Wilson (see http://www.courtesan.com/bugzilla/show_bug.cgi?id=27
for his original bug report.) The 1.6.3p6 version of sudo was released
to fix this problem.
Packages have been created and released that fix this problem.
Package names and locations:
Precompiled binary package for Immunix 7.0-beta and 7.0 is available at:
http://immunix.org/ImmunixOS/7.0/updates/RPMS/sudo-1.6.3p6-1_imnx_1.i386.rpm
Source package for Immunix 7.0-beta and 7.0 is available at:
http://immunix.org/ImmunixOS/7.0/updates/SRPMS/sudo-1.6.3p6-1_imnx_1.src.rpm
md5sums of the packages:
37ab56877a9f5444af8f7716117c8b8d sudo-1.6.3p6-1_imnx_1.i386.rpm
3faf3cb3e6a777473a5d9c640adf911c sudo-1.6.3p6-1_imnx_1.src.rpm
Online version of all Immunix 7.0-beta updates and advisories:
http://immunix.org/ImmunixOS/7.0-beta/updates/
Online version of all Immunix 7.0 updates and advisories:
http://immunix.org/ImmunixOS/7.0/updates/
NOTE:
Ibiblio is graciously mirroring our updates, so if the links above are
slow, please try:
ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/
or one of the many mirrors available at:
http://www.ibiblio.org/pub/Linux/MIRRORS.html
This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 22:42:27 CEST