Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-user-es
Navigation:
Lists: gentoo-user-es: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-user-es@g.o
From: Luis Mayoral <satriani@...>
Subject: Re: GLSA: acroread
Date: Tue Jul 16 10:03:02 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Segunda traducción

- - -----------------------------------------------------------------------
GLSA: ANUNCIO DE SEGURIDAD GENTOO LINUX
- - -----------------------------------------------------------------------
PAQUETE         : acroread  -- Adobe Acrobat Reader
RESUMEN         : Fallo de seguridad en acroread
FECHA           : Dom  7 Jul 23:02:04 UTC 2002
- - -----------------------------------------------------------------------

SUMARIO

Hay un fallo de seguridad con los ficheros temporales que puede ser usada para 
acceder a las cuentas de usuario, y posiblemente ganar privilegios de 
sistema.

DETALLES

Acroread crea o sobreescribe el fichero /tmp/AdobeFnt06.lst.UID, y cambia sus 
permisos a apertura total (modo 666); también sigue los enlaces simbólicos.

http://bugs.gentoo.org/show_bug.cgi?id=4657
http://online.securityfocus.com/archive/1/278984

SOLUCION

Se recomienda a todos los usuarios de Gentoo Linux que estén usando acroread 
que actualicen sus sistemas de la siguiente manera:

emerge --clean rsync
emerge unmerge acroread
emerge xpdf

Por ahora, el ebuild de acroread realizará una advertencia a los usuarios para 
que hagan un unmerge del paquete, y procederá con el merge de xpdf, para que 
sea este último el usado como visor de documentos PDF.

- - ------------------------------------------------------------------------

Salu2

- -- 
Note .-  Please,  do not  support  antispam  MAPS lists.  They            
arbitrarily include in their lists IP addresses not related in
any  way to  spam, and  in so  doing  are disrupting  Internet
connectivity. See: http://www.dotcomeon.com/

Random quote:
Never call a man a fool.  Borrow from him.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9NDUzXkaJqbJam+gRAh87AJ43XO5glRBh4LeUhGt3w7J6aDVaVwCeKTpN
EGO8J/jZJWXk+zLvv5YX28Q=
=PAHO
-----END PGP SIGNATURE-----


References:
GLSA: acroread
-- Seemant Kulleen
Navigation:
Lists: gentoo-user-es: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
GLSA: acroread
Next by thread:
problemas compilando lm_sensors
Previous by date:
Re: GLSA: glibc
Next by date:
Re: Re: GLSA: glibc


Updated Jun 17, 2009

Summary: Archive of the gentoo-user-es mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.