Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-user-es
Navigation:
Lists: gentoo-user-es: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-user-es@g.o
From: Luis Mayoral <satriani@...>
Subject: Re: GLSA: libmm
Date: Fri Aug 2 18:08:01 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - -----------------------------------------------------------------------
GLSA: GENTOO LINUX SECURITY ANNOUNCEMENT
- - -----------------------------------------------------------------------
PAQUETE         : mm - Librería de abstracción de la memoria compartida
RESUMEN         : Fallo de seguridad en los ficheros temporales de mm.
FECHA           : Mie 31 Jul 08:44:26 UTC 2002
- - -----------------------------------------------------------------------

SUMARIO

Hay un fallo de los ficheros temporales que puede ser utilizado para ganar 
acceso de root en un sistema que use Apache. Versión afectada: 
dev-libs/mm-1.1.3-r1

DETALLES

PHP puede ser utilizado para dar al usuario www-user acceso de shell en 
sistemas utilizando Apache. Este fallo en los ficheros temporales puede ser 
explotado para ganar acceso de root.

Esto afecta a dev-libs/mm-1.1.3-r1

http://online.securityfocus.com/advisories/4315


SOLUCION

Es recomendado que los usuarios de Gentoo Linux que estén usando un apache 
enlazado con mm actualicen sus sistemas de la siguiente manera (Nota: La 
nueva versión será mm-1.2.1):

emerge rsync
emerge dev-libs/mm
- - ------------------------------------------------------------------------

Salu2

PD: El resto de GLSA sin traducir los tendréis traducidos a lo largo de este 
fin de semana :)

- -- 
Note .-  Please,  do not  support  antispam  MAPS lists.  They            
arbitrarily include in their lists IP addresses not related in
any  way to  spam, and  in so  doing  are disrupting  Internet
connectivity. See: http://www.dotcomeon.com/

Random quote:
The world's great men have not commonly been great scholars, nor its great
scholars great men.
		-- Oliver Wendell Holmes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9SvLWXkaJqbJam+gRArLpAJ94/6sKeAdITVl29vY5fkIr/iTIZgCdGHEO
ImiHB+w3bd9uoOqzAYWAM8c=
=SMgY
-----END PGP SIGNATURE-----


References:
[gentoo-announce] GLSA: libmm
-- Seemant Kulleen
Navigation:
Lists: gentoo-user-es: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
[gentoo-announce] GLSA: libmm
Next by thread:
[gentoo-announce] GLSA: ppp
Previous by date:
Re: Problemas al compilar las X's
Next by date:
Firebird


Updated Jun 17, 2009

Summary: Archive of the gentoo-user-es mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.