Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-user-es
Navigation:
Lists: gentoo-user-es: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-announce@g.o, gentoo-users@g.o, gentoo-dev@g.o, gentoo-core@g.o, lwn@..., gentoo-newbies@g.o, gentoo-security@g.o, gentoo-desktop@g.o, gentoo-user-es@g.o
From: Seemant Kulleen <seemant@g.o>
Subject: GLSA: acroread
Date: Sun Jul 7 18:03:07 2002
- -----------------------------------------------------------------------
GLSA: GENTOO LINUX SECURITY ANNOUNCEMENT
- -----------------------------------------------------------------------
PACKAGE         : acroread  -- Adobe Acrobat Reader
SUMMARY         : security vulnerability in acroread
DATE            : Sun Jul  7 23:02:04 UTC 2002
- -----------------------------------------------------------------------

OVERVIEW

There is a temp file vulnerability that can be used to access user
accounts, and possibly gain system priveleges.

DETAIL


Acroread creates or overwrites the file /tmp/AdobeFnt06.lst.UID, and
changes its permissions to wide open (mode 666); it also follows
symlinks.

http://bugs.gentoo.org/show_bug.cgi?id=4657
http://online.securityfocus.com/archive/1/278984

SOLUTION

It is recommended that all Gentoo Linux users who are running acroread
update their systems as follows.

emerge --clean rsync
emerge unmerge acroread
emerge xpdf

For now, the acroread ebuild will issue a warning to users to unmerge the
package, and will proceed to emerge xpdf, for use as a pdf document
viewer.

- ------------------------------------------------------------------------
jago@...
seemant@g.o
drobbins@g.o
- ------------------------------------------------------------------------

-- 
Seemant Kulleen
Developer and Project Co-ordinator,
Gentoo Linux					http://www.gentoo.org/~seemant

Replies:
Re: GLSA: acroread
-- Luis Mayoral
Navigation:
Lists: gentoo-user-es: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
mi xchat, en ingles y sin botones-imagen
Next by thread:
Re: GLSA: acroread
Previous by date:
Re: mi xchat, en ingles y sin botones-imagen
Next by date:
problema al usar "su"


Updated Jun 17, 2009

Summary: Archive of the gentoo-user-es mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.