Gentoo Archives: gentoo-announce

From: Daniel Ahlberg <aliz@g.o>
To: gentoo-announce@g.o
Subject: GLSA: apcupsd (200302-13)
Date: Mon, 24 Feb 2003 12:49:08
Message-Id: 20030224100809.D117733B6A@mail1.tamperd.net
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 - - ---------------------------------------------------------------------
5 GENTOO LINUX SECURITY ANNOUNCEMENT 200302-13
6 - - ---------------------------------------------------------------------
7
8 PACKAGE : apcupsd
9 SUMMARY : remote root vulnerability and buffer overflows
10 DATE : 2003-02-24 10:05 UTC
11 EXPLOIT : remote
12 VERSIONS AFFECTED : <3.10.5
13 FIXED VERSION : 3.10.5
14
15 - - ---------------------------------------------------------------------
16
17 - From Mandrake Linux Security Update Advisory MDKSA-2003:018:
18
19 "A remote root vulnerability in slave setups and some buffer overflows
20 in the network information server code were discovered by the apcupsd
21 developers."
22
23 Read the full advisory at:
24 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:018
25
26 SOLUTION
27
28 It is recommended that all Gentoo Linux users who are running
29 sys-apps/apcupsd upgrade to apcupsd-3.10.5 as follows:
30
31 emerge sync
32 emerge -u apcupsd
33 emerge clean
34
35 - - ---------------------------------------------------------------------
36 aliz@g.o - GnuPG key is available at http://cvs.gentoo.org/~aliz
37 zwelch@g.o
38 - - ---------------------------------------------------------------------
39 -----BEGIN PGP SIGNATURE-----
40 Version: GnuPG v1.2.1 (GNU/Linux)
41
42 iD8DBQE+We58fT7nyhUpoZMRAlAjAKCQ2hNadk/UiJLWMNiFgo6KtmcQJgCggKvt
43 A5yNh3SCOk9QpM7nfihyDMg=
44 =qVVr
45 -----END PGP SIGNATURE-----