Gentoo Archives: gentoo-announce

From:	aliz@gentoo.org (Daniel Ahlberg)
To:	gentoo-announce@g.o, bugtraq@×××××××××××××.com, full-disclosure@××××××××××××.com
Subject:	[gentoo-announce] GLSA: vmware (200308-03.1)
Date:	Mon, 01 Sep 2003 13:35:13
Message-Id:	`20030901134241.8207F9FBB1@noc.internal.fairytale.se`

1	-----BEGIN PGP SIGNED MESSAGE-----
2	Hash: SHA1
3
4	- - - ---------------------------------------------------------------------
5	GENTOO LINUX SECURITY ANNOUNCEMENT 200308-03.1
6	- - - ---------------------------------------------------------------------
7
8	PACKAGE : vmware
9	SUMMARY : insecure symbolic links
10	DATE : 2003-09-01 13:42 UTC
11	EXPLOIT : local
12	VERSIONS AFFECTED : <vmware-workstation-4.0.2.5592
13	FIXED VERSION : >=vmware-workstation-4.0.2.5592
14	CVE :
15
16	- - - ---------------------------------------------------------------------
17
18	The previous GLSA 200308-03 was wrong when it stated that
19	vmware-workstation-4.0.1-5289 would fix the problems described in the
20	advisory.
21
22	SOLUTION
23
24	It is recommended that all Gentoo Linux users who are running
25	app-emulation/vmware-workstation-4.x upgrade to
26	vmware-workstation-4.0.1-5289 as follows
27
28	emerge sync
29	emerge \=app-emulation/vmware-workstation/vmware-workstation-4.0.2.5592
30	emerge clean
31
32	- - - ---------------------------------------------------------------------
33	aliz@g.o - GnuPG key is available at http://dev.gentoo.org/~aliz
34	- - - ---------------------------------------------------------------------
35	-----BEGIN PGP SIGNATURE-----
36	Version: GnuPG v1.2.3 (GNU/Linux)
37
38	iD8DBQE/U0zRfT7nyhUpoZMRAhh1AKC4xNS3mE4ub4NcBufMhbxl0EZgdQCfZqbY
39	QbX+wWrTeZJawox7cWMY4/k=
40	=7SA8
41	-----END PGP SIGNATURE-----