Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-announce

From: Daniel Ahlberg <aliz@g.o>
To: gentoo-announce@g.o
Subject: GLSA: nethack
Date: Tue, 18 Feb 2003 09:17:23
Message-Id: 20030218090131.2A1955764@mail2.tamperd.net
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 - - ---------------------------------------------------------------------
5 GENTOO LINUX SECURITY ANNOUNCEMENT 200302-08
6 - - ---------------------------------------------------------------------
7
8 PACKAGE : nethack
9 SUMMARY : buffer overflow
10 DATE : 2003-02-18 09:10 UTC
11 EXPLOIT : local
12
13 - - ---------------------------------------------------------------------
14
15 Overflowing a buffer in nethack may lead to privelige escalation to
16 games uid.
17
18 Read the full advisory at:
19 http://marc.theaimsgroup.com/?l=bugtraq&m=104489201032144&w=2
20
21 SOLUTION
22
23 It is recommended that all Gentoo Linux users who are running
24 app-games/nethack upgrade to nethack-3.4.0-r6 as follows:
25
26 emerge sync
27 emerge -u nethack
28 emerge clean
29
30 - - ---------------------------------------------------------------------
31 aliz@g.o - GnuPG key is available at http://cvs.gentoo.org/~aliz
32 - - ---------------------------------------------------------------------
33 -----BEGIN PGP SIGNATURE-----
34 Version: GnuPG v1.2.1 (GNU/Linux)
35
36 iD8DBQE+UfhsfT7nyhUpoZMRAhFfAJ9asnqYIFPxQ5x0NrI0TX95AoznHACgvDs3
37 IGHP5+mr6/l6VFSm1egWoNI=
38 =UKVa
39 -----END PGP SIGNATURE-----
Report Message
Find on MARC Find on Google Groups