Gentoo Archives: gentoo-user-es

From: Daniel Ahlberg <aliz@g.o>
To: gentoo-announce@g.o
Subject: [gentoo-user-es] [gentoo-announce] GLSA: heimdal
Date: Mon, 14 Oct 2002 10:25:08
Message-Id: 20021014152433.5032133728@mail1.tamperd.net
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 - - --------------------------------------------------------------------
5 GENTOO LINUX SECURITY ANNOUNCEMENT
6 - - --------------------------------------------------------------------
7
8 PACKAGE : heimdal
9 SUMMARY : remote command execution
10 EXPLOIT : remote
11 DATE    : 2002-10-14 15:30 UTC
12
13 - - --------------------------------------------------------------------
14
15 - From www.pdc.kth.se/heimdal:
16
17 Kf and kfd are used to forward credentials in a stand-alone fashion.
18 Work on them never really finished, and in releases earlier than
19 Heimdal 0.5 they had multiple security issues, including possible
20 buffer overruns. Their use has never been recommended.
21
22 SOLUTION
23
24 It is recommended that all Gentoo Linux users who are running
25 app-crypt/heimdal-0.4e and earlier update their systems
26 as follows:
27
28 emerge rsync
29 emerge heimdal
30 emerge clean
31
32 - - --------------------------------------------------------------------
33 aliz@g.o - GnuPG key is available at www.gentoo.org/~aliz
34 - - --------------------------------------------------------------------
35 -----BEGIN PGP SIGNATURE-----
36 Version: GnuPG v1.0.7 (GNU/Linux)
37
38 iD8DBQE9quK2fT7nyhUpoZMRAsc1AKCIttm56nUA6fk95yYR06PD6YSyeQCgwNLU
39 8EL/GnnW9aSctZoIh8r5S4M=
40 =/ANK
41 -----END PGP SIGNATURE-----
42 _______________________________________________
43 gentoo-announce mailing list
44 gentoo-announce@g.o
45 http://lists.gentoo.org/mailman/listinfo/gentoo-announce