From aliz@gentoo.org Mon Feb 24 12:50:54 2003 From: Daniel Ahlberg To: full-disclosure@lists.netsys.com Date: Mon, 24 Feb 2003 11:05:53 +0100 Subject: [Full-Disclosure] GLSA: apcupsd (200302-13) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200302-13 - - --------------------------------------------------------------------- PACKAGE : apcupsd SUMMARY : remote root vulnerability and buffer overflows DATE : 2003-02-24 10:05 UTC EXPLOIT : remote VERSIONS AFFECTED : <3.10.5 FIXED VERSION : 3.10.5 - - --------------------------------------------------------------------- - From Mandrake Linux Security Update Advisory MDKSA-2003:018: "A remote root vulnerability in slave setups and some buffer overflows in the network information server code were discovered by the apcupsd developers." Read the full advisory at: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:018 SOLUTION It is recommended that all Gentoo Linux users who are running sys-apps/apcupsd upgrade to apcupsd-3.10.5 as follows: emerge sync emerge -u apcupsd emerge clean - - --------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz zwelch@gentoo.org - - --------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+We58fT7nyhUpoZMRAlAjAKCQ2hNadk/UiJLWMNiFgo6KtmcQJgCggKvt A5yNh3SCOk9QpM7nfihyDMg= =qVVr -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html