From aliz@gentoo.org Tue Sep 2 15:07:36 2003 From: Daniel Ahlberg To: gentoo-announce@gentoo.org, bugtraq@securityfocus.com, full-disclosure@lists.netsys.com Date: Mon, 1 Sep 2003 15:42:41 +0200 (CEST) Subject: GLSA: vmware (200308-03.1) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - --------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200308-03.1 - - - ---------------------------------------------------------------------           PACKAGE : vmware           SUMMARY : insecure symbolic links              DATE : 2003-09-01 13:42 UTC           EXPLOIT : local VERSIONS AFFECTED : =vmware-workstation-4.0.2.5592               CVE : - - - --------------------------------------------------------------------- The previous GLSA 200308-03 was wrong when it stated that vmware-workstation-4.0.1-5289 would fix the problems described in the advisory. SOLUTION It is recommended that all Gentoo Linux users who are running app-emulation/vmware-workstation-4.x upgrade to vmware-workstation-4.0.1-5289 as follows emerge sync emerge \=app-emulation/vmware-workstation/vmware-workstation-4.0.2.5592 emerge clean - - - --------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz - - - --------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/U0zRfT7nyhUpoZMRAhh1AKC4xNS3mE4ub4NcBufMhbxl0EZgdQCfZqbY QbX+wWrTeZJawox7cWMY4/k= =7SA8 -----END PGP SIGNATURE-----