 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
FYI... ------- Forwarded Message Follows ------- Date: Fri, 18 Apr 1997 21:09:01 -0700 To: linux-security at redhat.com From: Webmaster <webmaster at perl.org> Subject: Re: [linux-security] SECURITY: vulnerability in sperl Cc: redhat-announce-list at redhat.com Reply-to: redhat-list at redhat.com -----BEGIN PGP SIGNED MESSAGE----- At 10:15 AM 4/18/97 -0400, Erik Troan wrote: > >Red Hat Software has been notified of a critical security problem (a buffer >overrun) in /usr/bin/sperl*. As no official fix for this problem exists, >we recommend turning off the setuid bit on /usr/bin/sperl*. As far as >we know, this problem affects all platforms and all versions. > >As soon as a fix is available we will release a new version of the perl >package and announce it here. If no fix seems forthcoming, we will issue >a new package w/o the setuid bit enabled on /usr/sbin/sperl. A patch for 5.003_97f has appeared on the Perl5-Porters list. The entire codebase is being examined line by line to find any other such conditions. >You can disable the exploits for this bug with the following command: > > chmod u-s /usr/bin/sperl* Perl 5.003_97g was released tonight. It should fix that bug. Any other overflow problems will be caught and killed before the 5.004 release. -----BEGIN PGP SIGNATURE----- Version: 4.5 iQEVAwUBM1hFNyHKgQer03QZAQGeFwf+K6lAuHjqGjHH6wN/joXbnJnuusCZ3Usv sjRjqiBQ0/yUriK88ghjQOImgY/P2pxu1kDzpB/gt1hbl+miVTZ9HAhWxO5Izou7 fZHPvLA0xOeaRmBXk3EszIbVtZKvwkhHPeJSMXiseOcaPF+r5zCGontiL2Vze2Hy bqeuECMo3MtUa+be1/6KN2aDdHAvJ1nidOwMoPwcQG1QULlaig0C3dKRYq2dwWWP OFgC7gLwUmWN3exV7p2qxG5rgEhNvsgkWBWOnnkCG5qZk+QgrFRvGxrh3Wlb7Dha qiqsya58EDoTemoYTb7vvpNCoX+uynl2i+y7xcXxm/xZGe2wIFO4cw== =TpSH -----END PGP SIGNATURE----- Alan Olsen "Mi Tio es infermo, pero la carretera es verde!" Webmaster The Perl Institute webmaster at perl.org -- To unsubscribe: mail -s unsubscribe redhat-announce-list-request at redhat.com < /dev/null
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
