[Security-team] [Fwd: [SA20950] shadow setuid Vulnerability]
Michael Shigorin
=?iso-8859-1?q?mike_=CE=C1_osdn=2Eorg=2Eua?=
Пн Июл 10 21:34:16 MSD 2006
On Sat, Jul 08, 2006 at 08:01:44PM +1300, Alexey Borovskoy wrote:
> This vulnerability was reported in version 4.0.3 and 4.0.13.
> Prior versions may be also affected.
> SOLUTION: Update to version 4.0.14 or later.
> ftp://ftp.pld.org.pl/software/shadow/
$ rpm -qf /usr/bin/passwd
passwd-1.0.11-alt1
(в 2.4 и 3.0 -- тоже passwd-1.0.x)
Так, к сведению.
--
---- WBR, Michael Shigorin <mike на altlinux.ru>
------ Linux.Kiev http://www.linux.kiev.ua/
Подробная информация о списке рассылки Security-team