Processing commands for [EMAIL PROTECTED]:
> tag 318285 patch
Bug#318285: CAN-2005-2240 symlink attack in xpvm.tcl
Tags were: security
Tags added: patch
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator,
tag 318285 patch
thanks
Hi,
Here's the CAN-2005-2240 fix for woody and sarge (sid upload is already
in incoming).
Cheers,
Matej
diff -u xpvm-1.2.5/src/xpvm.tcl xpvm-1.2.5/src/xpvm.tcl
--- xpvm-1.2.5/src/xpvm.tcl
+++ xpvm-1.2.5/src/xpvm.tcl
@@ -831,7 +831,7 @@
set tfck [ info exists trace_fil
On Fri, Jul 15, 2005 at 01:47:44PM +0200, Frank Lichtenheld wrote:
> On Thu, Jul 14, 2005 at 05:27:33PM +0300, Joey Hess wrote:
> > According to http://secunia.com/advisories/16040:
>
> Some investigation on it:
> There is a tempfile procedure available in tcllib, one could either
> use that or co
On Thu, Jul 14, 2005 at 05:27:33PM +0300, Joey Hess wrote:
> According to http://secunia.com/advisories/16040:
Some investigation on it:
There is a tempfile procedure available in tcllib, one could either
use that or copy&paste (since it isn't available in tcllib in woody)
@security team: Should
Package: xpvm
Severity: serious
Tags: security
According to http://secunia.com/advisories/16040:
Eric Romang has reported a vulnerability in xpvm, which can be exploited by
malicious, local users to perform certain actions on a vulnerable system with
escalated privileges.
The vulnerabili
5 matches
Mail list logo
