svgalib-1.28-2 (a.out) security fix released

To: debian-changes@Pixar.com
Subject: svgalib-1.28-2 (a.out) security fix released
From: Richard Kettlewell <richard@elmail.co.uk>
Date: Tue, 9 Jan 96 17:48:15 +0000 (GMT)
Message-id: <[🔎] 8MZGFvps1@muskogee.elmail.co.uk>
Reply-to: debian-user@Pixar.com

This (a.out) release works around a security hole in previous releases
of svgalib; it should therefore go in the stable tree.

You can fix the security hole by removing the setuid bit from
restorefont with the command:

	chmod 750 /usr/bin/restorefont

as root if you don't want to install the new package.  There are a
couple of other changes, however, and it's important that the version
in the distribution is OK - Ian, could you put it in the stable tree
please?

Sun Jan  7 15:58:12 1996  Richard Kettlewell  <richard@sfere.elmail.co.uk>

	* remove setuid bit from restorefont - this is a workaround to
	avoid a security hole.

Thu Nov 23 18:20:52 1995  Richard Kettlewell  <richard@sfere.elmail.co.uk>

	* (bug #1881) ensure ownerships are correct in postinst.

Fri Nov  3 19:27:15 1995  Richard Kettlewell  <richard@sfere.elmail.co.uk>

	* include svgalib README file in /usr/doc (thanks Jon)

-rw-r--r--   1 richard  src        182742 Jan  7 20:00 svgalib-1.28-2.deb
-rw-rw-r--   1 richard  src          8832 Jan  7 20:00 svgalib-1.28-2.diff.gz
-rw-rw-r--   1 richard  src        363621 Jan  7 20:00 svgalib-1.28-2.tar.gz
42685d6714500cba4139ef9a4ba609f7  svgalib-1.28-2.deb
e067ffc01d07687ea68e8ced1a25571d  svgalib-1.28-2.tar.gz
fd95deb3e39f60b80bf842f6ac245201  svgalib-1.28-2.diff.gz

Reply to:

Prev by Date: New minicom & lrzsz (a.out)...
Next by Date: man-2.3.10-7 Released
Previous by thread: New minicom & lrzsz (a.out)...
Next by thread: man-2.3.10-7 Released
Index(es):
- Date
- Thread