svgalib-1.28-2 (a.out) security fix released
This (a.out) release works around a security hole in previous releases
of svgalib; it should therefore go in the stable tree.
You can fix the security hole by removing the setuid bit from
restorefont with the command:
chmod 750 /usr/bin/restorefont
as root if you don't want to install the new package. There are a
couple of other changes, however, and it's important that the version
in the distribution is OK - Ian, could you put it in the stable tree
please?
Sun Jan 7 15:58:12 1996 Richard Kettlewell <richard@sfere.elmail.co.uk>
* remove setuid bit from restorefont - this is a workaround to
avoid a security hole.
Thu Nov 23 18:20:52 1995 Richard Kettlewell <richard@sfere.elmail.co.uk>
* (bug #1881) ensure ownerships are correct in postinst.
Fri Nov 3 19:27:15 1995 Richard Kettlewell <richard@sfere.elmail.co.uk>
* include svgalib README file in /usr/doc (thanks Jon)
-rw-r--r-- 1 richard src 182742 Jan 7 20:00 svgalib-1.28-2.deb
-rw-rw-r-- 1 richard src 8832 Jan 7 20:00 svgalib-1.28-2.diff.gz
-rw-rw-r-- 1 richard src 363621 Jan 7 20:00 svgalib-1.28-2.tar.gz
42685d6714500cba4139ef9a4ba609f7 svgalib-1.28-2.deb
e067ffc01d07687ea68e8ced1a25571d svgalib-1.28-2.tar.gz
fd95deb3e39f60b80bf842f6ac245201 svgalib-1.28-2.diff.gz
Reply to: