[Security Fix] lpr_5.9-13 released
This package fixes a security bug.
>From the linux-security mail:
ABSTRACT
A vulnerability exists in the lpr program version 0.06. If installed
suid to root, the lpr program allows local users to gain access to a
super-user account.
RISK ASSESSMENT
Local users can gain root privileges. The exploits that exercise
this vulnerability were made available.
-----BEGIN PGP SIGNED MESSAGE-----
Date: 24 Nov 96 21:25 UT
Format: 1.6
Distribution: stable frozen unstable
Urgency: High
Maintainer: Sven Rudolph <sr1@inf.tu-dresden.de>
Source: lpr
Version: 5.9-13
Binary: lpr
Architecture: i386 source
Description:
lpr: Berkeley lpr/lpd line printer spooling system
- This is the standards UNIX printer spooler and associated utilties.
- You can use this for local and remote printers.
Changes:
* lpr/lpr.c: fixed buffer-overflow security bug
Files:
ac2f7f38fb410267742c3612ff9d2565 19296 net standard lpr_5.9-13.diff.gz
e02b657d2dee61e0efa48b8fb0246b1e 69751 net standard lpr_5.9-13.tar.gz
4288f4a14b58f439bd0930d2d4631301 63254 net standard lpr_5.9-13_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQCVAwUBMpiwiPcN927BSdxBAQE85gQAiDt96T6d0rEO8wVbDrecoXG9dNvYjAo3
UD5OJxQ5c4gfp9E0/xTNjeIvPedbVxIUIpgOI1LGj2e+EezaPMURldh7XVyZFQpe
QEneaJnJg2ukW0jJpQHnzpObTXJzkXzHxK48Pfh1Tsqc8vtiIiJKF/PcFFO+tgTR
m6KJSUFTdLc=
=uMhZ
-----END PGP SIGNATURE-----
--
Sven Rudolph <sr1@inf.tu-dresden.de> ; WWW : http://www.sax.de/~sr1/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-changes-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: