[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

svgalib-1.28-2 (a.out) security fix released

This (a.out) release works around a security hole in previous releases
of svgalib; it should therefore go in the stable tree.

You can fix the security hole by removing the setuid bit from
restorefont with the command:

	chmod 750 /usr/bin/restorefont

as root if you don't want to install the new package.  There are a
couple of other changes, however, and it's important that the version
in the distribution is OK - Ian, could you put it in the stable tree

Sun Jan  7 15:58:12 1996  Richard Kettlewell  <richard@sfere.elmail.co.uk>

	* remove setuid bit from restorefont - this is a workaround to
	avoid a security hole.

Thu Nov 23 18:20:52 1995  Richard Kettlewell  <richard@sfere.elmail.co.uk>

	* (bug #1881) ensure ownerships are correct in postinst.

Fri Nov  3 19:27:15 1995  Richard Kettlewell  <richard@sfere.elmail.co.uk>

	* include svgalib README file in /usr/doc (thanks Jon)

-rw-r--r--   1 richard  src        182742 Jan  7 20:00 svgalib-1.28-2.deb
-rw-rw-r--   1 richard  src          8832 Jan  7 20:00 svgalib-1.28-2.diff.gz
-rw-rw-r--   1 richard  src        363621 Jan  7 20:00 svgalib-1.28-2.tar.gz
42685d6714500cba4139ef9a4ba609f7  svgalib-1.28-2.deb
e067ffc01d07687ea68e8ced1a25571d  svgalib-1.28-2.tar.gz
fd95deb3e39f60b80bf842f6ac245201  svgalib-1.28-2.diff.gz

Reply to: