SUID-Root exploit fix! Perl 5.003.07-10 (i386 source) uploaded to master

To: security@debian.org, debian-changes@lists.debian.org, Guy Maor <maor@ece.utexas.edu>
Subject: SUID-Root exploit fix! Perl 5.003.07-10 (i386 source) uploaded to master
From: "Darren/Torin/Who Ever..." <torin@daft.com>
Date: 21 Apr 1997 23:46:37 -0700
Message-id: <[🔎] 87rag3lfku.fsf@perv.daft.com>

-----BEGIN PGP SIGNED MESSAGE-----

I've uploaded perl 5.003.07-10 to Master's Incoming.  This fixes the
suidperl exploit where you can gain a suid root shell.

Guy, please move this into frozen and unstable as soon as you can.

This version of suid perl fixes the current buffer overrun problem.
We (the perl5-porters team) are hunting down and exterminating all
possible buffer overruns before 5.004 is released.

This is also available at ftp://ftp.daft.com/pub/debian/perl*

Changes:

Format: 1.5
Date: Mon, 21 Apr 1997 20:50:21 -0700
Source: perl
Binary: perl-suid perl-debug perl
Architecture: source i386
Version: 5.003.07-10
Distribution: unstable frozen
Urgency: high
Maintainer: Darren Stalder <torin@daft.com>
Description: 
 perl       - Larry Wall's Practical Extracting and Report Language.
 perl-debug - Allow debugging perl scripts (and perl).
 perl-suid  - Runs setuid perl scripts.
Changes: 
 perl (5.003.07-10) unstable frozen; urgency=HIGH
 .
   * SUID perl patch to fix buffer overrun that allows any user to get a
     suid-root shell.
Files: 
 c5b539a4f7a5841ae43c1bac006191c2 625 interpreters - perl_5.003.07-10.dsc
 eacceea57ef563ad8bcff3cfb4d6db56 29226 interpreters - perl_5.003.07-10.diff.gz
 8e414231c73ed7737839f2cbe1df78fc 2296752 interpreters Important perl_5.003.07-10_i386.deb
 bc150c49a7370d3c2d716ba09ffc67d5 214520 interpreters Standard perl-suid_5.003.07-10_i386.deb
 5013d00fb1c98027934ea889f8ff3ceb 1208658 interpreters Optional perl-debug_5.003.07-10_i386.deb

- -- 
<torin@daft.com> <http://www.daft.com/~torin> <torin@debian.org> <torin@io.com>
Darren Stalder/2608 Second Ave, @282/Seattle, WA 98121-1212/USA/+1-800-921-4996
@ Do you have your clothes on? I probably don't. Take yours off. Feel better. @
@ Sysadmin, webweaver, postmaster for hire.  C/Perl/CGI programmer and tutor. @

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAwUBM1xe3Y4wrq++1Ls5AQH3qAP+IbJ/XYhMYV61mn/2lpnLEhr9l0ERlKem
8rNrCMt7WPF1D6xAbH2KTi3DWCmLWI0/qvADs1r08NZlllxtMgKkO2cleUwfVigG
j+fiaVC7fiSOXnDWQ39g0DydYxKMZUd+eFtgezeL74YGzIEx4W0gaQSp5ieP+3VE
jJXXVgrqInA=
=6INi
-----END PGP SIGNATURE-----


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-changes-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Prev by Date: New package: 2utf uploaded to master.debian.org
Next by Date: Uploaded quota 1.55-7 (source i386) to master
Previous by thread: New package: 2utf uploaded to master.debian.org
Next by thread: Uploaded quota 1.55-7 (source i386) to master
Index(es):
- Date
- Thread