We have found that the tcsh shell had a problem with very long pathnames. When a very long path was encountered tcsh failed to check the result of getcwd() in all places, which could be exploited. We recommend you upgrade your tcsh package immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.0 alias hamm ------------------------------- This version of Debian was released only for the Intel and the Motorola 68xxx architecture. Source archives: ftp://ftp.debian.org/debian/dists/proposed-updates/tcsh_6.07.06-5.diff.gz MD5 checksum: f4baf1bbcb929759e75a05999d45ceab ftp://ftp.debian.org/debian/dists/proposed-updates/tcsh_6.07.06-5.dsc MD5 checksum: 81a5051fe01fb0f1625d1d118518dd16 Intel architecture: ftp://ftp.debian.org/debian/dists/proposed-updates/tcsh_6.07.06-5_i386.deb MD5 checksum: 003be425c66011b1decab1ce5ec8fbb5 ftp://ftp.debian.org/debian/dists/proposed-updates/tcsh_6.07.06-5_i386.changes MD5 checksum: 72bed24a5a562e87d7cf57a1a2ca5b62 Motorola 68xxx architecture: ftp://ftp.debian.org/debian/dists/proposed-updates/tcsh_6.07.06-5_m68k.deb MD5 checksum: e319d92dc3fbaa0e4d897963a04695df ftp://ftp.debian.org/debian/dists/proposed-updates/tcsh_6.07.06-5_m68k.changes MD5 checksum: c1e591378e52527a3b932adb69c47549 Common files: ftp://ftp.debian.org/debian/dists/proposed-updates/tcsh-i18n_6.07.06-5_all.deb MD5 checksum: b5f2a7ffe547ba8b471cbc2c2f7d391b These files will be moved into ftp://ftp.debian.org/debian/dists/hamm/main/binary-$arch/ soon. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . -- Debian GNU/Linux . Security Managers . security@debian.org debian-security-announce@lists.debian.org Christian Hudon . Wichert Akkerman . Martin Schulze <chrish@debian.org> . <wakkerma@debian.org> . <joey@debian.org>
Attachment:
pgp1EEeDdBFz3.pgp
Description: PGP signature