Re: Apt-get only security patches
On Wed, 7 May 2003 10:35:45 +0200, Rudolph van Graan wrote:
>... For example on one of my "stable" machines,
>the following happens when I do apt-get upgrade -u:
>
>The following packages will be upgraded
> kdewallpapers mime-support
>2 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
>Need to get 0B/1030kB of archives. After unpacking 105kB will be freed.
>Do you want to continue? [Y/n]
>
>Obviously neither is of real security importance
The mime-support update *is* a security update !
See http://www.debian.org/security/2003/dsa-292
"When a temporary file is to be used it is created insecurely"
"allows local users to overwrite arbitrary files via a symlink attack
on temporary files"
So if you're the only user on the machine then I suppose you needn't
worry.
Cheers
Nick Boyce
Bristol, UK
--
There is no spoon.
Reply to: