[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: debian e seguranca

On 15-Mar-2001 Flavio Alberto wrote:
> Estou utilizando Debian 2.2.r2 e setado meu sourcers list para stable...
> algumas atualizacoes de seguranca foram baixadas e instaladas... mas o
> qpopper continua 2.53 o qual posui alguns furos.. eu queria saber porque a
> debian nao atualiza este pacote ja que ele possui furos....
> 
> Security Vulnerability
> Some versions of Qpopper are vulnerable to buffer overruns.  Qpopper 2.41
> and older can be used to obtain root access to your system.  Qpopper 2.53
> and older may permit an attacker who has access to a valid account to obtain
> a shell with group-id 'mail', potentially allowing read/write access to all
> mail.

Coloque o security.debian.org em seu sources.list:

deb http://security.debian.org/ stable/updates main

Recomendo que você, e todo mundo que roda stable, assine também a lista
debian-security-announce@lists.debian.org.

> 
> 

-- 
Carlos Laviola - ICQ 55799523
pub  1024D/3516D372 2000-06-05 Carlos Laviola <claviola@ajato.com.br>
     Key fingerprint = 3BE1 6591 C78C 2AA4 31DD  AEEF 6406 0227 3516 D372

Attachment: pgpVt5vpQYyu8.pgp
Description: PGP signature

Reply to: