New version of dump released.
Posted by LinuxSecurity.com Team   
Debian The version of dump that was distributed with Debian GNU/Linux 2.1 suffers from a problem with restoring symbolic links.
-----BEGIN PGP SIGNED MESSAGE-----

- ------------------------------------------------------------------------
Debian Security Advisory                             security@debian.org
http://www.debian.org/security/      
                   Wichert Akkerman
December  2, 1999
- ------------------------------------------------------------------------


The version of dump that was distributed with Debian GNU/Linux 2.1
suffers from a problem with restoring symbolic links. 

This has been fixed in version 0.4b9-0slink1. We recommend you upgrade
your dump package immediately.

This version "Uses lchown instead of chown, fixing a possible security
 problem when restoring symlinks (a malicious user could use this to
 deliberately corrupt the ownership of important system files)".

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.1 alias slink
- --------------------------------

  This version of Debian was released only for Intel, the Motorola
  680x0, the alpha and the Sun sparc architecture.


Source archives:
 http://security.debian.org/dists/stable/updates/source/dump_0.4b9-
0slink1.dsc
 MD5 checksum: 02974dac4f42f1b4959fabda825ebca3 

 http://security.debian.org/dists/stable/updates/source/dump_0.4
b9-0slink1.diff.gz
 MD5 checksum: 0323e77166ae759ed6b8de3687f97384 

 http://security.debian.org/dists/stable/updates/source/dump_0.4b9.orig.tar.
gz
 MD5 checksum: d865a4e26c528138d633618fb7f6a829 

Alpha architecture:
 http://security.debian.org/dists/stable/updates/binary-
alpha/dump_0.4b9-0slink1_alpha.deb
 MD5 checksum: ee335c04fef89dab51cac3443cd9cea4 

Intel ia32 architecture:
 http://security.debian.org/dists/stable/updates/binary-
i386/dump_0.4b9-0slink1_i386.deb
 MD5 checksum: 959fcc1e72a8871d76d1b5bd2aeb7ce3 

Motorola 680x0 architecture:
 http://security.debian.org/dists/stable/updates/binary-
m68k/dump_0.4b9-0slink1_m68k.deb
 MD5 checksum: 8ff3687f65ae3a32814001e003881017

Sun Sparc architecture:
 http://security.debian.org/dists/stable/updates/binary-
sparc/dump_0.4b9-0slink1_sparc.deb
 MD5 checksum: 10c541690b5aa00a758e7bf78fe5d5c2


  These files will be moved into
  ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.
- -- 
- ----------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable 
updates
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates
Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQB1AwUBOEboXKjZR/ntlUftAQHYVQL/a53YI94rxbEHgbQvUq/kkLhq/mbJ54oG
FMMEO3B6n7nTx72yQrx/bt4RLCKsgtF5Oj3X1BdH/Wb+snF1fa2mmWDeN/q64LOe
G+vEhu1d10wA/nyOPJ1qiSI2DMQtnF7A
=gmhb
-----END PGP SIGNATURE-----