Debian: 'sysklogd' vulnerability
Posted by LinuxSecurity.com Team   
Debian Multiple vulnerabilities have been reported in syslogd and klogd.
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------
Debian Security Advisory                                 security@debian.org 
http://www.debian.org/security/                                Michael Stone
September 19, 2000
- ----------------------------------------------------------------------------

Package: sysklogd
Vulnerability: root exploit
Debian-specific: no

Multiple vulnerabilities have been reported in syslogd and klogd. A
local root exploit is possible, and remote exploits may be possible in
some cases (though we are not currently aware of a remote exploit.)

Fixed packages are available in version 1.3-31.slink1 for Debian 2.1
(slink) and version 1.3-33.1 for Debian 2.2 (potato). We recommend
upgrading your sysklogd package immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.


Debian GNU/Linux 2.1 (alias slink)
- ----------------------------------
  
  We are releasing slink packages for i386 at this time. m68k packages
  will be available at  http://security.debian.org/
  
  Source archives:
 
http://security.debian.org/dists/slink/updates/source/sysklogd_1.3.orig.tar.gz
      MD5 checksum: 2e84beeafe23653205f3d3bf47a3a6bb
 
http://security.debian.org/dists/slink/updates/source/sysklogd_1.3-31.slink1.diff.gz  
      MD5 checksum: 8dd9c4b948b51b9eb685deea4fab3855
 
http://security.debian.org/dists/slink/updates/source/sysklogd_1.3-31.slink1.dsc
      MD5 checksum: 4f0820b82e169c112bdc785b9fc6671f

  Intel ia32 architecture:
    
http://security.debian.org/dists/slink/updates/binary-i386/sysklogd_1.3-31.slink1_i386.deb
      MD5 checksum: 2d66ce993f7340742935f62a2d299233

Debian GNU/Linux 2.2 (alias potato)
- -----------------------------------

  Potato was released for the alpha, arm, i386, m68k, powerpc and sparc
  architectures. At this moment packages for m68k and powerpc are not
  yet available. As soon as they are ready we will put them online and
  list them on the security pages at  http://security.debian.org/.

  Source archives:
    
http://security.debian.org/dists/potato/updates/main/source/sysklogd_1.3-33.1.diff.gz
      MD5 checksum: 92b0b4b2a442c1e2a791980ac1e0863d
    
http://security.debian.org/dists/potato/updates/main/source/sysklogd_1.3-33.1.dsc
      MD5 checksum: 4b522c8b0a2074c776d6faa2660cfee7
    
http://security.debian.org/dists/potato/updates/main/source/sysklogd_1.3.orig.tar.gz
      MD5 checksum: 2e84beeafe23653205f3d3bf47a3a6bb

  Alpha architecture:
    
http://security.debian.org/dists/potato/updates/main/binary-alpha/sysklogd_1.3-33.1_alpha.deb
      MD5 checksum: 357088a0d8519f8b510760e7f25bdd4f

  ARM architecture:
    
http://security.debian.org/dists/potato/updates/main/binary-arm/sysklogd_1.3-33.1_arm.deb
      MD5 checksum: d8d6888e635c121afa8c9dfa9e223046

  Intel ia32 architecture:
    
http://security.debian.org/dists/potato/updates/main/binary-i386/sysklogd_1.3-33.1_i386.deb
      MD5 checksum: 98826c90c295cf4a42ba71d499c097f9

  Sun Sparc architecture:
    
http://security.debian.org/dists/potato/updates/main/binary-sparc/sysklogd_1.3-33.1_sparc.deb
      MD5 checksum: 2f3c6a50922a6392d3ad68f1d8b6a754


- ----------------------------------------------------------------------------
For apt-get: deb  http://security.debian.org/ potato/updates main
For dpkg-ftp:  ftp://security.debian.org/debian-security dists/potato/updates/main
Mailing list: debian-security-announce@lists.debian.org


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQCVAwUBOcegkg0hVr09l8FJAQFCFQP9FLveD/msoidM/YS10Bxv7BOGKZWZGtQW
yddg6s2FcoRy//IbxO8NrJbfTodGS/4CY4/84Blb2I8nbuT2w8ZrjFvsGJCg9YUQ
ZlQ8N+4mZUte1AqLJQxRPlWK+KiBdHTEmq/Ta3y6tu4riYpHxxeHFKu3kVK3PugA
P/k44fP8zcw=
=Wm10
-----END PGP SIGNATURE-----