Debian: [UPDATED] 'exuberant-ctags' vulnerability
Posted by LinuxSecurity.com Team   
Debian Colin Phipps discovered that the exuberant-ctags packages as distributed with Debian GNU/Linux 2.2 creates temporary files insecurely. The updated exuberant-ctags that was mentioned in DSA-046-1 was unfortunately compiled incorrectly.

------------------------------------------------------------------------
Debian Security Advisory DSA-046-2                   security@debian.org 
http://www.debian.org/security/                         Wichert Akkerman
April 19, 2001
------------------------------------------------------------------------


Package        : exuberant-ctags
Problem type   : recompile of sparc package
Debian-specific: yes

The updated exuberant-ctags that was mentioned in DSA-046-1 was
unfortunately compiled incorrectly: the stable chroot we used
turned out to be running unstable instead.

A new package with version 1:3.2.4-0.1.1 has been made that is
correctly compiled.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.2 alias potato
---------------------------------

  This advisory only updated the sparc package.

  Sun Sparc architecture:
     http://security.debian.org/dists/stable/updates/main/binary-sparc/exuberant-ctags_3.2.4-0.1.1_sparc.deb

  Thise file will be moved into stable on its next revision.

For not yet released architectures please refer to the appropriate
directory  ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .

--
----------------------------------------------------------------------------
apt-get: deb  http://security.debian.org/ stable/updates main
dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org