Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 3221-1] das-watchdog security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 3221-1] das-watchdog security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 3221-1] das-watchdog security update
  • Date: Sun, 12 Apr 2015 15:16:32 +0000
  • List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
  • List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
  • Old-return-path: <carnil AT master.debian.org>
  • Priority: urgent
  • Resent-date: Sun, 12 Apr 2015 15:16:50 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <C6gmqCihbJJ.A.TY.ixoKVB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3221-1 security AT debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
April 12, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : das-watchdog
CVE ID : CVE-2015-2831
Debian Bug : 781806

Adam Sampson discovered a buffer overflow in the handling of the
XAUTHORITY environment variable in das-watchdog, a watchdog daemon to
ensure a realtime process won't hang the machine. A local user can
exploit this flaw to escalate his privileges and execute arbitrary
code as root.

For the stable distribution (wheezy), this problem has been fixed in
version 0.9.0-2+deb7u1.

For the unstable distribution (sid), this problem has been fixed in
version 0.9.0-3.1.

We recommend that you upgrade your das-watchdog packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVKowJAAoJEAVMuPMTQ89EQd8QAIwQWC2VVY3qydwraJSrKCPv
cRTq7TTlfni3AVgPJWfc1XKniTh5J4UZILWB+uJ72OxljMXPCwr9F4z0x4G2CG6i
L/YhIoV8bA08bHbV66mp4rtYlsfd49U0Tdtcv+tYy7Lm+GcctGzP2KOmdpE4DFQo
vVAfbp9ujCLMUE9815Bh6vvlxPnZSDWsI8l0bveb05OQXJ3itP1wWY2AIoaTa2jR
DzdptyrMX/41GIrB5OcJK/LaxzBNScMcsl9m8U6j4nfDzssS+9EVmIKa523ESwvT
htkL3I5shSRfGcI0HSUeT1cgnAtophiht73ohkN/pYwvj0/IUNy0jWJ9nqommFw9
kqkTioCcDaGYMGV5Ka5vtjq09CpVuNRiskx+JPL+0BJIQxDfwq8NlUUEqAXFsKcg
Cob1VG6Is4ugKtoX51ThuGeBip+JNxdihfHnGLI3acIQfgqvKCZSeHZ/+T2JnH31
OXBnSPIdHez1zn/pUePNYzWh6ujgWf4SVuDp9vaIvfEgsrgzSTJmVyt3ojSS7kUv
+WlZyQe/M/R91OrpuDjIgcqpd/11Qd/5KzqWtcpTvRQ0zatVxmO+RiMf4P0YU+AA
O1plqey4NZpdzU3wFC9ZuJVPtU91k67W15xW2Z6lOp2ixT6Sysyl2is/j85ck7o5
ETx3fOujyBSSKHAKfCYh
=MMJ0
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST AT lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster AT lists.debian.org
Archive: E1YhJce-0004lG-4H AT master.debian.org">https://lists.debian.org/E1YhJce-0004lG-4H AT master.debian.org



  • [IT-SecNots] [SECURITY] [DSA 3221-1] das-watchdog security update, Salvatore Bonaccorso, 12.04.2015

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang