|
|
|
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] Perl root exploit in Slackware 7.1 & -current
Date: Sat, 2 Sep 2000 15:59:25 -0700 (PDT) |
|
A root exploit was found in the /usr/bin/suidperl5.6.0 program that
shipped with the Slackware 7.1 perl.tgz package.
It is recommended that all users of Slackware 7.1 (and -current) upgrade
to the perl.tgz package available in the Slackware -current branch.
====================================
perl 5.6.0 AVAILABLE - (d1/perl.tgz)
====================================
The root exploit in /usr/bin/suidperl5.6.0 has been patched. Hack
attempts are now logged to /var/log/syslog. The new perl.tgz
package is available from:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/d1/
Here are the md5sums and checksums for the packages:
1027099174 6464627 ./perl.tgz
0dfc1c46e3dd22033850fc69928588ec ./perl.tgz
INSTALLATION INSTRUCTIONS FOR THE perl.tgz PACKAGE:
---------------------------------------------------
If you have downloaded the new perl.tgz package, you should bring
the system into runlevel 1 and run upgradepkg on it:
# telinit 1
# upgradepkg perl.tgz
# telinit 3
Remember, it's also a good idea to backup configuration files before
upgrading packages.
- Slackware Linux Security Team
http://www.slackware.com
|
|
|
