[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1640-1] tmpreaper security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : tmpreaper
Version        : 1.6.13+nmu1+deb8u1
CVE ID         : CVE-2019-3461
Debian Bug     : 918956

It was discovered that tmpreaper, a program that cleans up files in
directories based on their age, is vulnerable to a race condition. This
vulnerability might be exploited by local attackers to perform privilege
escalation.

For Debian 8 "Jessie", this problem has been fixed in version
1.6.13+nmu1+deb8u1.

We recommend that you upgrade your tmpreaper packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlxKHHcACgkQZYVUZx9w
0DR7ugf9GGdAdqrSrqvuMSx1Fff8XH2QWYDMZIJvnkoyfTFv3s0JFUslx8Q2EXgy
F2Ke5OZoH+mj4FVXIZ3nLLBZZdOia93XJil2GLse7hfYlifp/6Y36lc3xinm49jw
pW4XX4UtV9rv4cDdfY1f2qVeNeHVXJNxJtwSQiNjMWgbPappUry/8x9SUDF9irOt
7qxXbGkEqLYyBP4sxk/XIXlln8pD8aILRrYdeZs+EldvfDz/rBwn1D80/PqiLAaV
AmR859D7fElmCiSn4F9U1o5x8zuQvGboEvJeo01cFcD82grNtqYVCEIzDa6BckeJ
ZL8MrZfs3osmT4SZJQNeJS474YFoqw==
=V/nR
-----END PGP SIGNATURE-----


Reply to: