Debian Security Advisory
man-db -- Symlink attack
- Date Reported:
- 12 Jun 1999
- Affected Packages:
-
man-db
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-1999-0730.
- More information:
- We have received reports that the man-db package as
supplied in Debian GNU/Linux 2.1 has a vulnerability in the zsoelim program:
it was vulnerable to a symlink attack. This has been fixed in version
2.3.10-69FIX.1
- Fixed in:
-
- alpha:
- http://security.debian.org/dists/stable/updates/binary-alpha/man-db_2.3.10-69FIX.1_alpha.deb
- i386:
- http://security.debian.org/dists/stable/updates/binary-i386/man-db_2.3.10-69FIX.1_i386.deb
- m68k:
- http://security.debian.org/dists/stable/updates/binary-m68k/man-db_2.3.10-69FIX.1_m68k.deb
- sparc:
- http://security.debian.org/dists/stable/updates/binary-sparc/man-db_2.3.10-69FIX.1_sparc.deb
