-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2003-16
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date : 12 Mar 2003
Last revised : 01 Apr 2003
Package : file
Summry : Buffer overflow
More information :
Buffer overflow exists in the file command.
Impact :
The third party can execute arbitrary code by the privileges of users.
Affected Products :
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
- Turbolinux 7 Workstation
- Turbolinux Server 6.5
- Turbolinux Advanced Server 6
- Turbolinux Server 6.1
- Turbolinux Workstation 6.0
Solution :
Please use turbopkg tool to apply the update.
If you need to confirm the version of current installed
package, please issue rpm command as :
# rpm -qa | grep PACKAGE-NAME
<Turbolinux 8 Server>
Source Packages
Size : MD5
file-3.41-1.src.rpm
203485 e711b1cb4e488d73a81d375db94a2f74
Binary Packages
Size : MD5
file-3.41-1.i586.rpm
156401 6a5831883a4c4fa738d28a25e57c64fd
<Turbolinux 8 Workstation>
Source Packages
Size : MD5
file-3.41-1.src.rpm
203485 f0735057e2780f7584c444577c90bb66
Binary Packages
Size : MD5
file-3.41-1.i586.rpm
156477 188b88c7d89553aeb1ebf931e76459fe
<Turbolinux 7 Server>
Source Packages
Size : MD5
file-3.41-1.src.rpm
203485 a51a0ff42a9cfd391be92d1050c16925
Binary Packages
Size : MD5
file-3.41-1.i586.rpm
155209 2d51a2f2c0efe612d2372574d67f2af1
<Turbolinux 7 Workstation>
Source Packages
Size : MD5
file-3.41-1.src.rpm
203485 2485885445a7a8753dc63e36985cda55
Binary Packages
Size : MD5
file-3.41-1.i586.rpm
155304 eb60348a736239ebd1533293206d6501
<Turbolinux Server 6.5>
Source Packages
Size : MD5
file-3.41-1.src.rpm
203485 13db71830e6dd4a3c747a55cb001c5c3
Binary Packages
Size : MD5
file-3.41-1.i386.rpm
182387 2ff2801fca9ecf44495c27dd256ef259
<Turbolinux Advanced Server 6>
Source Packages
Size : MD5
file-3.41-1.src.rpm
203485 3f28477205dbe4682bf5736b695518d2
Binary Packages
Size : MD5
file-3.41-1.i386.rpm
182409 b266b469a007ac210dff117eac428760
<Turbolinux Server 6.1>
Source Packages
Size : MD5
file-3.41-1.src.rpm
203485 a5db71ff0f9fe3b61a703d860c793486
Binary Packages
Size : MD5
file-3.41-1.i386.rpm
182390 b0a00c7eaf4bc05e1aa3ade544659d2f
<Turbolinux Workstation 6.0>
Source Packages
Size : MD5
file-3.41-1.src.rpm
203485 0bd98f5675a82232933cba1a8a907ae9
Binary Packages
Size : MD5
file-3.41-1.i386.rpm
182343 2ff49977169ae9782c2d574841e1ff1a
References :
Fine Free File Command
http://www.darwinsys.com/freeware/file.html
--------------------------------------------------------------------------
Revision History
12 Mar 2003 Initial release
01 Apr 2003 modifyed file size
--------------------------------------------------------------------------
Copyright(C) 2003 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+iVupK0LzjOqIJMwRAmMPAKCSl+CHE2pbzzYX+ES0oeqDcQ6cOwCeLt8/
UNUBVtwGu6HsyVmTjEdtX18=
=5lvV
-----END PGP SIGNATURE-----