Advisories

Mandriva Advisories

Package name	minicom
Date	May 10th, 2001
Advisory ID	MDKSA-2001:051
Affected versions	7.1, 7.2, 8.0, CS1.0
Synopsis	Updated minicom packages fix format string vulnerabilities

Problem Description

Several format string vulnerabilities exist in the minicom program.
These bugs can be exploited to obtain group uucp privilege. A simple
fix is to simply remove the setgid bit on /usr/bin/minicom, however
these new packages introduce some fixes for the vulnerabilties through
a patch from Red Hat, and also strip the setgid bit.

Updated Packages

Mandrakelinux 7.1

 299c307031d3bf291e8c69417f478b78  7.1/RPMS/minicom-1.83.1-3.2mdk.i586.rpm
37356fbff29a5dbec4c7061092c1602e  7.1/SRPMS/minicom-1.83.1-3.2mdk.src.rpm

Mandrakelinux 7.2

 0fc056ca6af11e35c620239c8a2c449e  7.2/RPMS/minicom-1.83.1-3.1mdk.i586.rpm
8d75daa644c9e2d49d6b292c86a802d9  7.2/SRPMS/minicom-1.83.1-3.1mdk.src.rpm

Mandrakelinux 8.0

 d7a4e76ac4590a335df65145a5160652  8.0/RPMS/minicom-1.83.1-6.1mdk.i586.rpm
56ea4ba4b7b89eb265cb394876ed365d  8.0/SRPMS/minicom-1.83.1-6.1mdk.src.rpm

Corporate Server 1.0.1

 299c307031d3bf291e8c69417f478b78  1.0.1/RPMS/minicom-1.83.1-3.2mdk.i586.rpm
37356fbff29a5dbec4c7061092c1602e  1.0.1/SRPMS/minicom-1.83.1-3.2mdk.src.rpm

References

http://www.securityfocus.com/frames/?content=/vdb/bottom.html?vid=2681

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer