Advisories
Mandriva Advisories
|
 |
| Problem Description |
When exiting joe in a non-standard way (such as a system crash, closing
an xterm, or a network connection going down), joe will unconditionally
append its open buffers to the file DEADJOE. This can be exploited by
the creation of DEADJOE symlinks in directories where root would
normally use joe. In this way, joe could be used to append garbage to
potentially sensitive files, resulting in a denial of service or other
problems.
Users of Linux-Mandrake 7.0 and earlier should also note that joe's
configuration files have moved from /usr/lib/joe to /etc/joe.
| Updated Packages |
Mandrakelinux 6.0
13d170b6ea743268d043d27ec13125b2 6.0/RPMS/joe-2.8-21.3mdk.i586.rpm 65c55ab73e66ea67ded58fb77a5fc7ea 6.0/SRPMS/joe-2.8-21.3mdk.src.rpm
Mandrakelinux 6.1
8078bad4421a6e7090b23f6cf1f457df 6.1/RPMS/joe-2.8-21.3mdk.i586.rpm 65c55ab73e66ea67ded58fb77a5fc7ea 6.1/SRPMS/joe-2.8-21.3mdk.src.rpm
Mandrakelinux 7.0
51c84ed7c0d859ae7c08414b92f54acc 7.0/RPMS/joe-2.8-21.3mdk.i586.rpm 65c55ab73e66ea67ded58fb77a5fc7ea 7.0/SRPMS/joe-2.8-21.3mdk.src.rpm
Mandrakelinux 7.1
970975000a64dc08d8498f8d3e5d25f8 7.1/RPMS/joe-2.8-21.2mdk.i586.rpm 09652438758712eff7e04380c5d73013 7.1/SRPMS/joe-2.8-21.2mdk.src.rpm
Mandrakelinux 7.2
409c7433858b819619f481597fbb18ea 7.2/RPMS/joe-2.8-21.1mdk.i586.rpm 736f08c1c8633667075e0d7f395b9697 7.2/SRPMS/joe-2.8-21.1mdk.src.rpm
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.