Slackware: local /tmp vulnerability
Summary
Where Find New Packages
MD5 Signatures
Installation Instructions
A local /tmp bug in the /usr/sbin/ppp-off program was found. This bug could allow a local user to corrupt system files. A fix has been made and an updated package is now available in the -current branch. The package described below will work for users of Slackware 7.0, 7.1, and -current. ================================= ppp package updated - (n1/ppp.tgz) ================================= A local /tmp bug in the /usr/sbin/ppp-off program has been found and fixed. The new ppp.tgz package is available from: For verification purposes, we provide the following checksums: 16-bit "sum" checksum: 60573 191 n1/ppp.tgz 128-bit MD5 message digest: c879dd34413a5d9cf367640206492852 n1/ppp.tgz INSTALLATION INSTRUCTIONS FOR THE ppp.tgz PACKAGE: -------------------------------------------------- Disable any running pppd processes: # killall pppd Then issue this command: # upgradepkg ppp.tgz Remember, it's also a good idea to backup configuration files before upgrading packages. - Slackware Linux Security Team The Slackware Linux Project