和Debian GNT/Linux 2.1一起发行的apcd软件包存在符号链接漏洞。当apcd进程接收到一个SIGUSR1信号时,会将其状态信息保存到/tmp/upsstat。然而由于这个文件没有被安全地打开,可能会导致符号链接攻击。 Debian GNU/Linux 2.1 该漏洞在0.6a.nr-4slink1版本中被修补,建议立刻升级apcd软件包。 Source archives: <a href=http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr-4slink1.diff.gz target=_blank>http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr-4slink1.diff.gz</a> MD5 checksum: 418d34e54e080c2129b8a686e8423d6d <a href=http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr-4slink1.dsc target=_blank>http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr-4slink1.dsc</a> MD5 checksum: f9be18f528e8a067696673337e1198ca <a href=http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr.orig.tar.gz target=_blank>http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr.orig.tar.gz</a> MD5 checksum: 4a714a8de33cc482b678c0d21b26d76e Alpha architecture: <a...
和Debian GNT/Linux 2.1一起发行的apcd软件包存在符号链接漏洞。当apcd进程接收到一个SIGUSR1信号时,会将其状态信息保存到/tmp/upsstat。然而由于这个文件没有被安全地打开,可能会导致符号链接攻击。 Debian GNU/Linux 2.1 该漏洞在0.6a.nr-4slink1版本中被修补,建议立刻升级apcd软件包。 Source archives: <a href=http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr-4slink1.diff.gz target=_blank>http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr-4slink1.diff.gz</a> MD5 checksum: 418d34e54e080c2129b8a686e8423d6d <a href=http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr-4slink1.dsc target=_blank>http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr-4slink1.dsc</a> MD5 checksum: f9be18f528e8a067696673337e1198ca <a href=http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr.orig.tar.gz target=_blank>http://security.debian.org/dists/stable/updates/source/apcd_0.6a.nr.orig.tar.gz</a> MD5 checksum: 4a714a8de33cc482b678c0d21b26d76e Alpha architecture: <a href=http://security.debian.org/dists/stable/updates/binary-alpha/apcd_0.6a.nr-4slink1_alpha.deb target=_blank>http://security.debian.org/dists/stable/updates/binary-alpha/apcd_0.6a.nr-4slink1_alpha.deb</a> MD5 checksum: 00210d5c30732f2bbaf68291f2d7e8d8 Intel ia32 architecture: <a href=http://security.debian.org/dists/stable/updates/binary-i386/apcd_0.6a.nr-4slink1_i386.deb target=_blank>http://security.debian.org/dists/stable/updates/binary-i386/apcd_0.6a.nr-4slink1_i386.deb</a> MD5 checksum: cff51852635922507c37f96df99d8e76 Motorola 680x0 architecture: <a href=http://security.debian.org/dists/stable/updates/binary-m68k/apcd_0.6a.nr-4slink1_m68k.deb target=_blank>http://security.debian.org/dists/stable/updates/binary-m68k/apcd_0.6a.nr-4slink1_m68k.deb</a> MD5 checksum: 827079cf5f0819653635873ded1f4a75 Sun Sparc architecture: <a href=http://security.debian.org/dists/stable/updates/binary-sparc/apcd_0.6a.nr-4slink1_sparc.deb target=_blank>http://security.debian.org/dists/stable/updates/binary-sparc/apcd_0.6a.nr-4slink1_sparc.deb</a> MD5 checksum: d56b7b9ea14c4af81856dd3e1b480e92 These files will be moved into <a href=ftp://ftp.debian.org/debian/dists/stable/ target=_blank>ftp://ftp.debian.org/debian/dists/stable/</a>*/binary-$arch/ soon. For not yet released architectures please refer to the appropriate directory <a href=ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ target=_blank>ftp://ftp.debian.org/debian/dists/sid/binary-$arch/</a> .
