firehol: Fixes vulnerabilities where malicious local system users could use FireHOL'sf
Cristian Aravena Romero
caravena at gmail.com
Mon Jan 31 02:57:25 UTC 2005
Package: firehol
Version: 1.191-1
Severity: normal
Tags: security
Jan 30, 2005, FireHOL R5 v1.226 released.
This release fixes vulnerabilities where malicious local system users
could use FireHOL's temporary files to overwrite arbitrary files on the
system (See Secunia Advisory SA13970).
All users are advised to update to this version.
This release includes new service definitions: ANYSTATELESS, TIMESTAMP
and DICT. The following helpers have been added: TRANSPARENT_PROXY.
Also, added support for knockd as an argument to the accept action.
-- System Information:
Debian Release: testing/unstable
Architecture: i386 (i686)
Kernel: Linux 2.6.8.1-4-k7
Locale: LANG=es_CL, LC_CTYPE=es_CL
Versions of packages firehol depends on:
ii bash 2.05b-15ubuntu5 The GNU Bourne Again SHell
ii bc 1.06-15 The GNU bc arbitrary precision cal
ii iproute 20010824-13.1 Professional tools to control the
ii iptables 1.2.9-10 Linux kernel 2.4+ iptables adminis
ii less 381-3 Pager program similar to more
ii net-tools 1.60-10ubuntu2 The NET-3 networking toolkit
-- no debconf information
More information about the ubuntu-users
mailing list