The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SUID-Root exploit fix! Perl 5.003.07-10 (i386 source) uploaded to master

To: security@debian.org, debian-changes@lists.debian.org, Guy Maor <maor@ece.utexas.edu>
Subject: SUID-Root exploit fix! Perl 5.003.07-10 (i386 source) uploaded to master
From: "Darren/Torin/Who Ever..." <torin@daft.com>
Date: 21 Apr 1997 23:46:37 -0700
Delivered-to: bruce-lists--debian-private@lists.debian.org
Delivered-to: security@debian.org
Organization: Discordian Alliance For Teaching
Priority: Urgent
Resent-cc: recipient list not shown: ;
Resent-date: 22 Apr 1997 07:46:41 -0000
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"7IHM31.0.d-5.Wp6Np"@debian>
Resent-sender: debian-private-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----

I've uploaded perl 5.003.07-10 to Master's Incoming.  This fixes the
suidperl exploit where you can gain a suid root shell.

Guy, please move this into frozen and unstable as soon as you can.

This version of suid perl fixes the current buffer overrun problem.
We (the perl5-porters team) are hunting down and exterminating all
possible buffer overruns before 5.004 is released.

This is also available at ftp://ftp.daft.com/pub/debian/perl*

Changes:

Format: 1.5
Date: Mon, 21 Apr 1997 20:50:21 -0700
Source: perl
Binary: perl-suid perl-debug perl
Architecture: source i386
Version: 5.003.07-10
Distribution: unstable frozen
Urgency: high
Maintainer: Darren Stalder <torin@daft.com>
Description: 
 perl       - Larry Wall's Practical Extracting and Report Language.
 perl-debug - Allow debugging perl scripts (and perl).
 perl-suid  - Runs setuid perl scripts.
Changes: 
 perl (5.003.07-10) unstable frozen; urgency=HIGH
 .
   * SUID perl patch to fix buffer overrun that allows any user to get a
     suid-root shell.
Files: 
 c5b539a4f7a5841ae43c1bac006191c2 625 interpreters - perl_5.003.07-10.dsc
 eacceea57ef563ad8bcff3cfb4d6db56 29226 interpreters - perl_5.003.07-10.diff.gz
 8e414231c73ed7737839f2cbe1df78fc 2296752 interpreters Important perl_5.003.07-10_i386.deb
 bc150c49a7370d3c2d716ba09ffc67d5 214520 interpreters Standard perl-suid_5.003.07-10_i386.deb
 5013d00fb1c98027934ea889f8ff3ceb 1208658 interpreters Optional perl-debug_5.003.07-10_i386.deb

- -- 
<torin@daft.com> <http://www.daft.com/~torin> <torin@debian.org> <torin@io.com>
Darren Stalder/2608 Second Ave, @282/Seattle, WA 98121-1212/USA/+1-800-921-4996
@ Do you have your clothes on? I probably don't. Take yours off. Feel better. @
@ Sysadmin, webweaver, postmaster for hire.  C/Perl/CGI programmer and tutor. @

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAwUBM1xe3Y4wrq++1Ls5AQH3qAP+IbJ/XYhMYV61mn/2lpnLEhr9l0ERlKem
8rNrCMt7WPF1D6xAbH2KTi3DWCmLWI0/qvADs1r08NZlllxtMgKkO2cleUwfVigG
j+fiaVC7fiSOXnDWQ39g0DydYxKMZUd+eFtgezeL74YGzIEx4W0gaQSp5ieP+3VE
jJXXVgrqInA=
=6INi
-----END PGP SIGNATURE-----


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Follow-Ups:
- Re: SUID-Root exploit fix! Perl 5.003.07-10 uploaded
  - From: Enrique Zanardi <ezanardi@noah.dfis.ull.es>

Prev by Date: Re: Woo Woo!
Next by Date: security is becoming a real issue
Previous by thread: Re: Woo Woo!
Next by thread: Re: SUID-Root exploit fix! Perl 5.003.07-10 uploaded
Index(es):
- Date
- Thread