Skip Quicknav

• About Debian
• News
• Getting Debian
• Support
• Developers' Corner
• Site map
• Search

Debian Security Advisory

dump -- problem restoring symlinks

Date Reported:

02 Dec 1999

Affected Packages:

dump

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2000-0366.

More information:

The version of dump that was distributed with Debian GNU/Linux 2.1 suffers from a problem with restoring symbolic links.

This has been fixed in version 0.4b9-0slink1. We recommend you upgrade your dump package immediately.

This version "Uses lchown instead of chown, fixing a possible security problem when restoring symlinks (a malicious user could use this to deliberately corrupt the ownership of important system files)".

Fixed in:

Source:

http://security.debian.org/dists/slink/updates/source/dump_0.4b9-0slink1.dsc

http://security.debian.org/dists/slink/updates/source/dump_0.4b9-0slink1.diff.gz

http://security.debian.org/dists/slink/updates/source/dump_0.4b9.orig.tar.gz

alpha:

http://security.debian.org/dists/slink/updates/binary-alpha/dump_0.4b9-0slink1_alpha.deb

i386:

http://security.debian.org/dists/slink/updates/binary-i386/dump_0.4b9-0slink1_i386.deb

m68k:

http://security.debian.org/dists/slink/updates/binary-m68k/dump_0.4b9-0slink1_m68k.deb

sparc:

http://security.debian.org/dists/slink/updates/binary-sparc/dump_0.4b9-0slink1_sparc.deb

This page is also available in the following languages:

Deutsch español français hrvatski 日本語 (Nihongo) svenska

How to set the default document language