security issue with beast wrappers
Bug #93531 reported by
Stefan Westerfeld
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
beast (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: beast
A security problem has been found in beasts suid wrappers. The recommended way to deal with this is to upgrade the package to at least 0.7.1. Here is an excerpt from the 0.7.1 release notes:
Overview of Changes in BEAST/BSE 0.7.1:
* Fixed SUID security vulnerability by validating success of seteuid/setreuid,
related security advisories, describing the vulnerability:
http://
http://
To post a comment you must log in.
This was fixed in Gutsy:
beast (0.6.6-9) unstable; urgency=high
* debian/ patches/ 011_suidmain_ CVE-2006- 2916_CVE- 2006-4447. diff:
+ Spelling fix in error message.
And partly in Feisty:
beast (0.6.6-8) unstable; urgency=high
<snip>
* debian/ patches/ 011_suidmain_ CVE-2006- 2916_CVE- 2006-4447. diff:
+ Security fix for a vulnerability in the suid wrappers similar to the
ones found in CVE-2006-2916 and CVE-2006-4447.