New version of nis released
Summary
The nis package that was distributed with Debian GNU/Linux 2.1 has a
couple of problems:
* ypserv allowed any machine in the NIS domain to insert new tables
* rpc.yppasswd had a bufferoverflow in its MD5 code
* rpc.yppasswd allowed users to change the GECOS and loginshell entries
of other users
This has been fixed in version 3.5-2. We recommend you upgrade your nis
package immediately.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Source archives:
2.diff.gz
MD5 checksum: 5b41361ce80bd2067c2c40f03ea14ac4
2.dsc
MD5 checksum: 696ad9726555336e8bab482ee8f2f040
MD5 checksum: 368167b1e16eb25ac639935310a26daa
Alpha architecture:
alpha/nis_3.5-2_alpha.deb
MD5 checksum: c0a8066bd00ed4fe10ac4c7294768ede
Intel ia32 architecture:
i386/nis_3.5-2_i386.deb
MD5 checksum: 0cc3b116a4ede4dec99189b9bdb9830a
Motorola 680x0 architecture:
m68k/nis_3.5-2_m68k.deb
MD5 checksum: 5a713462f36bb6faf90d362b5e28aa61
Sun Sparc architecture:
sparc/nis_3.5-2_sparc.deb
MD5 checksum: 9fa64238b625748523e5f5e8591434cd
These files will be moved into
soon.
For not yet released architectures please refer to the appropriate
directory .
- --
For apt-get: deb Debian -- Security Information stable
updates
For dpkg-ftp: dists/stable/updates
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQB1AwUBOBd/VqjZR/ntlUftAQEDaQL/U4xUvtW84sRPjrXQS1kqEE0nyUBqEM8b
T0lVB68/OS1hiwMXAV/oVnBvBnoGSuX0nqA54fcwEBbeagHf7q2/aY/E1C7vPdSU
SrgcxGwjA66YomkzkfBNLHosSMitKE/F
=cEQe
-----END PGP SIGNATURE-----