|
Family: Debian Local Security Checks --> Category: infos
[DSA811] DSA-811-2 common-lisp-controller Vulnerability Scan
Vulnerability Scan Summary DSA-811-2 common-lisp-controller
Detailed Explanation for this Vulnerability Test
The bugfix for the problem mentioned below contained an error that
caused third party programs to fail. The problem is corrected by this
update. For completeness we're including the original advisory
text:
François-René Rideau discovered a bug in common-lisp-controller, a
Common Lisp source and compiler manager, that allows a local user to
compile malicious code into a cache directory which is executed by
another user if that user has not used Common Lisp before.
The old stable distribution (woody) is not affected by this problem.
For the stable distribution (sarge) this problem has been fixed in
version 4.15sarge3.
For the unstable distribution (sid) this problem has been fixed in
version 4.18.
We recommend that you upgrade your common-lisp-controller package.
Solution : http://www.debian.org/security/2005/dsa-811
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|