diff options
author | Darren Benham <gecko> | 1998-10-28 19:43:00 +0000 |
---|---|---|
committer | Darren Benham <gecko> | 1998-10-28 19:43:00 +0000 |
commit | 7c4340e9e626cc76b4c7b8ad7255ce368d8a6c67 (patch) | |
tree | 153b5b1420d6561a02d07377808606e87aef93a0 | |
parent | 40990ce3527fc38b41185b80bd49f73660ebe61a (diff) |
all the existing security pages :)
CVS version numbers
english/Make.lang: 1.3 -> 1.4
english/Make.templ.inc: 1.2 -> 1.3
english/News/1998/19981027.wml: 1.1 -> 1.2
english/News/1998/Makefile: 1.13 -> 1.14
english/security/index.wml: 1.12 -> 1.13
english/security/sperl.html: 1.1 -> 1.2(DEAD)
english/security/ssh.html: 1.1 -> 1.2(DEAD)
english/security/svgalib.html: 1.1 -> 1.2(DEAD)
english/security/teardrop.html: 1.1 -> 1.2(DEAD)
english/security/template.html: 1.1 -> 1.2(DEAD)
english/security/xfree.html: 1.1 -> 1.2(DEAD)
english/security/xfree2.html: 1.1 -> 1.2(DEAD)
english/security/xfree3.html: 1.1 -> 1.2(DEAD)
english/security/undated/1sperl.wml: INITIAL -> 1.1
english/security/undated/1ssh.wml: INITIAL -> 1.1
english/security/undated/1svgalib.wml: INITIAL -> 1.1
english/security/undated/1teardrop.wml: INITIAL -> 1.1
english/security/undated/1xfree.wml: INITIAL -> 1.1
english/security/undated/1xfree2.wml: INITIAL -> 1.1
english/security/undated/1xfree3.wml: INITIAL -> 1.1
english/template/debian/menubar.wml: 1.12 -> 1.13
-rw-r--r-- | english/Make.lang | 4 | ||||
-rw-r--r-- | english/Make.templ.inc | 2 | ||||
-rw-r--r-- | english/News/1998/19981027.wml | 2 | ||||
-rw-r--r-- | english/News/1998/Makefile | 1 | ||||
-rw-r--r-- | english/security/index.wml | 40 | ||||
-rw-r--r-- | english/security/sperl.html | 34 | ||||
-rw-r--r-- | english/security/ssh.html | 34 | ||||
-rw-r--r-- | english/security/svgalib.html | 34 | ||||
-rw-r--r-- | english/security/teardrop.html | 35 | ||||
-rw-r--r-- | english/security/template.html | 79 | ||||
-rw-r--r-- | english/security/undated/1sperl.wml | 17 | ||||
-rw-r--r-- | english/security/undated/1ssh.wml | 17 | ||||
-rw-r--r-- | english/security/undated/1svgalib.wml | 17 | ||||
-rw-r--r-- | english/security/undated/1teardrop.wml | 18 | ||||
-rw-r--r-- | english/security/undated/1xfree.wml | 17 | ||||
-rw-r--r-- | english/security/undated/1xfree2.wml | 17 | ||||
-rw-r--r-- | english/security/undated/1xfree3.wml | 18 | ||||
-rw-r--r-- | english/security/xfree.html | 32 | ||||
-rw-r--r-- | english/security/xfree2.html | 35 | ||||
-rw-r--r-- | english/security/xfree3.html | 30 | ||||
-rw-r--r-- | english/template/debian/menubar.wml | 2 |
21 files changed, 126 insertions, 359 deletions
diff --git a/english/Make.lang b/english/Make.lang index ef4c0185de8..3d43ffd8715 100644 --- a/english/Make.lang +++ b/english/Make.lang @@ -19,5 +19,5 @@ WML=wml -q -o $(@D)/$(@F) WMLFILES := $(wildcard *.wml) HTMLFILES := $(patsubst %.wml,$(HTMLDIR)/%.html.$(LANGUAGE),$(WMLFILES)) -JPGSOURCE := $(wildcard *.gif) -JPGDEST := $(patsubst %.gif,$(HTMLDIR)/%.gif,$(JPGSOURCE)) +JPGSOURCE := $(wildcard *.jpg) +JPGDEST := $(patsubst %.jpg,$(HTMLDIR)/%.jpg,$(JPGSOURCE)) diff --git a/english/Make.templ.inc b/english/Make.templ.inc index c2275d1323a..a5db1350081 100644 --- a/english/Make.templ.inc +++ b/english/Make.templ.inc @@ -1,7 +1,7 @@ $(HTMLDIR)/%.html.$(LANGUAGE) : %.wml $(TEMPLDIR)/template.wml $(TEMPLDIR)/languages.wml $(WML) $(EPILOG) $(<F) -$(HTMLDIR)/%.gif : %.gif +$(HTMLDIR)/%.jpg : %.jpg @cp $< $@ # template dependencies diff --git a/english/News/1998/19981027.wml b/english/News/1998/19981027.wml index 5d42903afc4..42ca237929e 100644 --- a/english/News/1998/19981027.wml +++ b/english/News/1998/19981027.wml @@ -11,7 +11,7 @@ Web site a 'Best of the Net' award. Criteria included quality and usefulness, availability, salience, and originality/exclusivity. A link to this award and a list of other winners is at <A HREF="http://linux.miningco.com/library/awards/bloct98.htm"> -http://linux.miningco.com/library/awards/bloct98.htm +http://linux.miningco.com/library/awards/bloct98.htm<BR> <IMG SRC="19981027.jpg"></A> <P>Debian would like to thank its many volunteers and especially its webmasters diff --git a/english/News/1998/Makefile b/english/News/1998/Makefile index d1d99212083..fdbe5204d97 100644 --- a/english/News/1998/Makefile +++ b/english/News/1998/Makefile @@ -13,7 +13,6 @@ ENGLISHSRCDIR=$(BASE)/../english include $(BASE)/Make.lang all: $(HTMLFILES) $(JPGDEST) - echo $(JPGDEST) include $(BASE)/Make.templ.inc diff --git a/english/security/index.wml b/english/security/index.wml index bda72625925..d5a61b15805 100644 --- a/english/security/index.wml +++ b/english/security/index.wml @@ -1,4 +1,3 @@ -#!wml -o ../../../debian.org/security/%BASE.html.en #use wml::debian::template title="Debian GNU/Linux — Security Information" <H1>Security Information</H1> @@ -24,45 +23,6 @@ security holes, which could potentially affect Debian.</P> Security Alerts announced in <A HREF="1997/index">1997</A><BR> Security Alerts announced in <A HREF="1998/index">1998</A><BR> -Unconverted security Alerts<BR> -<DL> -<DT><A HREF="mc.html">Script problem with mc</A> - <DD>Fixed in mc 4.1.22-1bo1 in bo and mc 4.1.22-1 in hamm -<DT><A HREF="ldso.html">Buffer overflow in ldso</A> - <DD>Fixed in ldso 1.8.11 or later -<DT><A HREF="xfree2.html">Xserver can read arbitrary files</A> - <DD>Fixed in XF86_* 3.3.1-6 or later. -<DT><A HREF="land.html">Land attack, spoofed SYN packets</A> - <DD>Linux is not vulnerable -<DT><A HREF="samba.html">Samba gives remote user root access</A> - <DD>Fixed in samba 1.9.17p2 or later -<DT><A HREF="xfree.html">Problem with bad permissions on control socket for X</A> - <DD>Debian is not vulnerable -<DT><A HREF="teardrop.html">IP defragmenting can crash the kernel</A> - <DD>Fixed in Linux Kernel 2.0.32 or later -<DT><A HREF="mgetty.html">Bad quoting of user data in mgetty allowed root access</A> - <DD>Fixed in mgetty 1.1.8, available in bo-updates -<DT><A HREF="modutils.html">Problems with request-route</A> - <DD>Fixed in modutils 2.1.34-5a, available in bo-updates -<DT><A HREF="ssh.html">ssh allowed users to forward privileged ports</A> - <DD>Fixed in ssh 1.2.21, available in bo at nonus.debian.org -<DT><A HREF="svgalib.html">svgalib didn't properly give up root privileges</A> - <DD>Fixed in svgalib 1.2.10-5, available in bo-updates -<DT><A HREF="lynx.html">Anonymous lynx users can execute arbitrary commands</A> - <DD>Fixed in lynx 2.7.1-3, available in bo-updates -<DT><A HREF="libdb.html">libdb includes snprintf function without bound checking</A> - <DD>Fixed in libdb 1.85.4-4, available in bo-updates -<DT><A HREF="parsecontrol.html">INN parsecontrol has problems</A> - <DD>Debian is not vulnerable -<DT><A HREF="doom.html">doom startmouse creates replaceable /tmp/gpmscript</A> - <DD>Debian had no doom package when this was reported. Any future package will not be - vulnerable -<DT><A HREF="xfree3.html">User X startup scripts may create exploitable files</A> - <DD>Debian is not vulnerable -<DT><A HREF="bliss.html">Bliss virus</A> - <DD>Debian is vulnerable only if you are root -</DL> - <STRONG>Note:</STRONG> Debian gives nicknames to each new release we are working on. When a new version is ready, it is only then assigned a number. The current release is the one pointed at by 'dists/stable' on the ftp archive. The development release is diff --git a/english/security/sperl.html b/english/security/sperl.html deleted file mode 100644 index cdc9faaa066..00000000000 --- a/english/security/sperl.html +++ /dev/null @@ -1,34 +0,0 @@ - -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> -<HTML> -<HEAD> -<TITLE>Debian GNU/Linux - Security Information</TITLE> -<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> -<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> -</HEAD> - -<BODY BGCOLOR="#FFFFFF"> -<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> -<HR> - -<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> - -<DL> -<DT>Affected packages: - <DD>perl-suid -<DT>Brief description: - <DD>Users can gain root access with suidperl version 5.003 -<DT>Vulnerable: - <DD><FONT COLOR="#FF0000">Yes</FONT> -<DT>Fixed in: - <DD>perl-suid 5.003.07-10 or later. -</DL> - -<P><SMALL>Last Modified: 10 Jan 1998. -Copyright ©1997 SPI; See -<A HREF="../license.html">license terms.</A></SMALL> -<HR> -</BODY> -</HTML> - - diff --git a/english/security/ssh.html b/english/security/ssh.html deleted file mode 100644 index 8d68ff0a988..00000000000 --- a/english/security/ssh.html +++ /dev/null @@ -1,34 +0,0 @@ - -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> -<HTML> -<HEAD> -<TITLE>Debian GNU/Linux - Security Information</TITLE> -<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> -<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> -</HEAD> - -<BODY BGCOLOR="#FFFFFF"> -<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> -<HR> - -<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> - -<DL> -<DT>Affected packages: - <DD>ssh -<DT>Brief description: - <DD>ssh allowed non-privileged users to forward privileged ports. -<DT>Vulnerable: - <DD><FONT COLOR="#FF0000">Yes</FONT> -<DT>Fixed in: - <DD>ssh 1.2.21-1 or later, available at ftp://nonus.debian.org/debian-non-US/ -</DL> - -<P><SMALL>Last Modified: 10 Jan 1998. -Copyright ©1997 SPI; See -<A HREF="../license.html">license terms.</A></SMALL> -<HR> -</BODY> -</HTML> - - diff --git a/english/security/svgalib.html b/english/security/svgalib.html deleted file mode 100644 index f7873484f0a..00000000000 --- a/english/security/svgalib.html +++ /dev/null @@ -1,34 +0,0 @@ - -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> -<HTML> -<HEAD> -<TITLE>Debian GNU/Linux - Security Information</TITLE> -<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> -<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> -</HEAD> - -<BODY BGCOLOR="#FFFFFF"> -<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> -<HR> - -<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> - -<DL> -<DT>Affected packages: - <DD>svgalib -<DT>Brief description: - <DD>svgalib didn't properly give up root priviledges. -<DT>Vulnerable: - <DD><FONT COLOR="#FF0000">Yes</FONT> -<DT>Fixed in: - <DD>svgalib 1.2.10-5, available in bo-updates. -</DL> - -<P><SMALL>Last Modified: 10 Jan 1998. -Copyright ©1997 SPI; See -<A HREF="../license.html">license terms.</A></SMALL> -<HR> -</BODY> -</HTML> - - diff --git a/english/security/teardrop.html b/english/security/teardrop.html deleted file mode 100644 index 23a8cb4b581..00000000000 --- a/english/security/teardrop.html +++ /dev/null @@ -1,35 +0,0 @@ - -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> -<HTML> -<HEAD> -<TITLE>Debian GNU/Linux - Security Information</TITLE> -<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> -<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> -</HEAD> - -<BODY BGCOLOR="#FFFFFF"> -<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> -<HR> - -<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> - -<DL> -<DT>Affected packages: - <DD>kernel-package -<DT>Brief description: - <DD>"teardrop" attack. Problem with IP defragmenting code can allow others to crash - your machine -<DT>Vulnerable: - <DD><FONT COLOR="#FF0000">Yes</FONT> -<DT>Fixed in: - <DD>Linux Kernel 2.0.32 or later -</DL> - -<P><SMALL>Last Modified: 10 Jan 1998. -Copyright ©1997 SPI; See -<A HREF="../license.html">license terms.</A></SMALL> -<HR> -</BODY> -</HTML> - - diff --git a/english/security/template.html b/english/security/template.html deleted file mode 100644 index 91429ada9a1..00000000000 --- a/english/security/template.html +++ /dev/null @@ -1,79 +0,0 @@ -!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> -<HTML> -<HEAD> -<TITLE>Debian GNU/Linux - Security Information</TITLE> -<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> -<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> -</HEAD> - -<BODY BGCOLOR="#FFFFFF"> -<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> -<HR> - -<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> - -<DL> -<DT>Date reported: non-public - ; public - -<P> -<DT>Affected packages: -<P> -<DT>Brief description: - <DD> -<P> -<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> -<P> -<DT>Fixed in: - <DD> -<HR> - <DD>Source archives: - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL> - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL> - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL><P> - - <DD>Intel architecture: - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL> -<P> -<DT>Fixed in: - <DD> -<HR> - <DD>Source archives: - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL> - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL> - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL> - -<P> Intel architecture: - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL> - -<P> Motorola 68k architecture: - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL> - -<P> Sparc architecture - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL> - -<P> Alpha architecture - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL> - -<P> PowerPC architecture - <DD>ftp://ftp.debian.org/debian/ - <DD><SMALL>(MD5 checksum: )</SMALL> -<P> -<DT>Entered Distribution: April 19, 1998 -</DL> - -<P><SMALL>Last Modified: May 11, 1998. -Copyright ©1997, 1998 SPI; See -<A HREF="../license.html">license terms.</A></SMALL> -<HR> -</BODY> -</HTML> diff --git a/english/security/undated/1sperl.wml b/english/security/undated/1sperl.wml new file mode 100644 index 00000000000..dccbd3a5653 --- /dev/null +++ b/english/security/undated/1sperl.wml @@ -0,0 +1,17 @@ +<define-tag pagetitle>sperl</define-tag> +<define-tag report_date>undated</define-tag> +<define-tag packages>perl-suid</define-tag> +<define-tag description>Users can gain root access with suidperl version 5.003</define-tag> +<define-tag vulnerable><FONT COLOR=FF0000>Yes</FONT></define-tag> +<define-tag fixed>Yes</define-tag> +<define-tag moreinfo></define-tag> + +#use wml::debian::basic title="Debian GNU/Linux — <pagetitle>" +#use wml::debian::security + +Fixes: perl-suid 5.003.07-10 or later. + +<:= languages ("$(HOME)", "security", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> + +<HR> +#use wml::debian::footer diff --git a/english/security/undated/1ssh.wml b/english/security/undated/1ssh.wml new file mode 100644 index 00000000000..2b74a1a3892 --- /dev/null +++ b/english/security/undated/1ssh.wml @@ -0,0 +1,17 @@ +<define-tag pagetitle>ssh</define-tag> +<define-tag report_date>undated</define-tag> +<define-tag packages>ssh</define-tag> +<define-tag description>ssh allowed non-privileged users to forward privileged ports.</define-tag> +<define-tag vulnerable><FONT COLOR=FF0000>Yes</FONT></define-tag> +<define-tag fixed>Yes</define-tag> +<define-tag moreinfo></define-tag> + +#use wml::debian::basic title="Debian GNU/Linux — <pagetitle>" +#use wml::debian::security + +Fixes: ssh 1.2.21-1 or later + +<:= languages ("$(HOME)", "security", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> + +<HR> +#use wml::debian::footer diff --git a/english/security/undated/1svgalib.wml b/english/security/undated/1svgalib.wml new file mode 100644 index 00000000000..e76edbcfdd6 --- /dev/null +++ b/english/security/undated/1svgalib.wml @@ -0,0 +1,17 @@ +<define-tag pagetitle>svgalib</define-tag> +<define-tag report_date>undated</define-tag> +<define-tag packages>svgalib</define-tag> +<define-tag description>svgalib didn't properly give up root priviledges.</define-tag> +<define-tag vulnerable><FONT COLOR=FF0000|007F00>Yes|No</FONT></define-tag> +<define-tag fixed>Yes</define-tag> +<define-tag moreinfo></define-tag> + +#use wml::debian::basic title="Debian GNU/Linux — <pagetitle>" +#use wml::debian::security + +Fixes: svgalib 1.2.10-5 + +<:= languages ("$(HOME)", "security", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> + +<HR> +#use wml::debian::footer diff --git a/english/security/undated/1teardrop.wml b/english/security/undated/1teardrop.wml new file mode 100644 index 00000000000..a1b4acf54df --- /dev/null +++ b/english/security/undated/1teardrop.wml @@ -0,0 +1,18 @@ +<define-tag pagetitle>teardrop</define-tag> +<define-tag report_date>undated</define-tag> +<define-tag packages>kernel-package</define-tag> +<define-tag description>"teardrop" attack. Problem with IP defragmenting code +can allow others to crash your machine</define-tag> +<define-tag vulnerable><FONT COLOR=FF0000>Yes</FONT></define-tag> +<define-tag fixed>Yes</define-tag> +<define-tag moreinfo></define-tag> + +#use wml::debian::basic title="Debian GNU/Linux — <pagetitle>" +#use wml::debian::security + +Fixes: Kernel 2.0.32 or later + +<:= languages ("$(HOME)", "security", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> + +<HR> +#use wml::debian::footer diff --git a/english/security/undated/1xfree.wml b/english/security/undated/1xfree.wml new file mode 100644 index 00000000000..8e957c1a0f8 --- /dev/null +++ b/english/security/undated/1xfree.wml @@ -0,0 +1,17 @@ +<define-tag pagetitle>xfree</define-tag> +<define-tag report_date>undated</define-tag> +<define-tag packages>xserver*</define-tag> +<define-tag description>Problem with bad permissions on control socket for X</define-tag> +<define-tag vulnerable><FONT COLOR=007F00>No</FONT></define-tag> +<define-tag fixed>Yes</define-tag> +<define-tag moreinfo></define-tag> + +#use wml::debian::basic title="Debian GNU/Linux — <pagetitle>" +#use wml::debian::security + +Fixes: N/A + +<:= languages ("$(HOME)", "security", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> + +<HR> +#use wml::debian::footer diff --git a/english/security/undated/1xfree2.wml b/english/security/undated/1xfree2.wml new file mode 100644 index 00000000000..80f1c3c71b7 --- /dev/null +++ b/english/security/undated/1xfree2.wml @@ -0,0 +1,17 @@ +<define-tag pagetitle>xfree</define-tag> +<define-tag report_date>undated</define-tag> +<define-tag packages>xserver-*</define-tag> +<define-tag description>XF86_* servers don't check permission on alternate config file. This enables reading of the first line of any file by ordinary users.</define-tag> +<define-tag vulnerable><FONT COLOR=FF0000>Yes</FONT></define-tag> +<define-tag fixed>Yes</define-tag> +<define-tag moreinfo></define-tag> + +#use wml::debian::basic title="Debian GNU/Linux — <pagetitle>" +#use wml::debian::security + +Fixes: XF86_* 3.3.1-6 and later. + +<:= languages ("$(HOME)", "security", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> + +<HR> +#use wml::debian::footer diff --git a/english/security/undated/1xfree3.wml b/english/security/undated/1xfree3.wml new file mode 100644 index 00000000000..c65819f316c --- /dev/null +++ b/english/security/undated/1xfree3.wml @@ -0,0 +1,18 @@ +<define-tag pagetitle>xfree</define-tag> +<define-tag report_date>undated</define-tag> +<define-tag packages></define-tag> +<define-tag description> user X startup scripts sometimes create exploitable +file in /tmp</define-tag> +<define-tag vulnerable><FONT COLOR=007F00>No</FONT></define-tag> +<define-tag fixed>Yes</define-tag> +<define-tag moreinfo>Allan Cox</define-tag> + +#use wml::debian::basic title="Debian GNU/Linux — <pagetitle>" +#use wml::debian::security + +Fixes: N/A + +<:= languages ("$(HOME)", "security", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> + +<HR> +#use wml::debian::footer diff --git a/english/security/xfree.html b/english/security/xfree.html deleted file mode 100644 index 625b0204e2a..00000000000 --- a/english/security/xfree.html +++ /dev/null @@ -1,32 +0,0 @@ - -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> -<HTML> -<HEAD> -<TITLE>Debian GNU/Linux - Security Information</TITLE> -<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> -<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> -</HEAD> - -<BODY BGCOLOR="#FFFFFF"> -<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> -<HR> - -<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> - -<DL> -<DT>Affected packages: - <DD>xserver* -<DT>Brief description: - <DD>Problem with bad permissions on control socket for X -<DT>Vulnerable: - <DD>No -</DL> - -<P><SMALL>Last Modified: 10 Jan 1998. -Copyright ©1997 SPI; See -<A HREF="../license.html">license terms.</A></SMALL> -<HR> -</BODY> -</HTML> - - diff --git a/english/security/xfree2.html b/english/security/xfree2.html deleted file mode 100644 index cfd3a8f95aa..00000000000 --- a/english/security/xfree2.html +++ /dev/null @@ -1,35 +0,0 @@ - -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> -<HTML> -<HEAD> -<TITLE>Debian GNU/Linux - Security Information</TITLE> -<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> -<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> -</HEAD> - -<BODY BGCOLOR="#FFFFFF"> -<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> -<HR> - -<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> - -<DL> -<DT>Affected packages: - <DD>xserver-* -<DT>Brief description: - <DD>XF86_* servers don't check permission on alternate config file. This enables reading - of the first line of any file by ordinary users. -<DT>Vulnerable: - <DD><FONT COLOR="#FF0000">Yes</FONT> -<DT>Fixed in: - <DD>XF86_* 3.3.1-6 and later. A wrapper program is used to avoid problems such as this. -</DL> - -<P><SMALL>Last Modified: 10 Jan 1998. -Copyright ©1997 SPI; See -<A HREF="../license.html">license terms.</A></SMALL> -<HR> -</BODY> -</HTML> - - diff --git a/english/security/xfree3.html b/english/security/xfree3.html deleted file mode 100644 index 03c856b3b76..00000000000 --- a/english/security/xfree3.html +++ /dev/null @@ -1,30 +0,0 @@ - -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> -<HTML> -<HEAD> -<TITLE>Debian GNU/Linux - Security Information</TITLE> -<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> -<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> -</HEAD> - -<BODY BGCOLOR="#FFFFFF"> -<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> -<HR> - -<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> - -<DL> -<DT>Brief description: - <DD>user X startup scripts sometimes create exploitable file in /tmp -<DT>Vulnerable: - <DD> No -<DT>For more information: - <DD> <a href="info/xfree3.html">Alan Cox</a> -</DL> - -<P><SMALL>Last Modified: 10 Jan 1998. -Copyright ©1997 SPI; See -<A HREF="../license.html">license terms.</A></SMALL> -<HR> -</BODY> -</HTML> diff --git a/english/template/debian/menubar.wml b/english/template/debian/menubar.wml index 702f45f5f0b..299a011affa 100644 --- a/english/template/debian/menubar.wml +++ b/english/template/debian/menubar.wml @@ -9,7 +9,7 @@ <A href="$(HOME)/contact">Contact Us</A><BR> <A href="$(HOME)/social_contract">Our Social Contract</A><BR> <A href="$(HOME)/donations">Donations</A><BR> - <A href="$(INTRO)/international">Debian goes International</A><BR> + <A href="$(INTRO)/international">Debian International</A><BR> <A href="$(HOME)/related_links">Related Links</A> </SMALL> </FONT></P> |