[Firehol-support] FireHOL security bug - v1.224 released to fix it
Costa Tsaousis
costa at tsaousis.gr
Mon Jan 24 22:53:20 GMT 2005
Hi all,
A hours ago, it has been reported that FireHOL has a security bug that
allows malicious local users to use the temporary files created by FireHOL
to overwrite arbitrary files on the system running FireHOL.
I have already fixed the bugs that allowed these to happen and released
v1.224, which can be downloaded the usual way and also via
http://firehol.sf.net/firehol.tar.gz (this URL is the nightly CVS build,
which is currently the same as the released one).
All system administrators that allow non-trusted users to have a terminal
session to their systems are advised to update immediatelly to this
version.
Regards,
Costa
More information about the Firehol-support
mailing list