[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

[LUG] [K]Ubuntu security hole

To: list@xxxxxxxxxxxxx
Subject: [LUG] [K]Ubuntu security hole
From: David Johnson <dj@xxxxxxxxxxxxxxx>
Date: Mon, 13 Mar 2006 12:40:19 +0000
Content-disposition: inline

Hi all,

Just a quick note to tell [K]Ubuntu users to apt-get upgrade.

It seems that the Breezy installer leaves a world-readable file on the disk 
containing the plain-text password of your first user (which has sudo and 
therefore root privileges).

https://launchpad.net/distros/ubuntu/+source/shadow/+bug/34606

A fix is available (it was released just 12 hours after discovery - beat that 
proprietary software companies), just upgrade. Or you could just delete the 
offending files, as listed in the bug report linked above.

Regards,
David.

-- 
David Johnson
www.david-web.co.uk - My Personal Website
www.ethereye.org.uk - EtherEye Network Host Checker
www.penguincomputing.co.uk - Need a Web Developer?

--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html

Follow-up: Re: [LUG] [K]Ubuntu security hole
- From: Michael Dodd

Prev by Date: Re: [LUG] Debian: GFDL-licensed works without unmodifiable sections are free
Next by Date: [LUG] OT: Laser printer spare in Exeter?
Previous by thread: Re: [LUG] Debian: GFDL-licensed works without unmodifiable sections are free
Next by thread: Re: [LUG] [K]Ubuntu security hole
Index(es):
- Date
- Thread