----------------------------------------------------------------------

Did you know that a change in our assessment rating, exploit code
availability, or if an updated patch is released by the vendor, is
not part of this mailing-list?

Click here to learn more:
http://secunia.com/advisories/business_solutions/

----------------------------------------------------------------------

TITLE:
Debian update for flamethrower

SECUNIA ADVISORY ID:
SA32961

VERIFY ADVISORY:
http://secunia.com/advisories/32961/

CRITICAL:
Not critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Debian GNU/Linux 4.0
http://secunia.com/advisories/product/13844/
Debian GNU/Linux unstable alias sid
http://secunia.com/advisories/product/530/

DESCRIPTION:
Debian has issued an update for flamethrower. This fixes a security
issue, which can be exploited by malicious, local users to perform
certain actions with escalated privileges.

For more information:
SA32891

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch

Source archives:

http://security.debian.org/pool/updates/main/f/flamethrower/flamethrower_0.1.8-1+etch1.diff.gz
Size/MD5 checksum: 3138 f6263743cb41f4f75ab9f4dbc76a71a5
http://security.debian.org/pool/updates/main/f/flamethrower/flamethrower_0.1.8.orig.tar.gz
Size/MD5 checksum: 23485 04e1b6c5b4e72879e8aa69fcccb0491f
http://security.debian.org/pool/updates/main/f/flamethrower/flamethrower_0.1.8-1+etch1.dsc
Size/MD5 checksum: 598 4a880e477706f57bcfb806eb46a81922

Architecture independent packages:

http://security.debian.org/pool/updates/main/f/flamethrower/flamethrower_0.1.8-1+etch1_all.deb
Size/MD5 checksum: 16880 fbc0c1b237503a9d88521b444e4319e0

-- Debian GNU/Linux unstable alias sid --

Fixed in version 0.1.8-2.

ORIGINAL ADVISORY:
DSA-1676-1:
http://lists.debian.org/debian-security-announce/2008/msg00268.html

OTHER REFERENCES:
SA32891:
http://secunia.com/advisories/32891/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------