[SECURITY] Debian esound packages not affected by /tmp/.esd race condition

ID DEBIAN:8EBE265A4C67579BBCECED89AB785D12:87A28
Type debian
Reporter Debian
Modified 2000-10-09T00:00:00


Debian Security Advisory security@debian.org http://www.debian.org/security/ Daniel Jacobowitz October 8, 2000

Package: esound Vulnerability: Race condition Debian-specific: no Vulnerable: no

Linux-Mandrake has recently released a Security Advisory (MDKSA-2000:051) covering a race condition in the esound. Debian is not affected by this bug; the bug is specific to the unix domain socket support, which was turned off in stable (2.2/potato) and unstable (woody) on February 16, 2000. Therefore neither the current stable or unstable distribution of Debian is vulnerable to this problem. Debian 2.1 (aka "slink") is also not vulnerable to this problem; the version of esound in Debian 2.1 is 0.2.6, which predates the buggy unix domain socket code.

More information regarding this bug can be found at: http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=yes&bug=58054

For apt-get: deb http://security.debian.org/ stable updates Mailing list: debian-security-announce@lists.debian.org