Security 10808 Published by

Two new security updates for Debian GNU/Linux are available:

DSA-277-1 apcupsd -- buffer overflows, format string

The controlling and management daemon apcupsd for APC's Unbreakable Power Supplies is vulnerable to several buffer overflows and format string attacks. These bugs can be exploited remotely by an attacker to gain root access to the machine apcupsd is running on.

Read more

DSA-276-1 linux-kernel-s390 -- local privilege escalation

The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by the kernel. Remote exploitation of this hole is not possible.

Read more