Security 10816 Published by

A new security update for Debian GNU/Linux has been released

DSA-252-1 slocate -- buffer overflow
A problem has been discovered in slocate, a secure locate replacement. A buffer overflow in the setuid program slocate can be used to execute arbitrary code as superuser.

For the stable distribution (woody) this problem has been fixed in version 2.6-1.3.1.
The old stable distribution (potato) is not affected by this problem.

For the unstable distribution (sid) this problem has been fixed in version 2.7-1.

We recommend that you upgrade your slocate package immediately.

Read more