[SECURITY] Fedora Core 5 Update: busybox-1.01-3.fc5
Ivana Varekova
varekova at redhat.com
Thu May 4 18:12:16 UTC 2006
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-510
2006-05-04
---------------------------------------------------------------------
Product : Fedora Core 5
Name : busybox
Version : 1.01
Release : 3.fc5
Summary : Statically linked binary providing simplified versions of system commands
Description :
Busybox is a single binary which includes versions of a large number
of system commands, including a shell. This package can be very
useful for recovering from certain types of system failures,
particularly those involving broken shared libraries.
---------------------------------------------------------------------
Update Information:
The BusyBox passwd command does not use a proper salt when
generating passwords. This would create an instance where a
brute force attack could take very little time.
This problem is fixed in busybox-1.01-3.fc5.
---------------------------------------------------------------------
* Thu May 4 2006 Ivana Varekova <varekova at redhat.com> 1:1.01-3.fc5
- fix CVE-2006-1058 - BusyBox passwd command
fails to generate password with salt (#187386)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
df1508572569c949e3a0838a5620f11d7ba3bda6 SRPMS/busybox-1.01-3.fc5.src.rpm
504d98292ac4b2f28c1a9cbbf646e707581262bc ppc/busybox-1.01-3.fc5.ppc.rpm
e741d38e0992c7307505de8fd439a5162d5b546a ppc/busybox-anaconda-1.01-3.fc5.ppc.rpm
856f2032ef5d247edb715fed46e28ea0d3ea190c ppc/debug/busybox-debuginfo-1.01-3.fc5.ppc.rpm
975026e30e21c93f81c09c51764f39522225798c x86_64/busybox-1.01-3.fc5.x86_64.rpm
7d2631972295094a6b2bc5357b4a92b32aeb3d09 x86_64/busybox-anaconda-1.01-3.fc5.x86_64.rpm
562bb6ed70583946f9df2f45cbbdca08f839047b x86_64/debug/busybox-debuginfo-1.01-3.fc5.x86_64.rpm
a8a6faafc76fc98d4bb2fcc758851e260a984613 i386/busybox-1.01-3.fc5.i386.rpm
62545a756fb36dbd77126cdd55f1d47ae0c07fdf i386/busybox-anaconda-1.01-3.fc5.i386.rpm
d46de403268d8e5ddb8af85c41902bf6fa58de0a i386/debug/busybox-debuginfo-1.01-3.fc5.i386.rpm
This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------
More information about the package-announce
mailing list