February 9, 2001

Security update to man-db

Author: JT Smith

LWN.net has this: "Styx has reported that the program `man' mistakenly passes malicious
strings (i.e. containing format characters) through routines that were
not meant to use them as format strings. Since this could cause a
segmentation fault and privileges were not dropped it may lead to an
exploit for the 'man' user.

We recommend you upgrade your man-db package immediately."


  • Linux
Click Here!