linux, säkerhet

5263450 2000-07-10  09:16  /76 rader/ Postmaster
Mottagare: Bugtraq (import) <11654>
Ärende: BitchX update
------------------------------------------------------------
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Delivered-To: bugtraq@securityfocus.com
X-Authentication-Warning: devel.danen.net: vdanen set sender t 
                        vdanen@mandrakesoft.com using -f
Mail-Followup-To: security-announce@linux-mandrake.com 
                 mdk-security@freezer-burn.org, bugtraq@securityfocus.com 
                 linux-security@redhat.com
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.2.2i
X-Operating-System: Linux Mandrake 2.2.15-4mdk i586
Message-ID:  <20000707200553.B7237@mandrakesoft.com>
Date:         Fri, 7 Jul 2000 20:05:53 -0600
Reply-To: Vincent Danen <vdanen@MANDRAKESOFT.COM>
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: Vincent Danen <vdanen@MANDRAKESOFT.COM>
Organization: Danen Consulting Services (www.danen.net)
X-To:         security-announce@linux-mandrake.com
X-cc:         mdk-security@freezer-burn.org, linux-security@redhat.com
To: BUGTRAQ@SECURITYFOCUS.COM

_____________________________________________________________________

    Linux-Mandrake Security Update Advisory.
_____________________________________________________________________

Date: July 7th, 2000

Package name: BitchX

Affected versions: 6.1, 7.0, 7.1

Problem: A denial of service vulnerability exists in BitchX.  Improper
handling of incoming invitation messages can crash the client.    Any
user on IRC can send the client an invitation message that causes BitchX
to segfault.

Please upgrade to:

md5sum: 5e34661e39b67283600ba138694730c5
  6.1/RPMS/BitchX-75p3-12mdk.i586.rpm
md5sum: d4876a7dc0b40226b8abbd80e01988a6
  6.1/SRPMS/BitchX-75p3-12mdk.src.rpm
md5sum: 4f28b30cb2bfd09cec05e0bf2af2da99
  7.0/RPMS/BitchX-75p3-12mdk.i586.rpm
md5sum: d4876a7dc0b40226b8abbd80e01988a6
  7.0/SRPMS/BitchX-75p3-12mdk.src.rpm
md5sum: f6297ab3e697cfa24762565a26ff6544
  7.1/RPMS/BitchX-75p3-12mdk.i586.rpm
md5sum: d4876a7dc0b40226b8abbd80e01988a6
  7.1/SRPMS/BitchX-75p3-12mdk.src.rpm


To upgrade automatically, use « MandrakeUpdate ».  If you want to
upgrade manually, download the updated package from one of our FTP
server mirrors and uprade with "rpm -Uvh package_name".  All mirrors
are listed on http://www.mandrake.com/en/ftp.php3.  Updated packages
are available in the "updates/" directory.

For example, if you are looking for an updated RPM package for
Mandrake 7.1, look for it in: updates/7.1/RPMS/

Notes:
- We give the md5 sum for each package. It lets you check the integrity of
  the downloaded package by running the md5sum command on the package
  ("md5sum package.rpm").
- You generally do not need to download the source package with a
.src.rpm
  suffix
- All the updated packages are listed on the website on
  http://www.linux-mandrake.com/en/fupdates.php3
- To subscribe/unsubscribe from the "security-announce" list and
  subscribe/unsubscribe from the "security-discuss" list see:
  http://www.linux-mandrake.com/en/flists.php3#security
(5263450) ------------------------------------------(Ombruten)