SECURITY: procps 1.2.7 fixes security hole

[aleph1 () DFW NET (Aleph One)]

---------- Forwarded message ----------
Date: Fri, 17 Apr 1998 16:24:27 -0300
From: "Michael K. Johnson" <johnsonm () redhat com>
To: linux-announce () sws1 ctd ornl gov
Cc: linux-security () redhat com
Subject: [linux-security] SECURITY: procps 1.2.7 fixes security hole


A file creation and corruption bug in XConsole included in procps-X11
versions 1.2.6 and earlier has been found.  To fix it, you can either
remove the XConsole program or upgrade to procps-1.2.7, available from
ftp://tsx-11.mit.edu/pub/linux/sources/usr.bin/procps-1.2.7.tar.gz

Thanks to Alan Iwi for finding the bug.

A few other bugs have been fixed in this version.  Read the NEWS file
if you care.

If you are trying to build it by hand from the sources and you have
trouble,

        Read the INSTALL file.  Really.  Read it twice.  It answers
        EVERY question about building that I have EVER received.

If you have Red Hat Linux or another RPM-based distribution, libc5-based
RPM packages are available from
ftp://ftp.redhat.com/updates/4.2/
and glibc-based RPM packages are available from
ftp://ftp.redhat.com/updates/5.0/

Fuller upgrade instructions for Red Hat Linux users have been given in
a separate post to redhat-announce-list () redhat com

michaelkjohnson

"Magazines all too frequently lead to books and should be regarded by the
 prudent as the heavy petting of literature."            -- Fran Lebowitz
 Linux Application Development       http://www.redhat.com/~johnsonm/lad/

--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe: mail -s unsubscribe test-list-request () redhat com < /dev/null