Bugtraq mailing list archives
SECURITY: procps 1.2.7 fixes security hole
From: aleph1 () DFW NET (Aleph One)
Date: Mon, 20 Apr 1998 11:28:33 -0500
---------- Forwarded message ---------- Date: Fri, 17 Apr 1998 16:24:27 -0300 From: "Michael K. Johnson" <johnsonm () redhat com> To: linux-announce () sws1 ctd ornl gov Cc: linux-security () redhat com Subject: [linux-security] SECURITY: procps 1.2.7 fixes security hole A file creation and corruption bug in XConsole included in procps-X11 versions 1.2.6 and earlier has been found. To fix it, you can either remove the XConsole program or upgrade to procps-1.2.7, available from ftp://tsx-11.mit.edu/pub/linux/sources/usr.bin/procps-1.2.7.tar.gz Thanks to Alan Iwi for finding the bug. A few other bugs have been fixed in this version. Read the NEWS file if you care. If you are trying to build it by hand from the sources and you have trouble, Read the INSTALL file. Really. Read it twice. It answers EVERY question about building that I have EVER received. If you have Red Hat Linux or another RPM-based distribution, libc5-based RPM packages are available from ftp://ftp.redhat.com/updates/4.2/ and glibc-based RPM packages are available from ftp://ftp.redhat.com/updates/5.0/ Fuller upgrade instructions for Red Hat Linux users have been given in a separate post to redhat-announce-list () redhat com michaelkjohnson "Magazines all too frequently lead to books and should be regarded by the prudent as the heavy petting of literature." -- Fran Lebowitz Linux Application Development http://www.redhat.com/~johnsonm/lad/ -- ---------------------------------------------------------------------- Please refer to the information about this list as well as general information about Linux security at http://www.aoy.com/Linux/Security. ---------------------------------------------------------------------- To unsubscribe: mail -s unsubscribe test-list-request () redhat com < /dev/null
Current thread:
- Re: New possible exploit for 2.0.33 (kfree_skb error), (continued)
- Re: New possible exploit for 2.0.33 (kfree_skb error) Alan Cox (Apr 15)
- Linux 2.0.33 vulnerability: fragment patterns Alan Cox (Apr 16)
- Linux 2.0.33 vulnerability: oversized packets Michal Zalewski (Apr 17)
- Linux 2.0.34pre10: Summary of fixed vulnerabilities Alan Cox (Apr 20)
- Re: Linux 2.0.33 vulnerability: oversized packets Jon Lewis (Apr 20)
- Re: Linux 2.0.33 vulnerability: oversized packets Krzysztof G. Baranowski (Apr 21)
- code to crash cistron's radius Hamdi Tounsi (Apr 21)
- nestea v2. The program that DoS's 2.0.33s The Tree of Life (Apr 18)
- xdm problems Thomas Roessler (Apr 16)
- Re: xdm problems Matthieu Herrb (Apr 20)
- SECURITY: procps 1.2.7 fixes security hole Aleph One (Apr 20)