Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

CONECTIVA LINUX SECURITY ANNOUNCEMENT - BITCHX

From: Security <secure () CONECTIVA COM BR>
Date: Thu, 27 Jul 2000 11:22:43 -0300
----------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
----------------------------------------------------------------------

PACKAGE: BitchX
SUMMARY: Denial of service
DATE: 2000-07-27
AFFECTED CONECTIVA VERSIONS : 5.1


DESCRIPTION
This announcement is being re-released specifically for Conectiva Linux
5.1.

The irc client BitchX can be taken down remotely by inviting
the user to a channel with format strings in its name. By
receiving the invitation, BitchX will crash immediately.


SOLUTION
Users of BitchX must upgrade.
Conectiva Linux versions prior to 5.1 have already been patched.


DIRECT DOWNLOAD LINKS TO UPDATED PACKAGES
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.1/i386/BitchX-75p3-9cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/wserv-1.13-2cl.i386.rpm


DIRECT LINK TO THE SOURCE PACKAGE
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.1/SRPMS/BitchX-75p3-9cl.src.rpm


----------------------------------------------------------------------

All packages are signed with Conectiva's GPG key. The key can be obtained at
http://www.conectiva.com.br/conectiva/contato.html


----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribe () bazar conectiva com br
unsubscribe: atualizacoes-anuncio-unsubscribe () bazar conectiva com br
Previous By Date Next
Previous By Thread Next

Current thread: