Full Disclosure mailing list archives
GLSA: http-fetcher
From: Daniel Ahlberg <aliz () gentoo org>
Date: Tue, 7 Jan 2003 10:06:46 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200301-6 - - -------------------------------------------------------------------- PACKAGE : http-fetcher SUMMARY : buffer overflow DATE : 2003-01-07 09:01 UTC EXPLOIT : remote - - -------------------------------------------------------------------- - From advisory: "HTTP Fetcher library is exposed to very fatal buffer overflow. And, It influences in other several programs." Read the full advisory at http://marc.theaimsgroup.com/?l=bugtraq&m=104187658217144&w=2 SOLUTION It is recommended that all Gentoo Linux users who are running net-www/http-fetcher-1.0.1 or earlier update their systems as follows: emerge rsync emerge http-fetcher emerge clean - - -------------------------------------------------------------------- aliz () gentoo org - GnuPG key is available at www.gentoo.org/~aliz mkennedy () gentoo org - - -------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+GpibfT7nyhUpoZMRAtR8AJ95B0uA1G6/DC+T3VQN1u2LR97svgCfVUIY w4ZxJhN0WS8KI+3dUPNoaqI= =iWz0 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- GLSA: http-fetcher Daniel Ahlberg (Jan 07)