[2374] in linux-security and linux-alert archive
[linux-security] BitchX update
daemon@ATHENA.MIT.EDU (Vincent Danen)
Sat Jul 8 09:53:41 2000
Date: Fri, 7 Jul 2000 20:05:53 -0600
From: Vincent Danen <vdanen@mandrakesoft.com>
To: security-announce@linux-mandrake.com
Cc: mdk-security@freezer-burn.org, bugtraq@securityfocus.com,
linux-security@redhat.com
Message-ID: <20000707200553.B7237@mandrakesoft.com>
Mail-Followup-To: security-announce@linux-mandrake.com,
mdk-security@freezer-burn.org, bugtraq@securityfocus.com,
linux-security@redhat.com
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Resent-From: linux-security@redhat.com
_____________________________________________________________________
Linux-Mandrake Security Update Advisory.
_____________________________________________________________________
Date: July 7th, 2000
Package name: BitchX
Affected versions: 6.1, 7.0, 7.1
Problem: A denial of service vulnerability exists in BitchX. Improper
handling of incoming invitation messages can crash the client. Any
user on IRC can send the client an invitation message that causes BitchX
to segfault.
Please upgrade to:
md5sum: 5e34661e39b67283600ba138694730c5
6.1/RPMS/BitchX-75p3-12mdk.i586.rpm
md5sum: d4876a7dc0b40226b8abbd80e01988a6
6.1/SRPMS/BitchX-75p3-12mdk.src.rpm
md5sum: 4f28b30cb2bfd09cec05e0bf2af2da99
7.0/RPMS/BitchX-75p3-12mdk.i586.rpm
md5sum: d4876a7dc0b40226b8abbd80e01988a6
7.0/SRPMS/BitchX-75p3-12mdk.src.rpm
md5sum: f6297ab3e697cfa24762565a26ff6544
7.1/RPMS/BitchX-75p3-12mdk.i586.rpm
md5sum: d4876a7dc0b40226b8abbd80e01988a6
7.1/SRPMS/BitchX-75p3-12mdk.src.rpm
To upgrade automatically, use « MandrakeUpdate ». If you want to upgrade
manually, download the updated package from one of our FTP server mirrors
and uprade with "rpm -Uvh package_name". All mirrors are listed on
http://www.mandrake.com/en/ftp.php3. Updated packages are available in the
"updates/" directory.
For example, if you are looking for an updated RPM package for Mandrake 7.1,
look for it in: updates/7.1/RPMS/
Notes:
- We give the md5 sum for each package. It lets you check the integrity of
the downloaded package by running the md5sum command on the package
("md5sum package.rpm").
- You generally do not need to download the source package with a .src.rpm
suffix
- All the updated packages are listed on the website on
http://www.linux-mandrake.com/en/fupdates.php3
- To subscribe/unsubscribe from the "security-announce" list and
subscribe/unsubscribe from the "security-discuss" list see:
http://www.linux-mandrake.com/en/flists.php3#security
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
