[384] in Best-of-Security
BoS: Majordomo 1.94.4 released -- SECURITY FIXES
daemon@ATHENA.MIT.EDU (Aleph One)
Sat Oct 11 22:14:57 1997
Date: Fri, 3 Oct 1997 10:19:51 -0500
Reply-To: Aleph One <aleph1@DFW.NET>
From: Aleph One <aleph1@DFW.NET>
Old-X-Originally-To: To: BUGTRAQ@NETSPACE.ORG
Old-X-Originated-From: From: Aleph One <aleph1@DFW.NET>
Errors-To: best-of-security-request@cyber.com.au
To: best-of-security@cyber.com.au
Resent-From: best-of-security@cyber.com.au
Message-Id: <199710021424.QAA28753@slurp.neu.sgi.com>
To: majordomo-announce@GreatCircle.COM, majordomo-workers@GreatCircle.COM
Subject: Majordomo 1.94.4 released -- SECURITY FIXES
Date: Thu, 02 Oct 1997 16:24:12 +0200
From: Chan Wilson
Majordomo 1.94.4
--------------------
THIS IS A SECURITY BUGFIX RELEASE!
This has the advertise eval and wrapper security patch, everything
that was in the patch archive, plus a few other snippets - see below.
In the usual places:
ftp://ftp.greatcircle.com/pub/majordomo/majordomo.tgz
ftp://ftp-europe.sgi.com/other/majordomo/majordomo.tgz
ftp://ftp.sgi.com/other/majordomo/majordomo.tgz
Patches can be found in the 1.94.4 subdirectory.
--Chan
[ snip ]
wrapper.c 1.8:1.7
revision 1.8
date: 1997/08/27 15:01:12; author: cwilson; state: Exp; lines: +6 -4
o Fixes security hole with ENV overrun by limiting env size.
----------------------------
Chan Wilson International +41-32-843-3760
Silicon Graphics, SA. U.S. 1-888-744-8638 x476-3760
Cortaillod, Switzerland. cwilson@neu.sgi.com
"Network Analyst" && Irix SA Guru && Gravitational Engineer
Practice Acting Kind of Random. Beauty, eh?
