[5223] in bugtraq
SGI security patches
daemon@ATHENA.MIT.EDU (Martin J. Dellwo)
Fri Aug 29 12:49:35 1997
Date: Fri, 29 Aug 1997 10:23:08 -0400
Reply-To: "Martin J. Dellwo" <dellwo@SPRUCE.CHEM.UPENN.EDU>
From: "Martin J. Dellwo" <dellwo@SPRUCE.CHEM.UPENN.EDU>
To: BUGTRAQ@NETSPACE.ORG
FYI there is a patch for the login 'LOCKOUT' problem and
'login/scheme' security holes on the general patch site, which has not
been announced via SGI's security email list. For Irix 5.3, patch
2216 and for Irix 6.2, patch 2181, release date 7/30/97(! a month
ago).
For 6.3, patch 2232 seems to have fixes for the 'login/scheme', 'df',
'eject', and 'at' buffer overrun problems plus LOCKOUT. Same for
patch 2233 under 6.4. No fix of 'pset' is mentioned
-M
--
Martin J. Dellwo (215) 898-4886 dellwo@spruce.chem.upenn.edu
Department of Chemistry, University of Pennsylvania
http://cherry.chem.upenn.edu/~dellwo/
