[6394] in bugtraq
SECURITY: new svgalib and kbd now available
daemon@ATHENA.MIT.EDU (Erik Troan)
Wed Mar 25 12:36:20 1998
Date: Wed, 25 Mar 1998 11:51:10 -0500
Reply-To: redhat-list@redhat.com
From: Erik Troan <ewt@REDHAT.COM>
X-To: redhat-announce-list@redhat.com
To: BUGTRAQ@NETSPACE.ORG
/tmp exploits have been found in svgalib and kbd. New versions of both
of these packages are available for Red Hat Linux. All of these new
packages have been signed with the Red Hat PGP key.
svgalib is only available for i386 platforms, and kbd is only availble
for Intel and SPARC (it was not included in Red Hat 4.2 on the SPARC).
Thanks to Mark A. Spencer and Alan Cox for helping to find and fix these
problems.
Red Hat 5.0
-------------
i386:
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/kbd-0.94-6.i386.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/svgalib-1.2.11-4.i386.rpm
alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/alpha/kbd-0.94-6.alpha.rpm
Red Hat 4.2
-------------
i386:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/kbd-0.91-10.i386.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/svgalib-1.2.10-3.i386.rpm
alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/kbd-0.91-10.alpha.rpm
Erik
