[8589] in bugtraq
Re: [Linux] klogd 1.3-22 buffer overflow
daemon@ATHENA.MIT.EDU (security@PENGUIN.NET.AU)
Wed Nov 18 12:16:20 1998
Date: Wed, 18 Nov 1998 12:22:29 +0800
Reply-To: security@PENGUIN.NET.AU
From: security@PENGUIN.NET.AU
X-To: Martin Schulze <joey@infodrom.north.de>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19981117224544.A27914@finlandia.infodrom.north.de>
Hi,
I am personally a bit mixed up now...
This is what I have just read on the RedHat updates page:
--------------------------------------------
Red Hat would like to thank Michal Zalewski (lcamtuf@IDS.PL) and the
members of
the Bugtraq mailing list for discovering this problem and providing a
fix.
Users of Red Hat Linux are recommended to upgrade to the new packages
ava
--------------------------------------------------
The page is at
http://www.redhat.com/support/docs/rhl/rh52-errata-general.html.
...shall I trust Redhat, now? :-?
Merc.
> I'm the co-maintainer of the Linux sysklogd package which contains the
> klogd program for which a buffer overrun has been reported last week.
>
> First of all I'd like to complain about two things:
>
> a) The reports weren't made against the current version of the
> package. The source for it is well known on sunsite.unc.edu as
> well as various mirrors.
[SNIP]
