Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Linux] klogd 1.3-22 buffer overflow

From: security () PENGUIN NET AU (security () PENGUIN NET AU)
Date: Wed, 18 Nov 1998 12:22:29 +0800

Hi,

I am personally a bit mixed up now...

This is what I have just read on the RedHat updates page:

--------------------------------------------
    Red Hat would like to thank Michal Zalewski (lcamtuf () IDS PL) and the
members of
    the Bugtraq mailing list for discovering this problem and providing a
fix.

    Users of Red Hat Linux are recommended to upgrade to the new packages
ava
--------------------------------------------------

The page is at
http://www.redhat.com/support/docs/rhl/rh52-errata-general.html.

...shall I trust Redhat, now? :-?

Merc.



I'm the co-maintainer of the Linux sysklogd package which contains the
klogd program for which a buffer overrun has been reported last week.

First of all I'd like to complain about two things:

 a) The reports weren't made against the current version of the
    package.  The source for it is well known on sunsite.unc.edu as
    well as various mirrors.

[SNIP]
Previous By Date Next
Previous By Thread Next

Current thread: