Bugtraq mailing list archives
BitchX update
From: vdanen () MANDRAKESOFT COM (Vincent Danen)
Date: Fri, 7 Jul 2000 20:05:53 -0600
_____________________________________________________________________ Linux-Mandrake Security Update Advisory. _____________________________________________________________________ Date: July 7th, 2000 Package name: BitchX Affected versions: 6.1, 7.0, 7.1 Problem: A denial of service vulnerability exists in BitchX. Improper handling of incoming invitation messages can crash the client. Any user on IRC can send the client an invitation message that causes BitchX to segfault. Please upgrade to: md5sum: 5e34661e39b67283600ba138694730c5 6.1/RPMS/BitchX-75p3-12mdk.i586.rpm md5sum: d4876a7dc0b40226b8abbd80e01988a6 6.1/SRPMS/BitchX-75p3-12mdk.src.rpm md5sum: 4f28b30cb2bfd09cec05e0bf2af2da99 7.0/RPMS/BitchX-75p3-12mdk.i586.rpm md5sum: d4876a7dc0b40226b8abbd80e01988a6 7.0/SRPMS/BitchX-75p3-12mdk.src.rpm md5sum: f6297ab3e697cfa24762565a26ff6544 7.1/RPMS/BitchX-75p3-12mdk.i586.rpm md5sum: d4876a7dc0b40226b8abbd80e01988a6 7.1/SRPMS/BitchX-75p3-12mdk.src.rpm To upgrade automatically, use « MandrakeUpdate ». If you want to upgrade manually, download the updated package from one of our FTP server mirrors and uprade with "rpm -Uvh package_name". All mirrors are listed on http://www.mandrake.com/en/ftp.php3. Updated packages are available in the "updates/" directory. For example, if you are looking for an updated RPM package for Mandrake 7.1, look for it in: updates/7.1/RPMS/ Notes: - We give the md5 sum for each package. It lets you check the integrity of the downloaded package by running the md5sum command on the package ("md5sum package.rpm"). - You generally do not need to download the source package with a .src.rpm suffix - All the updated packages are listed on the website on http://www.linux-mandrake.com/en/fupdates.php3 - To subscribe/unsubscribe from the "security-announce" list and subscribe/unsubscribe from the "security-discuss" list see: http://www.linux-mandrake.com/en/flists.php3#security
Current thread:
- More Detailed Info on the BitchX Format Bugs, (continued)
- More Detailed Info on the BitchX Format Bugs RoboHak (Jul 07)
- Re: More Detailed Info on the BitchX Format Bugs Ryan Russell (Jul 07)
- Re: More Detailed Info on the BitchX Format Bugs RoboHak (Jul 09)
- opieftpd setproctitle() patches Kris Kennaway (Jul 10)
- Remote DoS Attack in WircSrv Irc Server v5.07s Vulnerability Ussr Labs (Jul 10)
- Security Update: Denial of Service against irc-BX Technical Support (Jul 07)
- Out of order SMTP DATA commands incorrectly allow pass-through mode in some firewall smtp filters/proxies Lincoln Yeoh (Jul 08)
- Re: More Detailed Info on the BitchX Format Bugs Ryan Russell (Jul 07)
- Re: ftpd and setproctitle() D. J. Bernstein (Jul 07)
- Re: ftpd and setproctitle() Bernd Luevelsmeyer (Jul 07)
- Re: ftpd and setproctitle() Firstname Lastname (Jul 10)
- BitchX update Vincent Danen (Jul 07)
- Re: ftpd and setproctitle() Pavel Kankovsky (Jul 08)
- Re: ftpd and setproctitle() Bernd Luevelsmeyer (Jul 07)
- ANNOUNCE: PScan, a simple security scanner. Alan DeKok (Jul 07)
- Re: ftpd and setproctitle() Roger Espel Llima (Jul 07)
- Re: ftpd and setproctitle() Adam McKenna (Jul 07)
- Security Update: symlink attack on makewhatis script possible Technical Support (Jul 07)
- Re: ftpd and setproctitle() Nic Bellamy (Jul 07)
- More Detailed Info on the BitchX Format Bugs RoboHak (Jul 07)