[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Redhat : various packages updated (pine, mutt, sysklogd, zgv)

To: cmelzer@hydra.acs.uci.edu
Subject: Redhat : various packages updated (pine, mutt, sysklogd, zgv)
From: Dan Stromberg <strombrg@nis.acs.uci.edu>
Date: Wed, 07 Apr 1999 13:10:06 -0700
Sender: strombrg@nis.acs.uci.edu


Cristian Gafton wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Security vulnerabilities have been identified in various packages that
> ship with Red Hat Linux.
> 
> Red Hat would like to thank the members of the BUGTRAQ mailing list,
> the members of the Linux Security Audit team, and others. All users
> of Red Hat Linux are encouraged to upgrade to the new packages
> immediately. As always, these packages have been signed with the
> Red Hat PGP key.
> 
> mutt, pine:
> - -----------
> An problem in the mime handling code could allow a remote user
> to execute certain commands on a local system.
> 
> Red Hat Linux 5.2
> - -----------------
> alpha:  rpm -Uvh ftp://updates.redhat.com/5.2/alpha/mutt-0.95.4us-0.alpha.rpm
>         rpm -Uvh ftp://updates.redhat.com/5.2/alpha/pine-4.10-1.alpha.rpm
> i386:   rpm -Uvh ftp://updates.redhat.com/5.2/i386/mutt-0.95.4us-0.i386.rpm
>         rpm -Uvh ftp://updates.redhat.com/5.2/i386/pine-4.10-1.i386.rpm
> sparc:  rpm -Uvh ftp://updates.redhat.com/5.2/sparc/mutt-0.95.4us-0.sparc.rpm
>         rpm -Uvh ftp://updates.redhat.com/5.2/sparc/pine-4.10-1.sparc.rpm
> source: rpm -Uvh ftp://updates.redhat.com/5.2/SRPMS/mutt-0.95.4us-0.src.rpm
>         rpm -Uvh ftp://updates.redhat.com/5.2/SRPMS/pine-4.10-1.src.rpm
> 
> Red Hat Linux 5.1
> - -----------------
> alpha:  rpm -Uvh ftp://updates.redhat.com/5.1/alpha/mutt-0.95.4us-0.alpha.rpm
>         rpm -Uvh ftp://updates.redhat.com/5.1/alpha/pine-3.96-8.1.alpha.rpm
> i386:   rpm -Uvh ftp://updates.redhat.com/5.1/i386/mutt-0.95.4us-0.i386.rpm
>         rpm -Uvh ftp://updates.redhat.com/5.1/i386/pine-3.96-8.1.i386.rpm
> sparc:  rpm -Uvh ftp://updates.redhat.com/5.1/sparc/mutt-0.95.4us-0.sparc.rpm
>         rpm -Uvh ftp://updates.redhat.com/5.1/sparc/pine-3.96-8.1.sparc.rpm
> source: rpm -Uvh ftp://updates.redhat.com/5.1/SRPMS/mutt-0.95.4us-0.src.rpm
>         rpm -Uvh ftp://updates.redhat.com/5.1/SRPMS/pine-3.96-8.1.src.rpm
> 
> Red Hat Linux 5.0
> - -----------------
> alpha:  rpm -Uvh ftp://updates.redhat.com/5.0/alpha/mutt-0.95.4us-0.alpha.rpm
>         rpm -Uvh ftp://updates.redhat.com/5.0/alpha/pine-3.96-7.1.alpha.rpm
> i386:   rpm -Uvh ftp://updates.redhat.com/5.0/i386/mutt-0.95.4us-0.i386.rpm
>         rpm -Uvh ftp://updates.redhat.com/5.0/i386/pine-3.96-7.1.i386.rpm
> source: rpm -Uvh ftp://updates.redhat.com/5.0/SRPMS/mutt-0.95.4us-0.src.rpm
>         rpm -Uvh ftp://updates.redhat.com/5.0/SRPMS/pine-3.96-7.1.src.rpm
> 
> Red Hat Linux 4.2
> - -----------------
> alpha:  rpm -Uvh ftp://updates.redhat.com/4.2/alpha/pine-3.96-7.0.alpha.rpm
> i386:   rpm -Uvh ftp://updates.redhat.com/4.2/i386/pine-3.96-7.0.i386.rpm
> source: rpm -Uvh ftp://updates.redhat.com/4.2/sparc/pine-3.96-7.0.sparc.rpm
> source: rpm -Uvh ftp://updates.redhat.com/4.2/SRPMS/pine-3.96-7.0.src.rpm
> 
> (Mutt was not shipped with Red Hat Linux 4.2)
> 
> sysklogd
> - --------
> An overflow in the parsing code could lead to crashes of the system
> logger.
> 
> Red Hat Linux 5.0,5.1,5.2:
> - --------------------------
> alpha:  rpm -Uvh ftp://updates.redhat.com/5.2/alpha/sysklogd-1.3.31-0.5.alpha.rpm
> i386:   rpm -Uvh ftp://updates.redhat.com/5.2/i386/sysklogd-1.3.31-0.5.i386.rpm
> sparc:  rpm -Uvh ftp://updates.redhat.com/5.2/sparc/sysklogd-1.3.31-0.5.sparc.rpm
> source: rpm -Uvh ftp://updates.redhat.com/5.2/SRPMS/sysklogd-1.3.31-0.5.src.rpm
> 
> Red Hat Linux 4.2:
> - ------------------
> alpha:  rpm -Uvh ftp://updates.redhat.com/4.2/alpha/sysklogd-1.3.31-0.0.alpha.rpm
> i386:   rpm -Uvh ftp://updates.redhat.com/4.2/i386/sysklogd-1.3.31-0.0.i386.rpm
> sparc:  rpm -Uvh ftp://updates.redhat.com/4.2/sparc/sysklogd-1.3.31-0.0.sparc.rpm
> source: rpm -Uvh ftp://updates.redhat.com/4.2/SRPMS/sysklogd-1.3.31-0.0.src.rpm
> 
> zgv
> - ---
> Local users could gain root access.
> 
> Red Hat Linux 5.2:
> - ------------------
> i386:   rpm -Uvh ftp://updates.redhat.com/5.2/i386/zgv-3.0-7.i386.rpm
> source: rpm -Uvh ftp://updates.redhat.com/5.2/SRPMS/zgv-3.0-7.src.rpm
> 
> Red Hat Linux 5.1:
> - ------------------
> i386:   rpm -Uvh ftp://updates.redhat.com/5.1/i386/zgv-3.0-5.1.i386.rpm
> source: rpm -Uvh ftp://updates.redhat.com/5.1/SRPMS/zgv-3.0-5.1.src.rpm
> 
> Red Hat Linux 5.0:
> - ------------------
> i386:   rpm -Uvh ftp://updates.redhat.com/5.0/i386/zgv-3.0-1.5.0.i386.rpm
> source: rpm -Uvh ftp://updates.redhat.com/5.0/SRPMS/zgv-3.0-1.5.0.src.rpm
> 
> Red Hat Linux 4.2:
> - ------------------
> i386:   rpm -Uvh ftp://updates.redhat.com/4.2/i386/zgv-3.0-1.4.2.i386.rpm
> source: rpm -Uvh ftp://updates.redhat.com/4.2/SRPMS/zgv-3.0-1.4.2.src.rpm
> 
> Cristian
> - --
> - ----------------------------------------------------------------------
> Cristian Gafton   --   gafton@redhat.com   --   Red Hat Software, Inc.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>  UNIX is user friendly. It's just selective about who its friends are.
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBNwF30PGvxKXU9NkBAQHrlQP9HIOhOUGaYQ4NW2WrKPIeyvnNDyInr36j
> cvXKcsD7Y3PjTuop+rX9AX9pDseFHgi7/sHKoviguAHBkJ37hKGD7EvzNAfbfoqo
> AE4R4DUNfTd3R6dqLB+2cyMRAoiqHfF0ADkNIMoWwSDjteETnVSqjvOEC0EATWXC
> jxnPtCNpNFs=
> =/SJ+
> -----END PGP SIGNATURE-----
> 
> --
>          To unsubscribe: mail redhat-watch-list-request@redhat.com with
>                        "unsubscribe" as the Subject.
> 
> --
> To unsubscribe:
> mail -s unsubscribe redhat-announce-list-request@redhat.com < /dev/null

Prev by Date: IRIX :X server font path buffer overflow vulnerability
Next by Date: Redhat : New XFree86 packages available
Previous by thread: IRIX :X server font path buffer overflow vulnerability
Next by thread: Redhat : New XFree86 packages available
Index(es):
- Date
- Thread