5307825 2000-07-28  00:35  /48 rader/ Brevbäraren (som är implementerad i) Python
Mottagare: Bugtraq (import) <11957>
Ärende: CONECTIVA LINUX SECURITY ANNOUNCEMENT - BITCHX
------------------------------------------------------------
From: Security <secure@CONECTIVA.COM.BR>
To: BUGTRAQ@SECURITYFOCUS.COM
Message-ID: <20000727112243.B17869@conectiva.com.br>

----------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
----------------------------------------------------------------------

PACKAGE: BitchX
SUMMARY: Denial of service
DATE: 2000-07-27
AFFECTED CONECTIVA VERSIONS : 5.1


DESCRIPTION This announcement is being re-released specifically for
Conectiva Linux 5.1.

The irc client BitchX can be taken down remotely by inviting
the user to a channel with format strings in its name. By
receiving the invitation, BitchX will crash immediately.


SOLUTION
Users of BitchX must upgrade.
Conectiva Linux versions prior to 5.1 have already been patched.


DIRECT DOWNLOAD LINKS TO UPDATED PACKAGES
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.1/i386/BitchX-75p3-9cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/wserv-1.13-2cl.i386.rpm


DIRECT LINK TO THE SOURCE PACKAGE
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.1/SRPMS/BitchX-75p3-9cl.src.rpm


----------------------------------------------------------------------

All packages are signed with Conectiva's GPG key. The key can be
obtained at http://www.conectiva.com.br/conectiva/contato.html


----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribe@bazar.conectiva.com.br
unsubscribe: atualizacoes-anuncio-unsubscribe@bazar.conectiva.com.br
(5307825) ------------------------------------------(Ombruten)