87626 2003-01-08  01:55  /43 rader/ Daniel Ahlberg <aliz@gentoo.org>
Importerad: 2003-01-08  01:55  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <2970>
Ärende: GLSA:  lcdproc
------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200301-7
- - --------------------------------------------------------------------

PACKAGE : lcdproc
SUMMARY : remote code execution
DATE    : 2003-01-07 21:01 UTC
EXPLOIT : remote

- - --------------------------------------------------------------------

- From advisory:

"The vulnerabilities in LCDproc allow an attacker to remotely execute
arbitrary code or cause the LCDproc server to crash."

Read the full advisory at
http://online.securityfocus.com/archive/1/56411

SOLUTION

It is recommended that all Gentoo Linux users who are running
app-misc/lcdproc-0.4.1-r1 or earlier update their systems as 
follows:

emerge rsync
emerge lcdproc
emerge clean

- - --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - --------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+G0HGfT7nyhUpoZMRAq7gAKCkO+SxDyRM7UQcNUrMLSntdEzt9ACfXRib
VNy+H91tV/pxs+oSU3udMAM=
=JLG/
-----END PGP SIGNATURE-----
(87626) /Daniel Ahlberg <aliz@gentoo.org>/----------