dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Slackware Security Advisory: xchat input validation bug fixed

Sep 14, 2000, 22:24 (0 Talkback[s])
(Other stories by Christopher J. Kager)

Date: Thu, 14 Sep 2000 13:08:04 -0400
From: Christopher J. Kager chris@THEALANGROUP.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: [slackware-security]: xchat input validation bug fixed

An input validation bug was found to affect Slackware Linux 7.0, 7.1, and -current. The problem is described in detail at this site:

http://www.securityfocus.com/bid/1601

Users of Slackware 7.0, 7.1, and -current are urged to upgraded to the xchat.tgz package available in the Slackware -current branch.

========================================
xchat 1.5.7 AVAILABLE - (gtk1/xchat.tgz)
========================================

The input validation bug has been fixed in this release of XChat. The new xchat.tgz package is available from:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/gtk/xchat.tgz

For verification purposes, we provide the following checksums:

16-bit "sum" checksum:
2394041667 1288299 gtk1/xchat.tgz

128-bit MD5 message digest:
b388d7eb7914a6d456f49f0b0f62fcb8 gtk1/xchat.tgz

INSTALLATION INSTRUCTIONS FOR THE xchat.tgz PACKAGE:
---------------------------------------------------
Make sure that no users have XChat running, then issue this command:

# upgradepkg xchat.tgz

Remember, it's also a good idea to backup configuration files before upgrading packages.

- Slackware Linux Security Team
http://www.slackware.com