Date: Fri, 25 Aug 2000 11:24:57 -0300 From: secure@CONECTIVA.COM.BR To: BUGTRAQ@SECURITYFOCUS.COM Subject: Conectiva Linux Security Announcement - xchat
CONECTIVA LINUX SECURITY ANNOUNCEMENT
PACKAGE : xchat SUMMARY : Commands inside URLs can be executed by xchat DATE : 2000-08-25 11:24:00 RELEVANT RELEASES : 4.2, 5.0, prg gr=E1ficos, ecommerce, 5.1
DESCRIPTION The IRC client Xchat allows one to right-click an URL and open many different browsers with it. This is done by opening the broswer via the shell, and commands inside the URL could be expanded by the shell and executed. SOLUTION All Xchat users should upgrade. DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/xchat-1.4.2-4cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.2/i386/xchat-1.4.2-4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/xchat-1.4.2-4cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/xchat-1.4.2-4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/xchat-1.4.2-4cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/xchat-1.4.2-4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/xchat-1.4.2-4cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/xchat-1.4.2-4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/xchat-1.4.2-4cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/xchat-1.4.2-4cl.i386.rpm
All packages are signed with Conectiva's GPG key. The key can be obtained at http://www.conectiva.com.br/contato
subscribe: atualizacoes-anuncio-subscribe@bazar.conectiva.com.br unsubscribe: atualizacoes-anuncio-unsubscribe@bazar.conectiva.com.br