Date: Thu, 14 Sep 2000 13:08:04 -0400
From: Christopher J. Kager chris@THEALANGROUP.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: [slackware-security]: xchat input validation bug fixed
An input validation bug was found to affect Slackware Linux 7.0,
7.1, and -current. The problem is described in detail at this
site:
http://www.securityfocus.com/bid/1601
Users of Slackware 7.0, 7.1, and -current are urged to upgraded
to the xchat.tgz package available in the Slackware -current
branch.
========================================
xchat 1.5.7 AVAILABLE – (gtk1/xchat.tgz)
========================================
The input validation bug has been fixed in this release of
XChat. The new xchat.tgz package is available from:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/gtk/xchat.tgz
For verification purposes, we provide the following
checksums:
16-bit “sum” checksum:
2394041667 1288299 gtk1/xchat.tgz
128-bit MD5 message digest:
b388d7eb7914a6d456f49f0b0f62fcb8 gtk1/xchat.tgz
INSTALLATION INSTRUCTIONS FOR THE xchat.tgz PACKAGE:
—————————————————
Make sure that no users have XChat running, then issue this
command:
# upgradepkg xchat.tgz
Remember, it’s also a good idea to backup configuration files
before upgrading packages.
– Slackware Linux Security Team
http://www.slackware.com