---

Slackware Security Advisory: xchat input validation bug fixed

Date: Thu, 14 Sep 2000 13:08:04 -0400
From: Christopher J. Kager [email protected]
To: [email protected]
Subject: [slackware-security]: xchat input validation bug fixed

An input validation bug was found to affect Slackware Linux 7.0,
7.1, and -current. The problem is described in detail at this
site:

http://www.securityfocus.com/bid/1601

Users of Slackware 7.0, 7.1, and -current are urged to upgraded
to the xchat.tgz package available in the Slackware -current
branch.

========================================
xchat 1.5.7 AVAILABLE – (gtk1/xchat.tgz)
========================================

The input validation bug has been fixed in this release of
XChat. The new xchat.tgz package is available from:


ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/gtk/xchat.tgz

For verification purposes, we provide the following
checksums:

16-bit “sum” checksum:
2394041667 1288299 gtk1/xchat.tgz

128-bit MD5 message digest:
b388d7eb7914a6d456f49f0b0f62fcb8 gtk1/xchat.tgz

INSTALLATION INSTRUCTIONS FOR THE xchat.tgz PACKAGE:
—————————————————
Make sure that no users have XChat running, then issue this
command:

# upgradepkg xchat.tgz

Remember, it’s also a good idea to backup configuration files
before upgrading packages.

– Slackware Linux Security Team
http://www.slackware.com