As reported to slackware-security@slackware.com:
ATTENTION: All users of Slackware 4.0 and Slackware-current
REGARDING: CERT Advisory CA-99-13 Multiple Vulnerabilities in
WU-FTPD
The recent CERT advisory reporting multiple vulnerabilities
in WU-FTPD affects Slackware-current and Slackware-4.0. Here
is the advisory that CERT released:
http://www.cert.org/advisories/CA-99-13-wuftpd.html
An upgraded tcpip1.tgz package is available for both Slackware
4.0 and Slackware-current in their respective directories on
ftp.cdrom.com:
For Slackware-current:
ftp://ftp.cdrom.com/pub/linux/slackware-current/slakware/n6/tcpip1.tgz
For Slackware-4.0:
ftp://ftp.cdrom.com/pub/linux/slackware-4.0/slakware/n8/tcpip1.tgz
Users can download this package and run “upgradepkg” to perform
the upgrade. See the ChangeLogs for each release for more
information.
David Cantrell | david@slackware.com
CA-99-13: minimal fix for Slackware 3.5 through 4.0
Regarding the recent CERT advisory about WU-FTPD:
An alternative minimal fix is available for Slackware versions
3.5, 3.6, 3.9, and 4.0. Users can download this and run
“installpkg” on it to upgrade the FTP server.
You can obtain the package from:
ftp://ftp.cdrom.com/pub/linux/slackware-4.0/patches/wuftpd.tgz
David Cantrell | david@slackware.com