OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: CONECTIVA LINUX SECURITY ANNOUNCEMENT - BitchX
From: Sergio Bruder (bruderCONECTIVA.COM.BR)
Date: Fri Jul 07 2000 - 16:28:38 CDT


----------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
----------------------------------------------------------------------

PACKAGE: BitchX
SUMMARY: Denial of service
DATE: 2000-07-07
AFFECTED CONECTIVA VERSIONS : 4.0, 4.0es, 4.1, 4.2 and 5.0

DESCRIPTION
The irc client BitchX can be taken down remotely by inviting
the user to a channel with format strings in its name. By
receiving the invitation, BitchX will crash immediately.

SOLUTION
Users of BitchX must upgrade.

DIRECT DOWNLOAD LINKS TO UPDATED PACKAGES
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.0/i386/BitchX-75p3-9cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.0/i386/wserv-1.13-2cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.0es/i386/BitchX-75p3-9cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.0es/i386/wserv-1.13-2cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.1/i386/BitchX-75p3-9cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.1/i386/wserv-1.13-2cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.2/i386/BitchX-75p3-9cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.2/i386/wserv-1.13-2cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/BitchX-75p3-9cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/wserv-1.13-2cl.i386.rpm

DIRECT LINK TO THE SOURCE PACKAGES
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.0/SRPMS/BitchX-75p3-9cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.0es/SRPMS/BitchX-75p3-9cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.1/SRPMS/BitchX-75p3-9cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.2/SRPMS/BitchX-75p3-9cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/SRPMS/BitchX-75p3-9cl.src.rpm

----------------------------------------------------------------------

All packages are signed with Conectiva's GPG key. The key can be obtained at
http://www.conectiva.com.br/conectiva/contato.html

----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribebazar.conectiva.com.br
unsubscribe: atualizacoes-anuncio-unsubscribebazar.conectiva.com.br