|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Conectiva Linux Security Announcement - xchat
From: secure
CONECTIVA.COM.BRDate: Fri Aug 25 2000 - 09:24:57 CDT
- Next message: Security Team: "DST2K0023: Directory Traversal Possible & Denial of Service in Wo rm HTTP Server"
- Previous message: Oonk, Patrick: "CERT Advisory CA-2000-18"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
-----------------------------------------------------------------------
PACKAGE : xchat
SUMMARY : Commands inside URLs can be executed by xchat
DATE : 2000-08-25 11:24:00
RELEVANT
RELEASES : 4.2, 5.0, prg gráficos, ecommerce, 5.1
----------------------------------------------------------------------
DESCRIPTION
The IRC client Xchat allows one to right-click an URL and open many
different browsers with it. This is done by opening the broswer via
the shell, and commands inside the URL could be expanded by the shell
and executed.
SOLUTION
All Xchat users should upgrade.
DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/xchat-1.4.2-4cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/xchat-1.4.2-4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/xchat-1.4.2-4cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/xchat-1.4.2-4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/xchat-1.4.2-4cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/xchat-1.4.2-4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/xchat-1.4.2-4cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/xchat-1.4.2-4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/xchat-1.4.2-4cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/xchat-1.4.2-4cl.i386.rpm
----------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key can be
obtained at http://www.conectiva.com.br/contato
----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribebazar.conectiva.com.br
unsubscribe: atualizacoes-anuncio-unsubscribebazar.conectiva.com.br
- Next message: Security Team: "DST2K0023: Directory Traversal Possible & Denial of Service in Wo rm HTTP Server"
- Previous message: Oonk, Patrick: "CERT Advisory CA-2000-18"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]