Slackware alert: Pine update fixes insecure URL-handling

Posted by dave on Jan 12, 2002 12:35 PM EDT
Mailing list
Mail this story
Print this story

Pine 4.44 packages are now available to fix a problem with insecure URL handling.

Pine 4.44 packages are now available to fix a problem with insecure URL handling.

Here's the information from the Slackware 8.0 ChangeLog:

Sat Jan 12 13:05:33 PST 2002 patches/packages/pine.tgz: Fix a security problem with pine by upgrading to pine4.44.

More details from the Pine Announcement List: This note is to announce the availability of the Pine Message System version 4.44. The purpose of this release is to fix a security bug with the treatment of quotes in the URL-handling code. The bug allows a malicious sender to embed commands in a URL. This bug is present in all versions of UNIX Pine.

We recommend upgrading Pine as soon as possible.

WHERE TO FIND THE NEW PACKAGE: ------------------------------

Updated pine package for Slackware 8.0:

MD5 SIGNATURE: --------------

Here is the md5sum for the package:

9511772027b579c1c2c542b4bb0d85da pine.tgz

INSTALLATION INSTRUCTIONS: --------------------------

Simply upgrade as root:

# upgradepkg pine.tgz

Remember, it's also a good idea to backup configuration files before upgrading packages.

- Slackware Linux Security Team

+------------------------------------------------------------------------+ | HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: | +------------------------------------------------------------------------+ | Send an email to with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back. Follow the instructions to | | complete the unsubscription. Do not reply to this message to | | unsubscribe! | +------------------------------------------------------------------------+

» Read more about: Story Type: Security; Groups: Slackware

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.