Slackware alert: BitchX security fixes (SSA:2003-141-02)

Posted by dave on May 21, 2003 7:30 PM EDT
Mailing list
Mail this story
Print this story

New BitchX packages are available to fix security problems found by Timo Sirainen. BitchX is an IRC (Internet Relay Chat) client. Under certain circumstances, a malicious IRC server could cause BitchX to crash, or possibly to run arbitrary code as the user running BitchX.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] BitchX security fixes (SSA:2003-141-02)

New BitchX packages are available to fix security problems found by Timo Sirainen. BitchX is an IRC (Internet Relay Chat) client. Under certain circumstances, a malicious IRC server could cause BitchX to crash, or possibly to run arbitrary code as the user running BitchX.

All sites running BitchX are advised to upgrade.

More information on the problem can be found here:

Here are the details from the Slackware 9.0 ChangeLog: +--------------------------+ Tue May 20 20:13:09 PDT 2003 patches/packages/bitchx-1.0c19-i386-3.tgz: Patched several potential "evil server" security problems noted by Timo Sirainen. (* Security fix *) +--------------------------+



WHERE TO FIND THE NEW PACKAGES: +-----------------------------+

Updated package for Slackware 8.1: ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bitchx-1.0c19-i386-3.tgz

Updated package for Slackware 9.0: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bitchx-1.0c19-i386-3.tgz



MD5 SIGNATURES: +-------------+

Slackware 8.1 package: ed9affc29424472b5f442e6182be92ec bitchx-1.0c19-i386-3.tgz

Slackware 9.0 package: 2e2158987c031115a4b1d5cc9741e033 bitchx-1.0c19-i386-3.tgz



INSTALLATION INSTRUCTIONS: +------------------------+

Upgrade using upgradepkg (as root):

upgradepkg bitchx-1.0c19-i386-3.tgz

+-----+

Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

+------------------------------------------------------------------------+ | HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back. Follow the instructions to | | complete the unsubscription. Do not reply to this message to | | unsubscribe! | +------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+zBCIakRjwEAQIjMRAgr2AJ4uNFByraDXfb52+mWX1t5qfWSCzgCfbIvn F/XK/kfW59EyzszITurEkgU= =1LcU -----END PGP SIGNATURE-----

  Nav
» Read more about: Story Type: Security; Groups: Slackware

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.