SECURITY: Security problem in svgalib (fwd)

Simon Karpen (slk@GRACE.ACM.RPI.EDU)
Mon, 23 Jun 1997 20:29:12 -0400

---------- Forwarded message ----------
Date: Mon, 23 Jun 1997 17:54:04 -0400 (EDT)
From: Erik Troan <ewt@redhat.com>
Reply-To: redhat-list@redhat.com
To: redhat-announce-list@redhat.com
Subject: SECURITY: Security problem in svgalib
Resent-Date: 23 Jun 1997 21:54:31 -0000
Resent-From: redhat-announce-list@redhat.com
Resent-cc: recipient list not shown: ;

-----BEGIN PGP SIGNED MESSAGE-----

A major security problem has bee found in svgalib, and exploits are
available which work through the zgv image viewer. This problem affects
all releases of Red Hat Linux on Intel platforms. A newer version of
svgalib is now available which fixes this problem for users of Red Hat
Linux/Intel 4.0, 4.1, and 4.2.

Red Hat software strongly recommends all users with svgalib or any software
which requires svgalib be updated to this version of svgalib immediately. All
of the updated packages have been been signed with Red Hat's PGP key.

Intel 4.0, 4.1, 4.2
- -------------------
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/svgalib-1.2.10-3.i386.rpm

Thanks once again to the readers of the BUGTRAQ mailing list for providing
details on this problem.

Erik

- -------------------------------------------------------------------------------
| "Psychopaths kill for no reason: I kill for money." -- Grosse Pointe Blank |
| |
| Erik Troan = ewt@redhat.com = ewt@sunsite.unc.edu |

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBM67wgqUg6PHLopv5AQEtFwP+NyLRKJJO7NALwnpXW08mzaVHshh8MpeT
+HYqksnB3mqdgSenJEI/K32EGmQBP7BNJ+5Y5Xosi67oup3HocXcognKgDne3jio
R6FGxWsjDfn9YL8CKnybT+oIHu97LppJAh2wXiBS8RkjdMdpt4xOOhfKRnD7kGq2
ico4XEPc0W4=
=LmiY
-----END PGP SIGNATURE-----

--
To unsubscribe:
mail -s unsubscribe redhat-announce-list-request@redhat.com < /dev/null