SECURITY: new svgalib and kbd now available

Erik Troan (ewt@REDHAT.COM)
Wed, 25 Mar 1998 11:51:10 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: SGI Security Coordinator: "IMAP/POP Vulnerability"
Previous message: Aleph One: "Protocol"

/tmp exploits have been found in svgalib and kbd. New versions of both
of these packages are available for Red Hat Linux. All of these new
packages have been signed with the Red Hat PGP key.

svgalib is only available for i386 platforms, and kbd is only availble
for Intel and SPARC (it was not included in Red Hat 4.2 on the SPARC).

Thanks to Mark A. Spencer and Alan Cox for helping to find and fix these
problems.

Red Hat 5.0
-------------

i386:
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/kbd-0.94-6.i386.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/svgalib-1.2.11-4.i386.rpm

alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/alpha/kbd-0.94-6.alpha.rpm

Red Hat 4.2
-------------

i386:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/kbd-0.91-10.i386.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/svgalib-1.2.10-3.i386.rpm

alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/kbd-0.91-10.alpha.rpm

Erik

Next message: SGI Security Coordinator: "IMAP/POP Vulnerability"
Previous message: Aleph One: "Protocol"