From: Eridani Star System <linux@eridani.co.uk> To: eridani-announce@eridani.co.uk Subject: [Eridani-Announce] Updates to at, ucd-snmp and ethereal Date: Fri, 22 Feb 2002 07:34:57 +0000 (GMT) Recent updates in Eridani Linux 6.3: at: This addresses the bug found by the Common Vulnerabilities and Exposures project (cve.mitre.org) CAN-2002-0004, where the environment could be erased thus causing commands to fail or operate incorrectly. Also, this fixes a heap corruption bug in the execution time statement. As atd is installed setuid root this bug is exploitable. ucd-snmp: This update addresses issues discovered by the Oulu University Secure Programming Group, where several vulnerabilities have been discovered which can cause denial-of-service conditions and possibly a remote security breach. This update is not susceptible to these vulnerabilities and passes all the tests of the test-suite successfully. cve.mitre.org has these issues logged as CAN-2002-0012 and CAN-2002-0013. ethereal: Updated packages built against the latest ucd-snmp libraries. These updates are located at ftp://ftp.eridani.co.uk/pub/Aeryn/ as i386 and source RPMs. HTTP access is available at http://ftp.eridani.co.uk/ Users of Eridani Linux releases prior to 6.3 should download the source RPMs and recompile on their platforms. -- Michael "Soruk" McConnell Eridani Star System http://www.eridani.co.uk _______________________________________________ Eridani-Announce mailing list To be removed from this list email linux@eridani.co.uk requesting removal.