Date: Tue, 5 Sep 2000 12:03:02 +0100 From: abs@PURPLEI.COM Subject: Re: screen 3.9.5 root vulnerability To: BUGTRAQ@SECURITYFOCUS.COM Fix applied to NetBSD pkgsrc on 1st september. NetBSD pkgsrc users should confirm they have screen-3.9.5nb1 or later. For reference, patch applied: $NetBSD: patch-ah,v 1.2 2000/09/01 15:23:51 kim Exp $ --- screen.c.orig Wed Sep 1 17:57:25 1999 +++ screen.c Fri Sep 1 11:22:45 2000 @@ -2311,7 +2311,7 @@ else if (visual && !D_VB && (!D_status || !D_status_bell)) { D_status_delayed = -1; - Msg(0, VisualBellString); + Msg(0, "%s", VisualBellString); if (D_status) { D_status_bell = 1; David/absolute -- www.netbsd.org: No hype required --