[LWN Logo]
[Timeline]
Date: Tue, 19 Sep 2000 01:57:29 -0700 (PDT)
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: klogd Kernel Logger vulnerability and fix


A string format / buffer overflow bug has been discovered in klogd, the kernel
logging daemon.  Please upgrade to the new sysklogd 1.4 package available on 
the Slackware FTP site.


=========================================================================
sysklogd 1.4 AVAILABLE - (a1/sysklogd.tgz)
=========================================================================


PACKAGE INFORMATION:
--------------------
a1/sysklogd.tgz:
   This package contains a new version of klogd (1.4) which is not vulnerable
   to this string format hole.  Most users will have a previous version 
   installed, and should upgrade to the new version on the FTP site.


WHERE TO FIND THE NEW PACKAGES:
-------------------------------
All new packages can be found in the -current branch:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/a1/sysklogd.tgz


MD5 SIGNATURES AND CHECKSUMS:
-----------------------------
Here are the md5sums and checksums for the packages:

   d2a7c649c19fc14e6668c583feaf62ae  a1/sysklogd.tgz

   4100951056 58926  a1/sysklogd.tgz


INSTALLATION INSTRUCTIONS:
--------------------------
The packages above should be upgraded in single user mode (runlevel
1).  Bring the system into runlevel 1:

   # telinit 1

Then upgrade the packages:

   # upgradepkg <package name>.tgz

Then bring the system back into multiuser mode:

   # telinit 3

Remember, it's also a good idea to back up configuration files before
upgrading packages.


+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST:                         |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back.  Follow the instructions to  |
| complete the unsubscription.  Do not reply to this message to          |
| unsubscribe!                                                           |
+------------------------------------------------------------------------+


- Slackware Linux Security Team
  http://www.slackware.com