[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: [Linux] klogd 1.3-22 buffer overflow
From:       security () PENGUIN ! NET ! AU
Date:       1998-11-18 4:22:29
[Download RAW message or body]

Hi,

I am personally a bit mixed up now...

This is what I have just read on the RedHat updates page:

--------------------------------------------
    Red Hat would like to thank Michal Zalewski (lcamtuf@IDS.PL) and the
members of
    the Bugtraq mailing list for discovering this problem and providing a
fix.

    Users of Red Hat Linux are recommended to upgrade to the new packages
ava
--------------------------------------------------

The page is at
http://www.redhat.com/support/docs/rhl/rh52-errata-general.html.

...shall I trust Redhat, now? :-?

Merc.


> I'm the co-maintainer of the Linux sysklogd package which contains the
> klogd program for which a buffer overrun has been reported last week.
>
> First of all I'd like to complain about two things:
>
>  a) The reports weren't made against the current version of the
>     package.  The source for it is well known on sunsite.unc.edu as
>     well as various mirrors.
[SNIP]

[prev in list] [next in list] [prev in thread] [next in thread]