[security@slackware.com: [slackware-security] New DHCP packages available]

From: White Vampire (whitevampire@mindless.com)
Date: 01/23/03

  • Next message: Jeremiah Grossman: "Re: TRACE used to increase the dangerous of XSS."
    Date: Wed, 22 Jan 2003 19:00:22 -0500
    From: White Vampire <whitevampire@mindless.com>
    To: bugtraq@securityfocus.com
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ----- Forwarded message from Slackware Security Team <security@slackware.com> -----

    Return-Path: <owner-slackware-security@slackware.com>
    Delivered-To: whitvamp@localhost
    Received: (qmail 6136 invoked from network); 20 Jan 2003 21:37:08 -0000
    Received: from localhost (127.0.0.1)
      by localhost with SMTP; 20 Jan 2003 21:37:08 -0000
    Delivered-To: vampwhit@lilly.csoft.net
    Received: from mail102.csoft.net [63.111.26.110]
            by localhost with POP3 (fetchmail-5.8.3)
            for whitvamp@localhost (single-drop); Mon, 20 Jan 2003 16:37:08 -0500 (EST)
    Received: (qmail 14369 invoked from network); 19 Jan 2003 22:49:05 -0000
    Received: from unknown (HELO spf4.us4.outblaze.com) (205.158.62.26)
      by mail102.csoft.net with SMTP; 19 Jan 2003 22:49:05 -0000
    Received: from bob.slackware.com (slackware.com [64.57.102.34])
            by spf4.us4.outblaze.com (8.12.6/8.12.6) with ESMTP id h0JMj1uv089184
            for <whitevampire@mindless.com>; Sun, 19 Jan 2003 22:45:04 GMT
    Received: (from daemon@localhost)
            by bob.slackware.com (8.11.6/8.11.6) id h0JKiIT27447
            for slackware-security-outgoing; Sun, 19 Jan 2003 12:44:18 -0800
    Received: from localhost (security@localhost)
            by bob.slackware.com (8.11.6/8.11.6) with ESMTP id h0JKiHU27442
            for <slackware-security@slackware.com>; Sun, 19 Jan 2003 12:44:17 -0800
    Date: Sun, 19 Jan 2003 12:44:17 -0800 (PST)
    From: Slackware Security Team <security@slackware.com>
    To: slackware-security@slackware.com
    Subject: [slackware-security] New DHCP packages available
    Message-ID: <Pine.LNX.4.21.0301191243560.27440-100000@bob.slackware.com>
    MIME-Version: 1.0
    Content-Type: TEXT/PLAIN; charset=US-ASCII
    Sender: owner-slackware-security@slackware.com
    Precedence: bulk
    Reply-To: Slackware Security Team <security@slackware.com>

    New DHCP packages are available for Slackware 8.1 and -current
    to fix buffer overflow security problems.

    Here are the details from the Slackware 8.1 ChangeLog:

    - ----------------------------
    Sun Jan 19 11:18:33 PST 2003
    patches/packages/dhcp-3.0pl2-i386-1.tgz: Upgraded to dhcp-3.0pl2,
      which fixes several buffer overflow vulnerabilities, including some
      which may allow remote attackers to execute arbitrary code on affected
      systems, though no exploits are known yet. For complete information,
      please see: http://www.cert.org/advisories/CA-2003-01.html
      (* Security fix *)
    - ----------------------------

    WHERE TO FIND THE NEW PACKAGES:
    - -------------------------------
    Updated dhcp package for Slackware 8.1:
    ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/dhcp-3.0pl2-i386-1.tgz

    Updated dhcp package for Slackware-current:
    ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/dhcp-3.0pl2-i386-1.tgz

    MD5 SIGNATURES:
    - ---------------

    Here are the md5sums for the packages:

    Slackware 8.1:
    4fb8257a77d683d84b903d57c9694b5f dhcp-3.0pl2-i386-1.tgz

    Slackware-current:
    92b1532220ff51936a97362f63f77dce dhcp-3.0pl2-i386-1.tgz

    +------------------------------------------------------------------------+
    | HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: |
    +------------------------------------------------------------------------+
    | Send an email to majordomo@slackware.com with this text in the body of |
    | the email message: |
    | |
    | unsubscribe slackware-security |
    | |
    | You will get a confirmation message back. Follow the instructions to |
    | complete the unsubscription. Do not reply to this message to |
    | unsubscribe! |
    +------------------------------------------------------------------------+

    - ----- End forwarded message -----

    - --
    \ | \ / White Vampire\Rem | http://gammaforce.org/
     \|\| \/ whitevampire@mindless.com | http://gammagear.com/
    "Silly hacker, root is for administrators." | http://webfringe.com/

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.5 (GNU/Linux)

    iD8DBQE+LzCV3+rxmnEDyl8RAp5MAKDXzK3CNfIZ/xsa1239seVkCw7jeACgljbo
    D2Xp+2MF+PWEaeiAQmhzaPU=
    =HtAQ
    -----END PGP SIGNATURE-----