Advisories

Mandriva Advisories

Package name	BitchX
Date	December 14th, 2000
Advisory ID	MDKSA-2000:079
Affected versions	6.1, 7.0, 7.1, 7.2
Synopsis	Updated BitchX packages fix insecure handling of DNS information

Problem Description

Two bugs exist in the BitchX IRC client. A possible stack overflow
condition exists if a malformed DNS answer is processed by the client,
and the second bug allows this malformed DNS record to be embedded in a
valid DNS packet. Without the second bug, the malformed DNS record
wouldn't be processed "correctly."

Updated Packages

Mandrakelinux 6.1

 f3923806f31fc2051634d58793da5564  6.1/RPMS/BitchX-1.0-0.c17.1.2mdk.i586.rpm
ca985345f2325952bbdb3d2fcd31dcb6  6.1/SRPMS/BitchX-1.0-0.c17.1.2mdk.src.rpm

Mandrakelinux 7.0

 b6341687d0e8a4f1149850d58db38384  7.0/RPMS/BitchX-1.0-0.c17.1.2mdk.i586.rpm
ca985345f2325952bbdb3d2fcd31dcb6  7.0/SRPMS/BitchX-1.0-0.c17.1.2mdk.src.rpm

Mandrakelinux 7.1

 6a37d4159ec294b0f02d607d3bb0a1a8  7.1/RPMS/BitchX-1.0-0.c17.1.2mdk.i586.rpm
ca985345f2325952bbdb3d2fcd31dcb6  7.1/SRPMS/BitchX-1.0-0.c17.1.2mdk.src.rpm

Mandrakelinux 7.2

 d08c8f5facc4c90770d78ab56cfc4d75  7.2/RPMS/BitchX-1.0-0.c17.1.1mdk.i586.rpm
281243ff0bac9299c78d40132d7eb43c  7.2/SRPMS/BitchX-1.0-0.c17.1.1mdk.src.rpm

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer