Pine versions 4.21 and before contain a buffer overflow vulnerability
which allows a remote user to execute arbitrary code on the local client
by the sending of a special-crafted email message.  The overflow occursduring the periodic "new mail" checking of an open folder.

By upgrading to Pine 4.30, users can fix this problem.  New pine.tgz and
imapd.tgz packages are available for users of Slackware Linux 7.0, 7.1,
and -current.


 ================================================ Pine 4.30 AVAILABLE - (n1/pine.tgz, n1/imapd.tgz)
 ================================================
  The buffer overflow vulnerability that affects Pine 4.21 and earlier
  can be fixed by upgrading to the new Pine 4.30 packages.  The new
  pine.tgz and imapd.tgz are available in the -current branch:

     
   
 

  For verification purposes, we provide the following checksums:

   16-bit "sum" checksum:
   58447  1475   n1/pine.tgz
   11458   654   n1/imapd.tgz

   128-bit MD5 message digest:
   2f7cdbca84e9d3473c74c6cf6ed24b79  n1/pine.tgz
   81a5c7373e30357679fe613e38e07a01  n1/imapd.tgz


  INSTALLATION INSTRUCTIONS FOR THE pine.tgz PACKAGE:
  ---------------------------------------------------
  Make sure that no users have Pine running, then issue this command:

         # upgradepkg pine.tgz


  INSTALLATION INSTRUCTIONS FOR THE imapd.tgz PACKAGE:
  ---------------------------------------------------
  The IMAP and POP3 servers provided by the imapd.tgz package run from
  inetd.  Make sure they are not running.  This can be easily accomplished
  by dropping the machine into single user mode:

         # telinit 1

  Then upgrade the imapd.tgz package:

         # upgradepkg imapd.tgz


Remember, it's also a good idea to backup configuration files before
upgrading packages.

- Slackware Linux Security Team
   The Slackware Linux Project

Slackware: 'pine' update

November 10, 2000
Pine versions 4.21 and before contain a buffer overflow vulnerability which allows a remote user to execute arbitrary code on the local client by the sending of a special-crafted e...

Summary

Where Find New Packages

MD5 Signatures

Severity
Pine versions 4.21 and before contain a buffer overflow vulnerability which allows a remote user to execute arbitrary code on the local client by the sending of a special-crafted email message. The overflow occursduring the periodic "new mail" checking of an open folder.
By upgrading to Pine 4.30, users can fix this problem. New pine.tgz and imapd.tgz packages are available for users of Slackware Linux 7.0, 7.1, and -current.
================================================ Pine 4.30 AVAILABLE - (n1/pine.tgz, n1/imapd.tgz) ================================================ The buffer overflow vulnerability that affects Pine 4.21 and earlier can be fixed by upgrading to the new Pine 4.30 packages. The new pine.tgz and imapd.tgz are available in the -current branch:
For verification purposes, we provide the following checksums:
16-bit "sum" checksum: 58447 1475 n1/pine.tgz 11458 654 n1/imapd.tgz
128-bit MD5 message digest: 2f7cdbca84e9d3473c74c6cf6ed24b79 n1/pine.tgz 81a5c7373e30357679fe613e38e07a01 n1/imapd.tgz
INSTALLATION INSTRUCTIONS FOR THE pine.tgz PACKAGE: --------------------------------------------------- Make sure that no users have Pine running, then issue this command:
# upgradepkg pine.tgz
INSTALLATION INSTRUCTIONS FOR THE imapd.tgz PACKAGE: --------------------------------------------------- The IMAP and POP3 servers provided by the imapd.tgz package run from inetd. Make sure they are not running. This can be easily accomplished by dropping the machine into single user mode:
# telinit 1
Then upgrade the imapd.tgz package:
# upgradepkg imapd.tgz
Remember, it's also a good idea to backup configuration files before upgrading packages.
- Slackware Linux Security Team The Slackware Linux Project

Installation Instructions

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved