---------------------------------------------------------------------Fedora Update Notification
FEDORA-2003-031
2003-12-04
---------------------------------------------------------------------Name        : xboard
Version     : 4.2.7
Release     : 1
Summary     : An X Window System graphical chessboard.
Description :
Xboard is an X Window System based graphical chessboard which can be
used with the GNUchess and Crafty chess programs, with Internet Chess
Servers (ICSs), with chess via email, or with your own saved games.

Install the xboard package if you need a graphical chessboard.

---------------------------------------------------------------------Update Information:

XBoard 4.2.6 and older contains a script which writes to a file in 
/tmp with a predictable filename. Malicious users could use this 
vulnerability to force XBoard users to overwrite any file writable
by them.
---------------------------------------------------------------------* Thu Dec 04 2003 Karsten Hopp <karsten@RedHat.de> 4.2.7-1

- update to 4.2.7

---------------------------------------------------------------------This update can be downloaded from:
    

c9ee7f4bfdc30da49d4e4e968baf4512  SRPMS/xboard-4.2.7-1.src.rpm
ed2216de0ce24bf9d18423e5eb94d734  i386/xboard-4.2.7-1.i386.rpm
c22f3442cbd928378ace8d4aaaf4681f  i386/debug/xboard-debuginfo-4.2.7-1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

Fedora: Xboard predictable file-write exploit

December 4, 2003
XBoard 4.2.6 and older contains a script which writes to a file in /tmp with a predictable filename

Summary

Xboard is an X Window System based graphical chessboard which can be

used with the GNUchess and Crafty chess programs, with Internet Chess

Servers (ICSs), with chess via email, or with your own saved games.

Install the xboard package if you need a graphical chessboard.

XBoard 4.2.6 and older contains a script which writes to a file in

/tmp with a predictable filename. Malicious users could use this

vulnerability to force XBoard users to overwrite any file writable

by them.

- update to 4.2.7

c9ee7f4bfdc30da49d4e4e968baf4512 SRPMS/xboard-4.2.7-1.src.rpm

ed2216de0ce24bf9d18423e5eb94d734 i386/xboard-4.2.7-1.i386.rpm

c22f3442cbd928378ace8d4aaaf4681f i386/debug/xboard-debuginfo-4.2.7-1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

FEDORA-2003-031 2003-12-04 Version : 4.2.7 Release : 1 Summary : An X Window System graphical chessboard. Description : Xboard is an X Window System based graphical chessboard which can be used with the GNUchess and Crafty chess programs, with Internet Chess Servers (ICSs), with chess via email, or with your own saved games. Install the xboard package if you need a graphical chessboard. XBoard 4.2.6 and older contains a script which writes to a file in /tmp with a predictable filename. Malicious users could use this vulnerability to force XBoard users to overwrite any file writable by them. - update to 4.2.7 c9ee7f4bfdc30da49d4e4e968baf4512 SRPMS/xboard-4.2.7-1.src.rpm ed2216de0ce24bf9d18423e5eb94d734 i386/xboard-4.2.7-1.i386.rpm c22f3442cbd928378ace8d4aaaf4681f i386/debug/xboard-debuginfo-4.2.7-1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.

Change Log

References

Update Instructions

Severity
Version : 4.2.7
Release : 1
Summary : An X Window System graphical chessboard.

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved