Slackware: 'xchat' vulnerability
Posted by LinuxSecurity.com Team   
Slackware An input validation bug was found to affect Slackware Linux 7.0, 7.1, and -current.
An input validation bug was found to affect Slackware Linux 7.0, 7.1, and
-current.  The problem is described in detail at this site:

    http://www.securityfocus.com/bid/1601

Users of Slackware 7.0, 7.1, and -current are urged to upgraded to the
xchat.tgz package available in the Slackware -current branch.


   ========================================
   xchat 1.5.7 AVAILABLE - (gtk1/xchat.tgz)
   ========================================

      The input validation bug has been fixed in this release of XChat.  The
new
      xchat.tgz package is available from:

         
ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/gtk/xchat.tgz

      For verification purposes, we provide the following checksums:

         16-bit "sum" checksum:
         2394041667 1288299 gtk1/xchat.tgz

         128-bit MD5 message digest:
         b388d7eb7914a6d456f49f0b0f62fcb8  gtk1/xchat.tgz


      INSTALLATION INSTRUCTIONS FOR THE xchat.tgz PACKAGE:
      ---------------------------------------------------
      Make sure that no users have XChat running, then issue this command:

         # upgradepkg xchat.tgz


Remember, it's also a good idea to backup configuration files before
upgrading packages.

- Slackware Linux Security Team
   http://www.slackware.com