Whitebox alert WBSA-2003:404-01 (lftp)

From:
    	     
 
John Morris <jmorris@beau.org>
To:
    	     
 
whitebox-announce@beau.org
Subject:
    	     
 
[Whitebox-announce] [WBSA-# 2003:404-01] Updated lftp packages fix security vulnerability
Date:
    	     
 
Thu, 12 Feb 2004 17:36:26 -0600 (CST)

----------------------------------------------------------------------
                   Security Advisory

Synopsis:          Updated lftp packages fix security vulnerability
Advisory ID:       WBSA-2003:404-01
Issue date:        2004-02-12
Updated on:        2003-12-17
Product:           White Box Enterprise Linux 3.0
Keywords:          
Cross references:  
Obsoletes:         
CVE Names:         CAN-2003-0963
- ---------------------------------------------------------------------

Updated lftp packages are now available that fix a buffer overflow
security vulnerability.

More information is available in Red Hat, Inc's original advisory 
available on their site at:

http://www.redhat.com/archives/enterprise-watch-list/2003-December/msg00008.html

To install this new package on your White Box Enterprise Linux system
use the Up2Date Network or Yum.

Note: Be sure to change the default Up2Date or Yum server from the
initial location to prevent undue load to the whiteboxlinux.org
server, which doesn't have a lot of outbound bandwidth.  The config
files already have entries for mirror sites commented out.

Up2Date's configuration file is at /etc/sysconfig/rhn/sources

Yum's configuration is in /etc/yum.conf


_______________________________________________
Whitebox-announce mailing list
Whitebox-announce@beau.org
http://beau.org/mailman/listinfo/whitebox-announce