search for: gafton

...mail.redhat.com (199.183.24.239) by lists.redhat.com with SMTP; 30 Aug 1999 19:39:11 -0000 Received: from alien.devel.redhat.com (root@alien.devel.redhat.com [207.175.42.9]) by mail.redhat.com (8.8.7/8.8.7) with ESMTP id PAA06611; Mon, 30 Aug 1999 15:39:09 -0400 Received: from localhost (IDENT:gafton@localhost [127.0.0.1]) by alien.devel.redhat.com (8.9.3/8.9.3) with ESMTP id PAA24281; Mon, 30 Aug 1999 15:38:59 -0400 Date: Mon, 30 Aug 1999 15:38:52 -0400 (EDT) From: Cristian Gafton <gafton@redhat.com> X-Sender: gafton@alien.devel.redhat.com To: Undisclosed recipients: ; Subject: SECURIT...

...mail.redhat.com (199.183.24.239) by lists.redhat.com with SMTP; 21 Oct 1999 21:20:34 -0000 Received: from alien.devel.redhat.com (root@alien.devel.redhat.com [207.175.42.9]) by mail.redhat.com (8.8.7/8.8.7) with ESMTP id RAA01606; Thu, 21 Oct 1999 17:20:32 -0400 Received: from localhost (IDENT:gafton@localhost [127.0.0.1]) by alien.devel.redhat.com (8.9.3/8.9.3) with ESMTP id RAA19426; Thu, 21 Oct 1999 17:20:31 -0400 Date: Thu, 21 Oct 1999 17:20:24 -0400 (EDT) From: Cristian Gafton <gafton@redhat.com> X-Sender: gafton@alien.devel.redhat.com To: redhat-watch-list@redhat.com Message-ID: &...

...28:25 -0500 Received: (qmail 15370 invoked by uid 501); 16 Apr 1999 09:45:57 -0000 Resent-Date: 16 Apr 1999 09:45:57 -0000 Resent-Cc: recipient list not shown: ; MBOX-Line: From redhat-watch-list-request@redhat.com Fri Apr 16 05:45:56 1999 Date: Fri, 16 Apr 1999 05:22:11 -0400 (EDT) From: Cristian Gafton <gafton@redhat.com> X-Sender: gafton@alien.devel.redhat.com To: redhat-watch-list@redhat.com Subject: SECURITY: new procmail packages available Message-ID: <Pine.LNX.4.10.9904160521050.29655-100000@alien.devel.redhat.com> Approved: ewt@redhat.com MIME-Version: 1.0 Content-Type: TEXT/PLA...

...:06:36 -0500 Received: (qmail 3324 invoked by uid 501); 16 Apr 1999 11:30:02 -0000 Resent-Date: 16 Apr 1999 11:30:02 -0000 Resent-Cc: recipient list not shown: ; MBOX-Line: From redhat-watch-list-request@redhat.com Fri Apr 16 07:30:01 1999 Date: Fri, 16 Apr 1999 07:06:08 -0400 (EDT) From: Cristian Gafton <gafton@redhat.com> X-Sender: gafton@alien.devel.redhat.com To: redhat-watch-list@redhat.com Subject: (Correction) SECURITY: New rsync packages available Message-ID: <Pine.LNX.4.10.9904160701270.25520-100000@alien.devel.redhat.com> Approved: ewt@redhat.com MIME-Version: 1.0 Content-Type...

...MBOX-Line: From redhat-announce-list-request@redhat.com Fri Apr 16 05:44:13 1999 Resent-Date: 16 Apr 1999 09:44:12 -0000 Resent-Cc: recipient list not shown: ; MBOX-Line: From redhat-watch-list-request@redhat.com Fri Apr 16 05:44:12 1999 Date: Fri, 16 Apr 1999 05:20:28 -0400 (EDT) From: Cristian Gafton <gafton@redhat.com> X-Sender: gafton@alien.devel.redhat.com To: redhat-watch-list@redhat.com Subject: SECURITY: New lpr packages available Message-ID: <Pine.LNX.4.10.9904160503450.29655-100000@alien.devel.redhat.com> Approved: ewt@redhat.com MIME-Version: 1.0 Content-Type: TEXT/PLAIN; c...

...99.183.24.239) by lists.redhat.com with SMTP; 12 Apr 2000 16:06:25 -0000 Received: from devserv.devel.redhat.com (root@devserv.devel.redhat.com [207.175.42.156]) by mail.redhat.com (8.8.7/8.8.7) with ESMTP id LAA17236; Wed, 12 Apr 2000 11:17:39 -0400 Received: from alien.devel.redhat.com (IDENT:gafton@alien.devel.redhat.com [207.175.42.9]) by devserv.devel.redhat.com (8.9.3/8.9.3) with ESMTP id LAA23867; Wed, 12 Apr 2000 11:17:39 -0400 Date: Wed, 12 Apr 2000 11:17:32 -0400 (EDT) From: Cristian Gafton <gafton@redhat.com> X-Sender: gafton@alien.devel.redhat.com To: redhat-watch-list@redhat...

Back in June when I was fooling around with some programs I was writing, I found a serious buffer overflow in WindowMaker 0.60.0 and 0.52, but I assume previous versions are vulnerable as well. By replacing argv[0] of a program with a string longer than 249 characters, it is possible to overflow one of the programs buffers, causing it, and possibly X as well to crash. It is assumed this can

...ng f_name to make it sane would require some bigger changes, since f_name() happens to be quite a popular function inside the rsync code... This is bad and needs some fixing... Little hammer or big hammer? Cristian -- ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "There are two kinds of people who never amount to much: those who cannot do what they are told, and those who can do nothing else." --Cyrus Curtis

...MBOX-Line: From redhat-announce-list-request@redhat.com Tue Mar 30 20:34:23 1999 Resent-Date: 31 Mar 1999 01:34:22 -0000 Resent-Cc: recipient list not shown: ; MBOX-Line: From redhat-watch-list-request@redhat.com Tue Mar 30 20:34:22 1999 Date: Tue, 30 Mar 1999 20:18:03 -0500 (EST) From: Cristian Gafton <gafton@redhat.com> X-Sender: gafton@alien.devel.redhat.com To: redhat-watch-list@redhat.com Subject: SECURITY: various packages updated (pine, mutt, sysklogd, zgv) Message-ID: <Pine.LNX.4.10.9903302014340.2576-100000@alien.devel.redhat.com> Approved: ewt@redhat.com MIME-Version: 1.0 Co...

...5c7b44a ./redhat-4.0/sendmail-8.8.2-3.i386.rpm c382b2698e817ee5c42412c2f1960d4b ./redhat-4.0/sendmail-8.8.2-3.src.rpm b0da7467c6ac654040599c592cde1460 ./redhat-4.0/sendmail-cf-8.8.2-3.i386.rpm deea3e46a4c56c71d83fe03e68ce883a ./redhat-4.0/sendmail-doc-8.8.2-3.i386.rpm Best regards, Cristian Gafton -- -------------------------------------------------------------------- Cristian Gafton gafton@sorosis.ro Computers & Communications Center Network Administrator 35 Moara de Foc St., Iasi 6600, ROMANIA Tel: +40-32-252938 http://www.cccis...

...gt; If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> 10. References: Cristian - -- - ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBOAPXb/G...

...e> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nopgp <filename> 10. References: Cristian - -- - ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBN8wvZfG...

I didn''t received any email since 18 Feb ? What is happening ? ?!?!? --------------------------------- Do you Yahoo!? Yahoo! Small Business - Try our new resources site! _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

...corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> 10. References: Thanks also go to Stan Bubrouski for reporting this problem. Cristian - -- - ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBOQCeJPG...

...10. References: http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000322182143.4498.qmail@securityfocus.com Thanks also go to Egmont Koblinger and the members of the Bugtraq list. Cristian - -- - ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBOPSTkfG...

...; If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nopgp <filename> 10. References: N/A Cristian - -- - ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBN8rd0PG...

...CERT Advisory AA-1999.01 ftp://www.auscert.org.au/security/advisory/AA-1999.01.wu-ftpd.mapping_chdir.vul AUSCERT Advisory AA-1999.02 ftp://www.auscert.org.au/security/advisory/AA-1999.02.multi.wu-ftpd.vuls Cristian -- ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K

...is vulnerability was discovered and researched by Allen Wilson and Dan Ingevaldson of Internet Security Systems. Red Hat would like to thank ISS for the assistance in getting this problem fixed quickly. Cristian - -- - ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBOQSvofG...

...OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * Separated from setup.c. --marekm + * Resource limits thanks to Cristian Gafton. + */ + +#include <sys/types.h> +#include <sys/stat.h> +#include <syslog.h> + +#include <stdio.h> +#include <utmp.h> +#include <pwd.h> + +#include <sys/resource.h> +#define LIMITS + +#ifdef LIMITS + +#ifndef LIMITS_FILE +#define LIMITS_FILE "/etc/limit...

...is vulnerability was discovered and researched by Allen Wilson and Dan Ingevaldson of Internet Security Systems. Red Hat would like to thank ISS for the assistance in getting this problem fixed quickly. Cristian - -- - ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBOQeN/f...