Bug 3782

Summary: PINE on bugtraq again!!
Product: [Retired] Red Hat Linux Reporter: Chris Evans <chris>
Component: pineAssignee: Mike A. Harris <mharris>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-02-03 16:39:58 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Chris Evans 1999-06-28 22:06:02 UTC 
Hi
Observe recent Bugtraq - PINE can be used by remote users to
take over local accounts.
Probably warrants an update?
Comment 1 Scott Delinger 1999-11-21 23:13:59 UTC 
Apparently 4.20 has a hole too, so any updates should be to 4.21 as well:

http://www.securityfocus.com/level2/bottom.html?go=vulnerabilities&id=810
Comment 2 Elliot Lee 2000-02-03 16:39:59 UTC 
pine-4.21-3 is in Rawhide, hopefully that will suffice.

I will bug people to make an errata release of this.
Comment 3 Elliot Lee 2000-02-03 18:35:59 UTC 
*** Bug 7559 has been marked as a duplicate of this bug. ***
Comment 4 Elliot Lee 2000-02-03 18:36:59 UTC 
*** Bug 7559 has been marked as a duplicate of this bug. ***
Comment 5 Elliot Lee 2000-02-03 18:37:59 UTC 
*** Bug 7178 has been marked as a duplicate of this bug. ***