NOTE!! Does _not_ affect RH6.0 or newer because of a netkit source change
Just a bug FYI, in case you're still supporting 5.2
See bogus use of fprintf() in announce.c: print_mesg(). "%s" is missing.
May be remotely exploitable.
If I had a RH5.2 machine I'd reseach this but.... :-)
See Bugtraq post here for someone who spotted this change in the OpenBSD
Thanks for reporting, but 5.2 is now out of the supported systems.
Read ya, Phil
PS: I just took over our internal ownership of this package, so i can't tell you
why there hasn't been done a fix earlier. :)