Bug 53202 - xinetd-2.3.0-3 obsolete; please upgrade at least to 2.3.3
xinetd-2.3.0-3 obsolete; please upgrade at least to 2.3.3
Status: CLOSED RAWHIDE
Product: Red Hat Public Beta
Classification: Retired
Component: xinetd (Show other bugs)
roswell
All Linux
medium Severity medium
: ---
: ---
Assigned To: Trond Eivind Glomsrxd
Ben Levenson
:
: 53278 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-09-04 22:11 EDT by Erich Schwarz
Modified: 2007-04-18 12:36 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-09-04 22:12:03 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Erich Schwarz 2001-09-04 22:11:59 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.76 [en] (X11; U; Linux 2.4.1-0.1.9 i686)

Description of problem:
1. A bug was found in xinetd's string handling routines. All versions of
xinetd prior to 2.3.1 are vulnerable. 

2. The mailing list for xinetd shows that there are at least two serious 
bugs in xinetd that have only just been fixed and so cannot be in Red Hat
7.1.93. 
These bugs manifest themselves when xinetd is heavily loaded and also for 
daemons where you have to specify the "wait" option.

Version-Release number of selected component (if applicable): 2.3.0-3


How reproducible:
Didn't try


Additional info:

I haven't reproduced these bugs because they're already public knowledge on
www.xinetd.org and on the xinetd mailing lists.  That doesn't mean that
keeping xinetd-2.3.0-3 instead of upgrading to 2.3.3 wouldn't be a serious
mistake.
Comment 1 Trond Eivind Glomsrxd 2001-09-05 12:30:54 EDT
2.3.3 is already in rawhide, and if you read the changelog you'll find that some
of the fixes originate from here - we are aware of these issues.
Comment 2 Trond Eivind Glomsrxd 2001-09-05 20:15:17 EDT
*** Bug 53278 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.