From Bugzilla Helper: User-Agent: Mozilla/4.76 [en] (X11; U; Linux 2.4.1-0.1.9 i686) Description of problem: 1. A bug was found in xinetd's string handling routines. All versions of xinetd prior to 2.3.1 are vulnerable. 2. The mailing list for xinetd shows that there are at least two serious bugs in xinetd that have only just been fixed and so cannot be in Red Hat 7.1.93. These bugs manifest themselves when xinetd is heavily loaded and also for daemons where you have to specify the "wait" option. Version-Release number of selected component (if applicable): 2.3.0-3 How reproducible: Didn't try Additional info: I haven't reproduced these bugs because they're already public knowledge on www.xinetd.org and on the xinetd mailing lists. That doesn't mean that keeping xinetd-2.3.0-3 instead of upgrading to 2.3.3 wouldn't be a serious mistake.
2.3.3 is already in rawhide, and if you read the changelog you'll find that some of the fixes originate from here - we are aware of these issues.
*** Bug 53278 has been marked as a duplicate of this bug. ***