<<< Date Index >>>     <<< Thread Index >>>

Re: IRIX libcpr vulnerability



SGI Security Coordinator <agent99@xxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> ______________________________________________________________________________
> 
>                           SGI Security Advisory
> 
>    Title:      libcpr vulnerability
>    Number:     20040507-01-P
>    Date:       May 26, 2004
>    Reference:  SGI BUG 914419
>    Reference:  CVE CAN-2004-0134
>    Fixed in:   Patches 5606, 5607, 5608, 5609 and 5610
> ______________________________________________________________________________

The patches are not readable on the ftp server:

ftp://patches.sgi.com/support/free/security/patches/6.5.22:

-rw-r-----    1 21          4079 May 26 09:32 patch5609.pgp.and.chksums
-rw-r-----    1 21          3666 May 26 09:32 patch5609.relnotes
-rw-r-----    1 21       1761280 May 26 09:32 patch5609.tar

This has happened before, so I don't know if it's a matter of the upload
script not having completed yet or not.  But one would assume that the
patches are readable at the time the SA is published...

-Jan

-- 
DON'T PANIC!

Attachment: pgpqQSQZ0esUN.pgp
Description: PGP signature