------- Forwarded Message
Date: Mon, 28 Feb 2000 18:38:05 +0100
From: Ruud de Rooij <ruud at RUUD.ORG>
To: BUGTRAQ at SECURITYFOCUS.COM
Subject: nmh security update
-----BEGIN PGP SIGNED MESSAGE-----
Versions prior to 1.0.3 of the nmh package contained a vulnerability
where incoming mail messages with carefully designed MIME headers could
cause nmh's mhshow command to execute arbitrary shell code.
This bug has been fixed in nmh 1.0.3 and we encourage you to upgrade
immediately. The fixed package is available at
The MD5sum of nmh-1.0.3.tar.gz is 02519bf8f7ff8590ecfbee9f9500ea07.
For the nmh authors,
Ruud de Rooij.
ruud de rooij | ruud at ruud.org | ruud at debian.org | http://ruud.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
------- End of Forwarded Message
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!