>Number:         10927
>Category:       pkg
>Synopsis:       net/xchat security update
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Thu Aug 31 15:15:00 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     Markus Kurek
>Release:        
>Organization:
>Environment:

>Description:
All versions of  xchat prior 1.5.7 are affected  by the 
"Command Execution Via URLs Vulnerability"
See http://www.securityfocus.com/frames/?content=/vdb/bottom.html%3Fvid%3D1601
for details.

>How-To-Repeat:


>Fix:

--- Makefile.orig       Mon Jul 31 18:05:08 2000
+++ Makefile    Fri Sep  1 00:00:27 2000
@@ -1,8 +1,8 @@
 # $NetBSD: Makefile,v 1.12 2000/03/13 10:46:45 tron Exp $
 
-DISTNAME=      xchat-1.5.6
+DISTNAME=      xchat-1.5.7
 CATEGORIES=    net x11 gnome
-MASTER_SITES=  ${HOMEPAGE}/files/source/1.4/
+MASTER_SITES=  ${HOMEPAGE}/files/source/1.5/
 EXTRACT_SUFX=  .tar.bz2
 
 MAINTAINER=    tron@netbsd.org
--- files/md5.orig      Mon Jul 31 18:05:08 2000
+++ files/md5   Fri Sep  1 00:00:07 2000
@@ -1,3 +1,3 @@
 $NetBSD$
 
-MD5 (xchat-1.5.6.tar.bz2) = 17a53c685565b13e0b52bb17a199965d
+MD5 (xchat-1.5.7.tar.bz2) = ba2355ba786609d7b7c61074b3c39657



>Release-Note:
>Audit-Trail:
>Unformatted: