[VIM] Re: Slackware security a tad behind.. (fwd)

[security curmudgeon]

---------- Forwarded message ----------

Hey folks,

-----
An advisory recently went out on NcFTP, but it appears that the issue
in question was fixed long ago in version 3.1.5, released on 2002-10-13.

I received an email at security at slackware.com from a well-meaning user
informing me that 3.1.9 had a security issue that was going unpatched:

> I just noticed that there is a new security update (version 3.1.9) for
> NcFTP client available, but the current Slacware Package Browser lists
> version ncftp-3.1.8-i486-1.

I then went to www.ncftp.com to verify this, and managed to misread the
site, thinking that an old security advisory pertained to 3.1.9.  I
imagine that's the same thing that happened to the person who wrote to
me.

Anyway, just to let you all know that if you already have 3.1.5 or newer
that there aren't any security issues affecting you that I'd consider
worth an advisory.  My apologies if this has been an inconvenience to
any Slackware users, or if the fine people at NcFTP or other
distributions have had to answer any questions about this.  I'll try to
read more carefully next time.  :-)

Take care,

Pat <volkerdi at slackware.com>
-----