-----BEGIN PGP SIGNED MESSAGE-----

===========================================================================
              AUSCERT External Security Bulletin Redistribution
                                      
                                      
                    ESB-98.050 -- Red Hat Linux Bulletin
                           Vulnerabilities in Lynx
                                2 April 1998

===========================================================================

Red Hat Software, Inc. has released the following advisory concerning some
vulnerabilities in the lynx program.

The following security bulletin is provided as a service to AUSCERT's
members.  As AUSCERT did not write this document, AUSCERT has had no
control over its content.  As such, the decision to use any or all of this
information is the responsibility of each user or organisation, and should
be done so in accordance with site policies and procedures.

NOTE: This is only the original release of the security bulletin.  It will
not be updated when the original bulletin is.  If downloading at a later
date, it is recommended that the bulletin is retrieved from the original
authors to ensure that the information is still current.

Contact information for Red Hat Software is included below.  If you have any 
questions or need further information, please contact them directly. 

For more information from Red Hat Software visit:  http://www.redhat.com

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/Information/advisories.html

If you believe that your system has been compromised, contact AUSCERT or your
representative in FIRST (Forum of Incident Response and Security Teams).

Internet Email: auscert@auscert.org.au
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AUSCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for emergencies.
Facsimile:      (07) 3365 7031


- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----



Security problems have been found in lynx which allows remote web
sites to cause lynx to do unwise things. Red Hat suggests all users
of Red Hat Linux upgrade to the new release of lynx.

Red Hat 5.0
- - -------------

i386:
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/lynx-2.8-1.i386.rpm

alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/alpha/lynx-2.8-1.alpha.rpm

Red Hat 4.2
- - -------------

i386:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/lynx-2.8-0.i386.rpm

alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/lynx-2.8-0.alpha.rpm

SPARC:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/lynx-2.8-0.sparc.rpm


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNSK2q6Ug6PHLopv5AQES8QQAg7Ng9j2df0lMfvlAXsSX39zPZwpq+rIZ
rFj+UEeZHD+1wxdjIiI6xfrqTXceQjO0GgEL4LtcDIC+fYHx4tI0x6ITPdyK13iY
O7RV2qGS8XoiIPUQx2pwf7uGLl0eXymK/6BSDM0Wt6ITRgE4QFVYNTuQpBWA1Itk
4p3xFRr6/84=
=lYR+
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key

iQCVAwUBNSjfayh9+71yA2DNAQH2qAP/Zs/7/DJWrAaiUx6izTDXtm0kOvXuWqkb
JNpWd/6arb3Ozayp+SibP3htXNXvWnKnWGOxD+psFd1VN7TtQjCAZf+rOL8uLdIl
YsRwlzyfGJNn600khUIJwj2x5e60eMLfEcPpHpVXE+CagIK/QD8wkpYA+c+PexGE
avVgXeuVs7o=
=ViQb
-----END PGP SIGNATURE-----