Weekly Linux Security Digest 2000/08/14 to 2000/08/20

[SP] Another messy week. Xlock/Xlockmore (a common screen saver) has a format bug in the processing of a command line option. This affects Linux and BSD versions. Zope has a flaw that allows users to gain additional roles while editing DHTML, and vendors are still releasing updates for problems from last week (rpc, perl, mailx, etc.). A very bad hole in the Lyris list manager's Web interface allows an attacker to trivially gain administrative access to the list.