Remote Linux Groff Exploitation Via LPD Vulnerability Solution:
Zenith Parsec supplied an unofficial source code patch.
NetBSD has released an advisory. Users are advised to upgrade the pic(1) binary.
Users of NetBSD-current are advised to upgrade to NetBSD-current dated 2002-09-28 or later. Users of NetBSD 1.6 are advised to upgrade from NetBSD 1.6 sources dated 2002-10-03 or later. Users of NetBSD 1.5 through 1.5.3 from NetBSD 1.5.* sources dated 2002-09-28 or later. Further details are available in the referenced advisory.
Upgrades are available for users of Gentoo Linux. They may be applied by issuing the following commands:
emerge rsync
emerge groff
emerge clean
Updated packages that rectify this issue are available:
jgroff jgroff 1.15
GNU groff 1.15
GNU groff 1.16
