COMMAND

    TclPro Debugger

SYSTEMS AFFECTED

    TclPro Debugger beta release 1 & 2

PROBLEM

    The  1.0  beta  1  &  1.0  beta  2 releases of the TclPro Debugger
    contain  a  security  hole.  A  bug  in  those  releases makes the
    debugger vulnerable to malicious attacks on the port the  debugger
    listens  on  for  connections  with  Tcl  applications.   This was
    reported by Ray Johnson.

SOLUTION

    It is suggested  that  if  you  are  currently using either TclPro
    Debugger beta 1 or beta 2 that you stop using it and download  the
    beta 3 version of TclPro Debugger. The beta 3 release contains  no
    known  security  related  bugs.   As  with  any  beta software, we
    recommend that you never run  the debugger as root or  on machines
    that are critical to your environment.