"Updated analog packages are available which fix a buffer overflow
vulnerability. Previous releases of analog were vulnerable to a buffer overflow
vulnerability where a malicious user could use an ALIAS command to
construct very long strings which were not checked for length." Details at LinuxToday.
February 23, 2001