Security Linux News for Jan 08, 2002
Two On Linux and China (Jan 08, 2002, 23:37)
"A report by the Chinese Academy of Sciences pointed out that if
all government organisations adopted Microsoft's products, the
government would have to shell out US$21.7 billion over the next
five years. But if homegrown Linux systems and software were used,
the total cost would wither down to just US$1.96 billion."
Red Hat Security Advisory: exim (Jan 08, 2002, 19:52)
"Updated exim packages are available, which fix a problem when
handling certain types of addresses with some configurations. The
default configuration does not exhibit this problem."
Red Hat Security Advisory: Updated stunnel packages available (Jan 08, 2002, 15:43)
"Stunnel is an SSL wrapper for applications. One feature of
Stunnel is the ability to negotiate SSL with protocols using the
'-n' flag. There are format string bugs present in the functions
which implement smtp, pop, and nntp client negotiations as supplied
with Stunnel versions 3.15 up to 3.21c."
IBM developerWorks: Linux Security for the Enterprise and Service Providers (Jan 08, 2002, 05:12)
"Here are a couple of white papers recently released by the IBM
T.J. Watson Research Center in January of 2002 concerning the state
of Linux Security for Enterprise systems. In addition to that you
can take a look at agood white paper containing informaion about
securing Linux Servers for Service Providers."
Red Hat Security Advisory: New mutt packages available to fix security problem (Jan 08, 2002, 00:48)
"New mutt packages that fix an overflow in mutt's address
parsing code are available. It is recommended that all mutt users
update to the fixed packages."
Red Hat Security Advisory: Updated stunnel packages available (Dec 20, 2000, 07:31)
"Stunnel version 3.8 (and earlier) contained a format-string
vulnerability. Version 3.9 closes this vulnerability."